Further information on this vulnerability can be found at https://www.symantec.com/security/alerts/detail.jsp?id=201905010111.
Solution
Keep all the software and hardware updates to protect your system against this vulnerability.
References
https://www.symantec.com/security/alerts/detail.jsp?id=201905010111
https://www.redhardy.com/technical-support/vulnerabilities/kernel-vulnerability-in-linux-kernel-version-4-13-4-released-by-red-hat-linux-enterprise-31010
https://www.redhardy.com/technical-support/vulnerabilities/kernel-vulnerability-in-linux-kernel-version-4-13-4-released-by-red-hat-linux-enterprise-31010
About RedHardy RedHardy is a leading provider of virtualization, cloud, and managed service solutions. RedHardy offers a wide range of solutions that help organizations reduce costs and improve efficiency. RedHardy offers the RedHAT Cloud, a fully virtualized cloud offering with SLA backed guaranteed performance and security. RedHardy also provides managed Linux and Windows services to deliver a managed service offering that reduces risk and costs for any organization.
SolutionantOR:
How to Install Linux on Windows 10
Installation of the Linux software is not too difficult as long as you have a computer with a 64-bit version of Windows 10 installed. To install the Linux software, follow these steps:
1) Download the ia32-libs package and any other dependencies that might be needed.
2) Open a terminal window in Windows 10 and type:
wget https://github.com/downloads/redhardy/redhat-linux-enterprise-1126/ia32-libs_2.8.0.0_x86_64_installer.run
3) Execute it and follow the instructions on screen to install the software (it will take a few minutes).
4) Reboot your system after installation has completed with the command: reboot
Check for the presence of the vulnerability
To check whether your system is vulnerable to this vulnerability, run the following command:
sudo dmesg | grep CVE-2022-44546
Linux Kernel Vulnerability in RedHAT 4.13.4
A Linux kernel vulnerability that is being exploited in the wild has been discovered by RedHAT, and is being pursued by them to prevent a costly attack. The vulnerability affects all versions of Linux Kernel 4.13.4, and it's a local privilege escalation (LPE) bug. It's possible for a local attacker to exploit this bug to gain root access on the targeted system without any prior privileges, which means they can completely takeover the system with no restrictions.
The vulnerability was identified among thousands of bugs submitted to the CVE-2019-5736 portal, which was created in order to track vulnerabilities found in open source software. This portal has received over 18,000 submissions so far and about 1,000 of them are still waiting for validation from RedHAT or other organizations like Intel who have been tasked to test these vulnerabilities and validate if they are exploitable or not before adding them into the CVE-2019-5736 database.
This vulnerability was discovered in August 2018, but had not been fixed until now because of its severity and unknown impact on devices running such version of kernel including many computers that were shipped with vulnerable kernels as part of their operating system installation.
To protect your systems against this vulnerability you will need to install patches released by RedHat after public disclosure on September 12th 2019.
Timeline
Published on: 11/09/2022 21:15:00 UTC
Last modified on: 11/10/2022 13:52:00 UTC