1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Linux kernel flaw endangers millions of PCs, servers and Android devices

Discussion in 'Network World' started by RSS, Jan 19, 2016.

  1. RSS

    RSS New Member Member

    For almost three years, a serious vulnerability in the Linux kernel could have allowed attackers to take full control over Linux-based PCs, servers, Android phones and other embedded devices.

    The flaw, which stems from the kernel's keyring facility, allows applications running under a local user to execute code in the kernel. As a result, an attacker with access to only a limited account on a Linux system can escalate their privileges to root.

    The vulnerability, tracked as CVE-2016-0728, was found and reported to the Linux kernel security team and several Linux distribution maintainers by researchers from an Israeli threat defense start-up called Perception Point.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page