dcsimg
Linux Today: Linux News On Internet Time.





BREAKING - High severity Linux network security holes found, fixed

Mar 03, 2021, 15:00 (0 Talkback[s])
(Other stories by Steven J. Vaughan-Nichols)

This nasty set of bugs can lead to an attacker gaining root access, but the patch is already available.

"Young and rising Linux security developer Alexander Popov of Russia's Positive Technologies discovered and fixed a set of five security holes in the Linux kernel's virtual socket implementation. An attacker could use these vulnerabilities (CVE-2021-26708) to gain root access and knock out servers in a Denial of Service (DoS) attack."

Since then the patch has been merged into mainline kernel version 5.11-rc7 and backported into affected stable trees.

Complete Story