I'm wondering is it possible to harm kernel (by injecting shared library, loadable module or something like that) without root. If yes, how hackers can achieve it?
Asked
Active
Viewed 126 times
0
-
2Unless there is a bug you can't do. But [bugs happen](http://seclists.org/oss-sec/2017/q1/471). – Steffen Ullrich Feb 23 '17 at 19:03
-
1Look up cpu rings. There are some hardware protections that limit the behavior of certain types of software. – Alex Feb 23 '17 at 19:35
1 Answers
1
There's not supposed to be any way for unprivileged users to modify the running kernel. The two ways that such an attack could happen are either to first exploit a bug in a privileged service or setuid binary to give them root (such as CVE-2010-1646, the secure path vulnerability in sudo), or to exploit a bug in the kernel itself (such as CVE-2017-6074, the DCCP double-free vulnerability).
Joseph Sible-Reinstate Monica
- 7,110
- 3
- 21
- 35