New generation malware and ways of protection: What you need to know
infosec tweaks

New generation malware and ways of protection: What you need to know

Every day we hear about new attacks by hackers on companies, organizations, and even individuals. The worrying is that the scammers ...
Read More
infosec

Google Play Protect protects your device from malware. Turn it on!

Due to the recent vulnerability of WhatsApp that enabled hackers to remotely install spyware on both ...
Read More
infosec

Hackers stole sensitive NederWoon customer information

A home rental company, NederWoon, has been hit by hackers. Hackers managed to get into the company's systems ...
Read More
infosec

Snapchat: Employees are spying on users with the SnapLion tool

According to a report from the Motherboard, employees of Snap, the company behind Snapchat, use the ...
Read More
infosec

TalkTalk: 4.500 customer bank information was found on the internet

Recently, it has come to light, a case of violation, which has been a matter of concern to us in the past. This is the data leakage ...
Read More
Latest Posts

Vulnerability in Linux Kernel allows remote code execution

VulnerabilityEveryday we hear about the existence of vulnerabilities that can be used by hackers and compromise systems and data. This time, a critical vulnerability has become known Linux Kernel. The truth is that until now we have not heard many incidents of tampering related to this software. Now, however, there seems to be a very critical error that affects millions of Linux systems.

According to the information that is available, vulnerability affects Kernel versions prior to 5.0.8. it is about a race condition vulnerability. Some systems are designed to perform processes with a particular sequence. When there is this vulnerability, two or more actions are started at the same time, so the system does not work properly.

On Linux Kernel versions, the vulnerability was found on rds_tcp_kill_sock on net / rds / tcp.c.

Hackers can use vulnerability to perform a denial-of-service attack. This will enable them to run remote code on vulnerable Linux systems by sending specially processed TCP packets.

This specific vulnerability (CVE-2019-11815) has been rated as critical. It has rated 5,9 as the impact it may have, but it's not easy to use, so when it comes to exploitation, it's rated as 2,2.

Respondents immediately took action to address the issue and released a patch at the end of March. Finally, the bug was fully corrected with the release of Linux Kernel 5.0.8.

Users are advised to install the patch as quickly as possible to keep their system safe.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Comments

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *