Check Point fixes a 20-year-old Linux security issue
For around two decades now, hackers have exploited the design of the memory management system used by Linux programs in order to take control of a target's computer.
Now though researchers at Check Point have introduced a new security mechanism for Linux users called 'safe-linking' which means attackers will need more than one vulnerability in order to take over the program.
Safe-Linking protects a simple data structure called a 'single-linked-list', this is a list of elements in which one element points at the next element and so on until the end of the list is reached. The safe-linking method masks the arrow, the pointer from one element to another, using a secret value. Without this value, attackers can't change the memory to modify the stored pointer. So an attacker will need to design their attack based on a secret that is stored in memory, which will have to leak before they can launch their attack. This enhances security because memory leak vulnerabilities are hard to find.
"What I find interesting is that we managed to bridge the gap between the world of vulnerabilities to the world of software development," says Check Point's technology lead, Eyal Itkin. "While exploit developers have been aware of this problem for many years now, the developers of the libraries weren't aware of a problem -- so nothing got fixed. By giving developers the feedback, along with an idea for a fix, we managed to close this issue once and for all. Linux users should be aware of this update and make sure they switch to using the most updated version of their standard library, once it gets released."
You can read more about the fix on the Check Point blog.