A hackers and security researcher found a bug that can exploit a Linux kernel and cause trouble for the user. Three serious Linux kernel security holes were discovered that can crash a computer system.
Three latest kernels were discovered by Philip Pettersson that enable users to have a local remote access and exploit a Linux system. Remote users that have virtual and cloud-based Linux can easily crash the victim’s Linux System and run an arbitrary code as root.
The vulnerable three Linux kernels are CVE-2016-8655, CVE-2016-6480, and CVE-2016-6828. The report was originally posted by Philip Pettersson on Seclists website explaining that CVE-2016-8655 is the worst among the three.
According to ZDNet, the exploitation works when a remote user creates a race condition in “packet_set_ring” function in the Linux kernel. It means that the attacker will perform a series of operations simultaneously in the system instead of the usual successful completion before the other will continue.
Linux Operating Systems that can be exploited include Debian, Fedora, Red Hat Enterprise Linux 7 and the Ubuntu. Meanwhile, the patches are already available for most Linux OS to fix these vulnerabilities and owners are advised to patch their Linux system to avoid further problems.
Submitted by: Arnfried Walbrecht
Comments are closed.