Linux Vulnerability

Linux Kernel Privilege Escalation Vulnerability (CVE-2020-14386) Threat Alert

October 20, 2020

Vulnerability Description

Recently, NSFOCUS detected a privilege escalation vulnerability in the Linux kernel (CVE-2020-14386). An integer overflow exists in the way net/packet/af_packet.c processes AF_PACKET, which leads to out-of-bounds write, thereby escalating privileges. An attacker could exploit this vulnerability to gain system root privileges from unprivileged processes. This vulnerability may affect virtualized products using the Linux kernel, such as OpenShift, Kubernetes, and docker, thus leading to VM escape. Affected users should take preventive measures.

(more…)

Linux Kernel Multiple Remote Denial-of-Service Vulnerabilities Threat Alert

June 25, 2019

Overview

Recently, Red Hat released a security bulletin, pointing out multiple TCP-based remote denial-of-service vulnerabilities in the Linux kernel, namely, a SACK Panic vulnerability of important severity and two other vulnerabilities of moderate severity. (more…)

Linux apt/apt-get Remote Code Execution (RCE) Vulnerability (CVE-2019-3462) Threat Alert

January 28, 2019

Overview

On January 22, 2019, local time, security researcher Max Justicz announced his discovery of a remote code execution (RCE) vulnerability in Linux apt/apt-get. This vulnerability stems from the APT’s failure to properly handle certain parameters involved in HTTP redirects. It can be triggered via a man-in-the-middle attack or a malicious package mirror, resulting in remote code execution. (more…)