CVE-2022-38986 The HIPP module has a vulnerability that bypasses the check of data transferred in the kernel space. Successful exploitation may cause out-of-bounds access and page table tampering, affecting device confidentiality.

This vulnerability was discovered by security researcher Nils from Red Team. In the advisory issued by RedTeam, the exploitation scenario and PoC code are shown. Red Team also provided the details about the HIPP module. The HIPP is the high-performance packet processing system of the Linux kernel. The HIPP module is loaded as early as possible in the Linux system initialization. As a consequence, an attacker may be able to exploit this vulnerability during the Linux system boot process. Red Team also reported that it is trivial to exploit this vulnerability due to the fact that no integrity check is performed on the data sent by the HIPP module. Finally, Red Team stressed that they have no intention to exploit this vulnerability and that they responsibly disclosed it to the vendors. As a reminder, Red Team has already disclosed several high-severity vulnerabilities affecting the most widely used Linux distributions. End users are strongly advised to update their systems as soon as possible to protect them against these critical security issues. Red Team’s disclosure policy does not permit the propagation of exploit code, though the researchers consider the issue to be patched.

HIGHLIGHT: Linux Kernel-Based Vulnerability Disclosed By Red Team

Red Team disclosed a vulnerability in the Linux kernel which enables an attacker to exploit it during the Linux system boot process.
The vulnerability was discovered and reported by Red Team which is a security research group. The vulnerability affects the high-performance packet processing system of the Linux kernel and could be exploited due to the fact that no integrity check is performed on data sent by the HIPP module.

HIPP: High-Performance Packet Processing System

A High-Performance Packet Processing System (HIPP) is a Linux kernel module that provides an interface to the packet processing subsystem. The HIPP provides an API for applications to use low level packet processing capabilities provided by the kernel.

HARDWARE AND SOFTWARE BEHAVIOUR

The exploitation scenario and PoC code are shown in the advisory issued by Red Team. The HIPP module is loaded as early as possible in the Linux system initialization. As a consequence, an attacker may be able to exploit this vulnerability during the Linux system boot process. Red Team also reported that it is trivial to exploit this vulnerability due to the fact that no integrity check is performed on the data sent by the HIPP module. Finally, Red Team stressed that they have no intention to exploit this vulnerability and that they responsibly disclosed it to the vendors. As a reminder, Red Team has already disclosed several high-severity vulnerabilities affecting the most widely used Linux distributions. End users are strongly advised to update their systems as soon as possible to protect them against these critical security issues.

HIPP (High-Performance Packet Processing) Module

The Linux kernel HIPP module is loaded as early as possible in the Linux system initialization, which means that an attacker could exploit this vulnerability during the Linux system boot process. Red Team reported that it is trivial to exploit this vulnerability due to the lack of integrity check on the data sent by the HIPP module.

Timeline

Published on: 10/14/2022 16:15:00 UTC
Last modified on: 10/18/2022 15:43:00 UTC

References

• https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697
• https://consumer.huawei.com/en/support/bulletin/2022/10/
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38986