Security News > 2020 > April > Patch Released for Linux Kernel Vulnerability Disclosed at Hacking Contest
2020-04-01 15:37
A patch has been released for a Linux kernel vulnerability that a researcher used at the recent Pwn2Own 2020 hacking competition to escalate privileges to root on Ubuntu Desktop.
He leveraged an improper input validation bug in the Linux kernel to escalate privileges to root.
Linux kernel developers have patched the bug and Ubuntu has released updates and mitigations to address the vulnerability.
Red Hat says Enterprise Linux 5, 6, 7 and 8 and Red Hat Enterprise MRG 2 are not affected as the kernel version they use did not backport the commit that introduced the flaw.
Ubuntu security engineer Steve Beattie has made available some technical details about the vulnerability.
News URL
Related news
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- Mixing Rust and C in Linux likened to cancer by kernel maintainer (source)
- 'Key kernel maintainers' still back Rust in the Linux kernel, despite the doubters (source)
- Linux royalty backs adoption of Rust for kernel code, says its rise is inevitable (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Strap in, get ready for more Rust drivers in Linux kernel (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)