web analytics

Patch alert! Easy-to-exploit flaw in Linux kernel rated ‘high risk’

Urgent security triage needed

 

By John Leyden 28 Sep 2017
 
Linux penguin canape... snacks. Photo by SHutterstock

 

A flaw has been found in the way the Linux kernel loads ELF files.

 

If a malicious program is built as a Position Independent Executable (PIE), the loader can be exploited to map part of that application’s data segment over the memory area reserved for its stack. This can result in memory corruption and possible local privilege escalation.

 

Red Hat and Debian are among Linux distros affected by the CVE-2017-1000253 vulnerability, which was discovered by cloud security firm Qualys.

 

Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico