Security News > 2020 > April > Patch Released for Linux Kernel Vulnerability Disclosed at Hacking Contest

Patch Released for Linux Kernel Vulnerability Disclosed at Hacking Contest
2020-04-01 15:37

A patch has been released for a Linux kernel vulnerability that a researcher used at the recent Pwn2Own 2020 hacking competition to escalate privileges to root on Ubuntu Desktop.

He leveraged an improper input validation bug in the Linux kernel to escalate privileges to root.

Linux kernel developers have patched the bug and Ubuntu has released updates and mitigations to address the vulnerability.

Red Hat says Enterprise Linux 5, 6, 7 and 8 and Red Hat Enterprise MRG 2 are not affected as the kernel version they use did not backport the commit that introduced the flaw.

Ubuntu security engineer Steve Beattie has made available some technical details about the vulnerability.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/xthJ1GvIx-k/patch-released-linux-kernel-vulnerability-disclosed-hacking-contest

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2572 1587 67 4290
Kernel 3 0 7 4 1 12