Code Execution Bug in Linux Kernel puts Every System at Risk
Linux Kernel prone to Remote Code Execution bug
The security flaw found in Linux kernel's rds_tcp_kill_sock TCP/IP implementation in net/rds/tcp.c to trigger denial-of-service (DoS) states and leads to post exploit the systems.
To exploit the bug an attackers just needs to send a special crafted TCP packets to vulnerable linux machines which can trigger use-after-free errors and enable the attackers to execute arbitrary code on the target system.
This bug can also been identified as CVE-2019-11815 and other linux distribution like RedHat, Debian, Ubuntu, SUSE had acknowledge the bug. The bug has been classified as high severity because it can be exploit by an Unauthenticated attackers, but as the exploit is complex which reducex the impact score.
Join the conversation