You can now find Cyber Kendra on Google News | Telegram

Code Execution Bug in Linux Kernel puts Every System at Risk

Linux Kernel prone to Remote Code Execution bug
Almost every Linux system and servers running kernel prior to 5.0.8 are affected by a race condition vulnerability leading to remote code execution on the vulnerable systems.

The security flaw found in Linux kernel's rds_tcp_kill_sock TCP/IP implementation in net/rds/tcp.c to trigger denial-of-service (DoS) states and leads to post exploit the systems.

To exploit the bug an attackers just needs to send a special crafted TCP packets to vulnerable linux machines which can trigger use-after-free errors and enable the attackers to execute arbitrary code on the target system.

This bug can also been identified as CVE-2019-11815 and other linux distribution like RedHat, Debian, Ubuntu, SUSE had acknowledge the bug. The bug has been classified as high severity because it can be exploit by an Unauthenticated attackers, but as the exploit is complex which reducex the impact score.

The Linux kernel developers issued a patch for the CVE-2019-11815 issue during late-March and fixed the flaw in the Linux kernel 5.0.8 versionreleased on April 17.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.