PRUEBA AHORA

Linux «StackRot» Kernel Vulnerability Audit

Operating System Security Vulnerability

Discover Linux Devices Vulnerable to CVE-2023-3269 «StackRot»

Linux has released a security update to address the StackRot vulnerability that affects Linux kernel versions 6.1 through 6.4. The bug can be triggered with minimal capabilities and allows a user to compromise the kernel and elevate privileges. So far there are no signs of the flaw being exploited in the wild. Full details about the issue along with a complete exploit code are expected to be made public by the end of the month. The issue has been fixed in stable versions 6.1.37, 6.3.11, and 6.4.1 as of July 1. All users are advised to update any vulnerable devices as soon as possible. You can find more information in our Linux «StackRot» Vulnerability blog post.

To help you locate vulnerable Linux devices, the report below will give you an overview of all devices running versions 6.1 through 6.4. This way you have an actionable list of installs that may need your intervention.

 

Linux "StackRot" Kernel Vulnerability Audit Lansweeper On-Prem Query

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tblAssets.Username,
tblAssets.Userdomain,
Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblLinuxSystem.osrelease,
tblLinuxSystem.kernelrelease,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
inner join tblLinuxSystem on tblLinuxSystem.AssetID = tblassets.AssetID
Inner Join tblState On tblState.State = tblAssetCustom.State
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where (tblLinuxSystem.kernelrelease like '6.1%'
or tblLinuxSystem.kernelrelease like '6.2%'
or tblLinuxSystem.kernelrelease like '6.3%'
or tblLinuxSystem.kernelrelease like '6.4%')
and tblState.Statename = 'Active'
Order By tblAssets.Domain,
tblAssets.AssetNameCopied!

Show

Hide