Hello everyone At the moment, there are reports about unfixed privilege escalation vulnerabilities in the GSM kernel module (n_gsm) in the tech news. This kernel module is shipped with Debian by default. Two security researchers both claim credit for their discovery[1][2]. Neither researcher do not name any CVE numbers. The Openwall discussion names several CVE numbers: CVE-2023-6546 and VE-2023-52564. It is not clear to me whether it is one or multiple vulnerabilities. However, many Linux users and admins are worrying but cannot find workarounds or recommendations from a trusted source. A proposed fix was published, but has already been called ineffective by security researchers[3]. After some research and discussion with Moritz Mühlenhoff, I believe it is sufficient to blacklist[4] the n_gsm module. To achieve this, create a file /etc/modprobe.d/n_gsm.conf with the following content: blacklist n_gsm install n_gsm /bin/true For anyone who do not use GSM on their server or workstation, this probably does not have any downsides. Best regards Stephan [1] https://github.com/YuriiCrimson/ExploitGSM [2] https://jmpeax.dev/The-tale-of-a-GSM-Kernel-LPE.html [3] https://www.openwall.com/lists/oss-security/2024/04/12/1 [4] https://wiki.debian.org/KernelModuleBlacklisting
Attachment:
signature.asc
Description: This is a digitally signed message part