Recently, a security researcher Chris Evans released a well-written exploit that uses rather unusual methods to exploit memory corruption vulnerability in Gstreamer.
There are two security protections built into Linux – address space layout randomization (ASLR) and data execution protection (DEP). The second one is meant to block an exploit’s ability to load into memory (No-Execute), while the first one is meant to randomize where code loads into memory and consequently limit exploit’s impact on a system to a crash rather than compromise.
The exploit in question was written specifically for Linux distribution Fedora version 24 to attack ASLR and DEP. To be more specific, it was written to exploit the Gstreamer framework by bypassing the protections with carefully written code that is arranged in such a way as to essentially disable ASLR and DEP.
The exploit was released as a FLAC file and it exploits the GStreamer vulnerability and also attacks Rhythmbox and Totem media players. But, since it was written only for Fedora, it would threaten only the small number of users who play media on the platform. In other words, it wouldn’t pose a threat to any other Linux distribution.
Still, an exploit like this demonstrated how it’s entirely possible to work around pretty much any vulnerability, and will, therefore, move the state of Linux security forward.
Source:
Digital Trends (http://www.digitaltrends.com/computing/linux-researcher-releases-linux-exploit-attacks-fedora/)
Security (https://scarybeastsecurity.blogspot.rs/2016/11/0day-exploit-advancing-exploitation.html)
Chanwoo's Weekly Tech 