One Article Review
| Source |  Network World |
|---|---|
| Identifiant | 321646 |
| Date de publication | 2017-02-23 07:11:33 (vue: 2017-02-23 07:11:33) |
| Titre | Eleven-year-old root flaw found and patched in the Linux kernel |
| Texte | Linux system administrators should be on the watch for kernel updates because they fix a local privilege escalation flaw that could lead to a full system compromise.The vulnerability, tracked as CVE-2017-6074, is over 11 years old and was likely introduced in 2005 when the Linux kernel gained support for the Datagram Congestion Control Protocol (DCCP). It was discovered last week and was patched by the kernel developers on Friday.The flaw can be exploited locally by using heap spraying techniques to execute arbitrary code inside the kernel, the most privileged part of the OS. Andrey Konovalov, the Google researcher who found the vulnerability, plans to publish an exploit for it a few days.To read this article in full or to leave a comment, please click here |
| Envoyé | Oui |
| Condensat | 2005 2017 6074 administrators andrey arbitrary article because can click code comment compromise congestion control could cve datagram days dccp developers discovered eleven escalation execute exploit exploited fix flaw found friday full gained google heap here inside introduced kernel konovalov last lead leave likely linux local locally most old over part patched plans please privilege privileged protocol publish read researcher root should spraying support system techniques tracked updates using vulnerability watch week when who year years |
| Tags | Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.