5 Common Linux Security Vulnerabilities

5 Common Linux Security Vulnerabilities

There is no open source community quite as large and dedicated as Linux, but even then, it would be unwise to think that the OS is impenetrable. Since its inception in the early 90s, the Linux operating system has experienced its share of vulnerabilities, some of which could still pose a threat to your system today.

Even with current counts of over 15,000 developers from more than 1,400 companies, including IT giants Microsoft and Samsung, adding to the 24 million lines of code making up its kernel, Linux still has its shortcomings.

Many outdated third-party software programs create holes in Linux systems that are easily exploited. Unauthorized entry into unsecured systems can be gained by exploiting outdated MySQL, OpenSSL, VNC, PHP and Apache software, especially over an unstable network.

Poor data backup practices among Linux admins is leading to an unprecedented rise in data loss following critical system failures. Many organizations running Linux simply neglect to back up the entire operating system and instead prefer to keep basic copies of its files. The running myth is that Linux-based systems are secure to the point of being perpetually non-critical.

Poor password enforcement is sadly becoming a habit witnessed among Linux admins, who are often lax when it comes to forming usernames and passwords that are not so easy to decipher.

Patches have become bread and butter for systems like Windows, which is why it is surprising that the more secure Linux doesn’t share the same level of patch management. This sort of deliberate overlook leaves many Linux systems exposed with vulnerabilities that can be exploited even with the Mesaploit tool, which can now be used to hack into Android systems.

Linux lacks the same level of fortitude seen with some other systems, a fact that is painfully obvious because many core services are available to anyone with access to the system. Intercepted communications, exposed sensitive files and user account infiltration are some of the potential outcomes of an attack on any Linux system due to easy penetration.

These shortcomings have led to vulnerabilities within the system, and while the majority of them have been patched, some remain to be a nagging thorn in the side of the developers.

These are some of the top vulnerabilities that have plagued various Linux operating systems:

  1. CVE-2017-18202

With a high critical vulnerability score, this is one of the most persistent weaknesses in the Linux system.

The vulnerability can be found in the mm/oom_kill.c file, which is responsible for killing processes when memory runs low. Linux versions before 4.14.4 are susceptible to this vulnerability, which can be exploited to trigger a copy_to_user command, cause a Denial of Service (DoS) attack, or force the component to handle gather files incorrectly.

Fortunately, the Linux team has addressed this vulnerability, and the fix can be found here.

  1. CVE-2018-8822

This vulnerability mostly affects Linux versions with the NCPFS implementation. The vulnerability causes the system to neglect checks on user-data and validation of server replies.

When exploited, hackers can cause memory corruption and DoS attacks through remote code executions. It affects versions 4.15.11 through to some components of versions 4.16-c6.

  1. CVE-2017-18017

The main function of this component is to filter network communications, specifically by defining the maximum size of the segment when accepting TCP headers. It lies on the Linux kernel and controls the flow of communications.

The vulnerability within it allows hackers to flood a compromised system with enough communications to knock it offline with a simple DoS attack. Being a kernel-level vulnerability, it has a bigger overall impact on the system’s foundation. Linux versions before 4.11 and 4.9.36 are listed as affected.

  1. CVE-2017-15126

Known otherwise as a use-after-free vulnerability, this bug can be used to exploit arbitrary code, and in some cases, it can support full remote code execution. Versions before 4.13.6 contain this vulnerability in the fs/userfault.c component, which is tasked with the handling of fork failure when it comes to even messages.

It can be exploited to execute an arbitrary code within the kernel, with failed exploitation attempts resulting in DoS.

  1. CVE-2018-1000026

This vulnerability is known as an insufficient input validation bug that affects the bnx2x network card driver in Linux kernel versions starting from version 4.8 and later. The vulnerability can be most easily exploited using a large special packet that can launch a DoS attack on the network card, knocking it offline.


As vigilant as the open source community is when it comes to these vulnerabilities, the first line of defense against hackers is you. It’s important to keep yourself aware of the latest patches and updates on your system, to avoid negative impacts from these vulnerabilities.


Sophie is a marketing specialist at Security Gladiators. A writer by day and a reader by night, she is specialized in tech and cybersecurity. When she is not behind the screen, Sophie can be found playing with her dog.

Previous articleA Tale of a CTF Challenge
Next articleProxmark 3 RDV4 Kit Review
These posts are published by Guest Authors. If you want to publish and post related to Cyber Security use this page >: https://securitytraning.com/write-for-us/



Please enter your comment!
Please enter your name here