The Linux kernel team has released a patch to fix a security bug that could allow an attacker to execute code with elevated privileges.

The issue — tracked as CVE-2017-15265 — is a use-after-free memory corruption issue that affects ALSA (Advanced Linux Sound Architecture), a software framework included in the Linux kernel that provides an API for sound card drivers.

In layman's terms, the bug takes place because the kernel ALSA code allowed an attacker to call a function, delete its output, but still use the output in another function. This is known as a user-after-free vulnerability, a known attack vector, and a common memory management issue.

ALSA developers provide an in-depth explanation for the bug and patch in the ALSA mailing list. Venustech ADLab (Active-Defense Lab) researchers discovered the bug.

Bug requires local access but provides root access

There are good news and bad news. The good news is that the attacker needs a foothold on a vulnerable machine.

This requires infecting the user through malware or other tactics. The bad news is that the attacker can use the ALSA kernel flaw to elevate access from a limited user account to root privileges.

The Linux kernel team has fixed the issue in v4.13.4-2, and the patch is currently trickling down to the multitude of Linux distros, such as Red Hat, Debian, Ubuntu, Suse, and others.

Torvalds on fuzzing: Very nice to see.

In unrelated news, Linus Torvalds has praised the Linux community's efforts of using fuzzing to discover and help patch new security issues.

"The other thing perhaps worth mentioning is how much random fuzzing people are doing, and it's finding things," Torvalds said.

"We've always done fuzzing (who remembers the old 'crashme' program that just generated random code and jumped to it? We used to do that quite actively very early on), but people have been doing some nice targeted fuzzing of driver subsystems etc, and there's been various fixes (not just this last week either) coming out of those efforts.

"Very nice to see," Torvalds added.

Several security issues have been found and patched in the Linux kernel in the past year thanks to fuzzing [1, 2, 3].