Linux Kernel Can Be Exploited Remotely; Kernel Prior To 5.0.8 Affected. We keep coming across various security loopholes in different software on a daily basis, but it rarely happens that Linux kernel gets crippled by a high-impact flaw. However, things are looking a bit different today as millions of Linux systems have been found to be affected by a massive flaw.
It’s being reported that the kernel versions prior to 5.0.8 are affected by a race condition vulnerability. For those who aren’t aware, race condition attacks take place when a system designed to perform tasks in a particular sequence is made to perform two or more operations simultaneously. During this state, interference could be caused by a trusted/untrusted process.
In the case of Linux kernels prior to 5.0.8, the race condition flaw was discovered in rds_tcp_kill_sock in net/rds/tcp.c. “There is a race condition leading to a use-after-free, related to net namespace cleanup,” mentions the CVE description of the flaw.
Linux Kernel Can Be Exploited Remotely; Kernel Prior To 5.0.8 Affected
It’s worth noting that on the NIST database, this CVE-2019-11815 vulnerability is listed with a high impact score of 5.9. However, as this flaw is difficult to exploit, it’s been given a low exploitability score of 2.2; the overall base score is 8.1.
For further information, you can also refer to the security advisories from different Linux distributions: Debian, Red Hat, SUSE, Ubuntu.
Hackers can launch attacks on Linux machines using specially created TCP packets to execute arbitrary code.
It’s worth noting that the flaw has already been fixed during late-March with the release of Linux kernel 5.0.8. So, you’re advised to update your kernel as soon as possible and install the patch.
Related Videos:
Related Posts:
Cybersecurity burnout: 10 most stressful parts of the job(Opens in a new browser tab)
B0r0nt0K Ransomware Wants $75,000 Ransom, Infects Linux Servers(Opens in a new browser tab)
Who is this Android App Development course for?(Opens in a new browser tab)
It’s Almost Impossible to Tell if Your iPhone Has Been Hacked(Opens in a new browser tab)
Python 3 Object Oriented Programming(Opens in a new browser tab)
WhatsApp hacked after attackers install spyware on people’s phone(Opens in a new browser tab)
Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution(Opens in a new browser tab)
Learn about JavaScript IF STATEMENTS(Opens in a new browser tab)
Learn about JavaScript ELSE STATEMENTS(Opens in a new browser tab)
Windows 10 gets Arch Linux, one of the trickiest distros around(Opens in a new browser tab)
Introduction to JavaScript – Variables: String Interpolation(Opens in a new browser tab)
CODING WITH CSS: The style attribute(Opens in a new browser tab)
Introduction to JavaScript – Control Flow: if/else Statements(Opens in a new browser tab)
Introduction to JavaScript – Variables: String Interpolation II(Opens in a new browser tab)
Fake Google reCAPTCHA used to hide Android banking malware(Opens in a new browser tab)
How to make a Go-Back Input button with inline JavaScript(Opens in a new browser tab)
GitHub’s and more best FREE guides for Python developers(Opens in a new browser tab)
Kodi-04-2019 No Limits Wizard Magic Build for Kodi 18 Leia(Opens in a new browser tab)
What is the Python Software Foundation?(Opens in a new browser tab)
