Code Execution Bug in Linux Kernel puts Every System at Risk

Almost every Linux system and servers running kernel prior to 5.0.8 are affected by a race condition vulnerability leading to remote code execution on the vulnerable systems.

The security flaw found in Linux kernel's rds_tcp_kill_sock TCP/IP implementation in net/rds/tcp.c to trigger denial-of-service (DoS) states and leads to post exploit the systems.

To exploit the bug an attackers just needs to send a special crafted TCP packets to vulnerable linux machines which can trigger use-after-free errors and enable the attackers to execute arbitrary code on the target system.

This bug can also been identified as CVE-2019-11815 and other linux distribution like RedHat, Debian, Ubuntu, SUSE had acknowledge the bug. The bug has been classified as high severity because it can be exploit by an Unauthenticated attackers, but as the exploit is complex which reducex the impact score.

The Linux kernel developers issued a patch for the CVE-2019-11815 issue during late-March and fixed the flaw in the Linux kernel 5.0.8 versionreleased on April 17.

Cyber Kendra

Search Suggest

Code Execution Bug in Linux Kernel puts Every System at Risk

Post a Comment

Pirates Bay Proxy List November 2024: Unblock Pirate Bay

TamilMV Proxy – List of 1TamilMV Proxy Sites

Download ExaGear APK + obb - Windows Emulator for Android

ExtraTorrents Proxy List 2024 [November] To Unblock Extratorrent

How to Download AnyFlip Books to PDF