Novel Linux kernel vulnerability exploitable for elevated privileges

Attackers could leverage the new StackRot vulnerability in the Linux kernel to facilitate privilege escalation in targeted hosts, The Hacker News reports. Linux versions 6.1 to 6.4 are affected by the use-after-free flaw, tracked as CVE-2023-3269, which originated from the maple tree data structure that replaced red-black tree for virtual memory area management and storage, said Peking University security researcher Ruihan Li. No active exploitation has been reported for the security bug, which has already been addressed in versions 6.1.37, 6.3.11, and 6.4.1 released this month. "As StackRot is a Linux kernel vulnerability found in the memory management subsystem, it affects almost all kernel configurations and requires minimal capabilities to trigger. However, it should be noted that maple nodes are freed using RCU callbacks, delaying the actual memory deallocation until after the RCU grace period. Consequently, exploiting this vulnerability is considered challenging," said Li. Public availability of a proof-of-concept exploit and technical bug information is expected by month's end.