Serious Linux kernel error found in RDS

Linux systems running kernels before 5.0.8 require patching after news came of a serious error that could be exploited remotely.

According to the NIST consultancy, CVE-2019-1181 is a racing condition that affects the kernel rds_tcp_kill_sock in net / RDS / tcp.c "Leading to a use-after-free, related to net namespace cleanup."

The RDS bit refers to systems running the Reliable Datagram Sockets (RDS) for the TCP module, which means that only systems running applications that use this are affected.

The striking part is that this opens unpatched systems for remote compromise and denial of service without the need for system rights or user interaction.

On the other hand, the attack complexity is described as & # 39; high & # 39; and such an attack should be initiated from the local network. That explains why it has received a CVSS 3.0 impact score of 5.9 with an exploitability score of just 2.2.

We get some clues as to the complexity required for exploitation in comments added to Red Hat's advice that the attacker "needs to manipulate the socket status while a network namespace is being broken." So, not easy then.