Security Architecture, Endpoint/Device Security, Network Security, Security Strategy, Plan, Budget, Vulnerability Management, Patch/Configuration Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Patched Linux bugs nix Spectre mitigations

Oracle Co-Founder Larry Ellison delivers a keynote address at the Oracle OpenWorld conference in 2006. Kaspersky researchers recently discovered a new file-encrypting Trojan built as an executable and linkable format (ELF) that encrypts data on machines controlled by Linux-based operating systems.(Justin Sullivan/Getty Images)

Two Linux bugs patched this month could allow hackers to sidestep mitigations for the infamous Spectre vulnerability.

"If left unpatched, the vulnerabilities mean that existing Spectre protections will not be sufficient to prevent some exploitation techniques," wrote Symantec in a blog post.

Spectre is a flaw in speculative execution in Intel, ARM and AMD processors that first came to light in 2018. The vulnerability could ultimately reveal the contents of memory.

Patches for CVEs 2020-27170 and 2020-27171, both disclosed by Symantec's Piotr Krysiuk, published on March 17, and versions of Linux available on March 20 contain the patch.

According to Symantec's write up, the two vulnerabilities stem from Berkeley Packet Filters intended to catch Spectre attacks that prove insufficient. CVE-2020-27170 allows hackers to obtain any content stored in kernel memory, including sensitive data, while CVE-2020-27171 allows similar access in a four gigabyte range of kernel memory.

"The most likely scenario where these vulnerabilities could be exploited is in a situation where multiple users have access to a single affected computer – as could be the case in workplace situations etc.," wrote Symantec. "In this scenario, any of the unprivileged users could abuse one of the identified vulnerabilities to extract contents of the kernel memory to locate secrets from other users."

Symantec noted, however, that hackers could also use the vulnerabilities with a prior step including installing malware.

Joe Uchill

Joe is a senior reporter at SC Weekly, focused on policy issues. He previously covered cybersecurity for Axios, The Hill and the Christian Science Monitor’s short-lived Passcode website.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.