Tech »  Topic »  A worrying stealthy Linux security bug could put your systems at risk - here's what we know

A worrying stealthy Linux security bug could put your systems at risk - here's what we know

2 weeks ago   techradar.com
(Image credit: Linux)
  • A security oversight in Linux allows rootkits to bypass enterprise security solutions and run stealthily
  • It was found in the io_uring Kernel interface
  • Researchers built a PoC, now available on GitHub

Cybersecurity researchers from ARMO recently discovered a security oversight in Linux which allows rootkits to bypass enterprise security solutions and run stealthily on affected endpoints.

The oversight happens because the ‘io_uring’ Kernel interface is being ignored by security monitoring tools. Built as a faster, more efficient way for Linux systems to talk to storage devices, io_uring helps modern computers handle lots of information without getting bogged down. It was introduced back in 2019, with the release of Linux 5.1.

Apparently, most security tools look for shady syscalls and hooking white completely ignoring anything involving io_uring. Since the interface supports numerous operations through 61 ops types, it creates a dangerous blindspot that can be exploited for ...


Copyright of this story solely belongs to techradar.com . To see the full text click HERE