Linux bitten by second severe vulnerability in as many weeks
arstechnica.com
Linux users have been bitten by yet another vulnerability that gives containers and untrusted users the ability to gain root access, marking the second time in as many weeks that a severe threat has caught defenders off guard.
The threat, known as Dirty Frag, allows low-privilege users, including those using virtual machines, to gain root control of servers. Attacks are particularly suitable in shared environments, where a server is used by multiple parties. Hackers can also gain root as long as they have access to a separate exploit that gives a toehold into a machine. Exploit code was leaked online three days ago and works reliably across virtually all Linux distributions. Microsoft has said it has spotted signs that hackers are experimenting with Dirty Frag in the wild.
Immediate and significant threat
The leaked exploit is deterministic, meaning it works precisely the same way each time it’s run and ...
Copyright of this story solely belongs to arstechnica.com . To see the full text click HERE