Vulnerability Description On March 31, the Linux kernel privilege escalation vulnerability demonstrated by the competitor Manfred Paul on the Pwn2Own contest was included in the CVE database and identified as CVE-2020-8835. This vulnerability exists because the bpf verifier in the Linux kernel does not properly calculate register bounds for certain...
Tag: Linux
Linux System PPPD Remote Code Execution Vulnerability (CVE-2020-8597) Threat Alert
Vulnerability Description On March 6, the United States Computer Emergency Readiness Team (US-CERT) release a security bulletin to announce a 17-year-old remote code execution vulnerability in the PPP daemon (pppd). This vulnerability affects nearly all Linux-based operating systems and network device firmware. This vulnerability is a buffer overflow vulnerability (CVE-2020-8597),...
