Everyday we hear about the existence of vulnerabilities that can be used by hackers and compromise systems and data. This time, a critical vulnerability has become known Linux Kernel. The truth is that until now we have not heard many incidents of tampering related to this software. Now, however, there seems to be a very critical error that affects millions of Linux systems.
According to the information that is available, vulnerability affects Kernel versions prior to 5.0.8. it is about a race condition vulnerability. Some systems are designed to perform processes with a particular sequence. When there is this vulnerability, two or more actions are started at the same time, so the system does not work properly.
On Linux Kernel versions, the vulnerability was found on rds_tcp_kill_sock on net / rds / tcp.c.
Hackers can use vulnerability to perform a denial-of-service attack. This will enable them to run remote code on vulnerable Linux systems by sending specially processed TCP packets.
This specific vulnerability (CVE-2019-11815) has been rated as critical. It has rated 5,9 as the impact it may have, but it's not easy to use, so when it comes to exploitation, it's rated as 2,2.
Respondents immediately took action to address the issue and released a patch at the end of March. Finally, the bug was fully corrected with the release of Linux Kernel 5.0.8.
Users are advised to install the patch as quickly as possible to keep their system safe.