Security News > 2018 > May > Red Hat Linux DHCP Client Found Vulnerable to Command Injection Attacks
2018-05-15 20:48
A Google security researcher has discovered a critical remote command injection vulnerability in the DHCP client implementation of Red Hat Linux and its derivatives like Fedora operating system. The vulnerability, tracked as CVE-2018-1111, could allow attackers to execute arbitrary commands with root privileges on targeted systems. Whenever your system joins a network, it’s the DHCP client
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/SKTnz7tkojQ/linux-dhcp-hacking.html
Related news
- New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks (source)
- Linux 'io_uring' security blindspot allows stealthy rootkit attacks (source)
- Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack (source)
- Hackers now testing ClickFix attacks against Linux targets (source)
- Windows 11 and Red Hat Linux hacked on first day of Pwn2Own (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-17 | CVE-2018-1111 | DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. | 7.5 |