Security News > 2020 > April > Patch Released for Linux Kernel Vulnerability Disclosed at Hacking Contest
2020-04-01 15:37
A patch has been released for a Linux kernel vulnerability that a researcher used at the recent Pwn2Own 2020 hacking competition to escalate privileges to root on Ubuntu Desktop.
He leveraged an improper input validation bug in the Linux kernel to escalate privileges to root.
Linux kernel developers have patched the bug and Ubuntu has released updates and mitigations to address the vulnerability.
Red Hat says Enterprise Linux 5, 6, 7 and 8 and Red Hat Enterprise MRG 2 are not affected as the kernel version they use did not backport the commit that introduced the flaw.
Ubuntu security engineer Steve Beattie has made available some technical details about the vulnerability.
News URL
Related news
- CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw (source)
- Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability (source)
- Check Point warns customers to patch VPN vulnerability under active exploitation (source)
- Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast (source)
- VMware fixes critical vCenter RCE vulnerability, patch now (source)
- SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately (source)