Linux Kernel Console Keyboard Mapping Vulnerability

Filed under
Linux

Rudolf Polzer has reported a vulnerability in the Linux Kernel, which potentially can be exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to the way console keyboard mapping is handled. Successful exploitation allows malicious console users to inject arbitrary shell commands into certain key mappings.

The vulnerability has been reported in Kernel 2.6. Other versions may also be affected.

Full Advisory.