May 6, 2021

Two Year Old Linux Backdoor Found

Links:

  • https://blog.talosintelligence.com/2021/04/vuln-spotlight-linux-kernel.html
  • https://threatpost.com/linux-kernel-bug-wider-cyberattacks/165640/
  • https://www.zdnet.com/article/linux-kernel-vulnerability-exposes-stack-memory/
  • https://www.youtube.com/watch?v=6d7EN1tbxQY&t=359s


└─$ ./kvi-cli.py cve 2020-28588 -crsz


 [*] Searching cve-[['2020-28588']] vulnerability definitions within Kenna.VI+....


[ CVE Description ]
 [*] CVE_ID   : CVE-2020-28588
 [*] CVE_Desc : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

 [*] Vuln_Risk          : 25.0
 [*] Exploited [Trend]  : 0 [holding]
 [*] Exploit/likelihood : False None
 [*] C:2020-11-13 / P:[None] / L:[None]

[ Links / References ]
 [*] Exploits :
     [ --> ] None
 [*] Fixes :
     [ --> ]  external_id : ubuntu-cve-2020-28588
     [ --> ]          url : None
     [ --> ]      product : None
     [ --> ] published_at : 2021-02-25T00:00:00Z

     [ --> ]  external_id : 198279
     [ --> ]          url : https://usn.ubuntu.com/4750-1/
     [ --> ]      product : None
     [ --> ] published_at : 2021-03-15T13:25:49Z

     [ --> ]  external_id : 198280
     [ --> ]          url : https://usn.ubuntu.com/4751-1/
     [ --> ]      product : None
     [ --> ] published_at : 2021-03-15T13:25:49Z

     [ --> ]  external_id : 198281
     [ --> ]          url : https://usn.ubuntu.com/4752-1/
     [ --> ]      product : None
     [ --> ] published_at : 2021-03-15T13:25:49Z

     [ --> ]  external_id : 159135
     [ --> ]          url : https://linux.oracle.com/errata/ELSA-2021-9140.html
     [ --> ]      product : None
     [ --> ] published_at : 2021-04-05T13:40:50Z

     [ --> ]  external_id : 159136
     [ --> ]          url : https://linux.oracle.com/errata/ELSA-2021-9141.html
     [ --> ]      product : None
     [ --> ] published_at : 2021-04-05T13:40:50Z

     [ --> ]  external_id : oracle_linux-cve-2020-28588
     [ --> ]          url : None
     [ --> ]      product : None
     [ --> ] published_at : 2021-02-25T00:00:00Z

 [*] Malware :
     [ --> ] None
 [*] Threat Actors :
     [ --> ] None
 [*] CVSS 2.0 [Base/Exploit/Impact/Temporal] : None [ None/None/None/None ]
 [*] CVSS 3.0 [Base/Exploit/Impact/Temporal] : None [ None/None/None/None ]

 [*] Malware Family Info : None
 [*] CVE_Chatter_Info    : 3

[ CVE History : CVE-2020-28588 ]
 [*] ID              : 2514717
 [*] Vuln Risk Score : 25
 [*] History         : 0

[ High_Profile_Vulnerability ]
 [!!!]   CVE-2020-28588 : [  25.00 ] []


 ** [5] threads completed [4 tasks] / [3.53 KB] within [7.95 sec].