A local privilege escalation vulnerability is found in Linux kernel 4.10.1 and earlier versions; for example, Authentication Manager 8.x running on Linux Kernel version 3.0.101.
Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.
CVSS v3 Base Score: 7.8 High Security Alert (A17-03-05): Vulnerability in Linux Kernel Affected Systems:
Linux Operating System (on 32-bit and 64-bit) based on kernel 4.10.1 and earlier versions
Summary: A local privilege escalation vulnerability is found in the Linux kernel 4.10.1 and earlier versions. The vulnerability is caused by a race condition flaw in the kernel driver. A local attacker may leverage this vulnerability in the affected systems to gain root privileges.
Impact: Successful exploitation could lead to denial of service, elevation of privilege or compromise of a vulnerable system.
Recommendation: The vulnerability is fixed in some of the Linux distributions. Linux system administrators should check with their product vendors to confirm if their Linux systems are affected and the availability of patches, and if so, upgrade to the fixed versions or follow the recommendations provided by the product vendors to mitigate the risk.
DITSOs (or your delegates) are also requested to inform relevant system administrators as appropriate about this issue.
Successful exploitation could lead to denial of service, elevation of privilege or compromise of a vulnerable system.
Response: The flaw exists but does not add additional risk.
This vulnerability allows an escalation of privilege for local, unprivileged users. The RSA Authentication Manager 8.x Appliance has only a single user with access to logon to the system and this user already has access to full system root privileges.
Read and use the information in this RSA Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact RSA Software Technical Support at 1- 800 995 5095. RSA Security LLC and its affiliates, including without limitation, its ultimate parent company, EMC Corporation, distributes RSA Security Advisories in order to bring to the attention of users of the affected RSA products, important security information. RSA recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided 'as is' without warranty of any kind. RSA disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall RSA, its affiliates or suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if RSA, its affiliates or suppliers have been advised of the possibility of such damages. Some jurisdictions do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.