Information on a Linux vulnerability was publically disclosed last week, and was widely distributed yesterday.
The CVE-2017-2636 vulnerability affects the majority of popular Linux distributions including Ubuntu, RHEL 6/7, Fedora, SUSE, and Debian.
The vulnerability is in the N_HLDC Linux Kernel driver and can exploit a double free memory bug to allow for escalated privileges on the system.
The vulnerability can be verified using system test calls with google’s syzkaller fuzzer.
All major releases have a security patch available, and the recommendation is to patch as soon as possible.
No comments:
Post a Comment