Friend
Professional
- Messages
- 2,653
- Reaction score
- 850
- Points
- 113
Experts warn of a critical vulnerability affecting all GNU/Linux systems. If exploited, an unauthenticated attacker can execute the code remotely.
Apparently, the problem has existed for more than a decade, and in two weeks, the researchers promise to publish technical details.
Interestingly, the vulnerability has not yet received a CVE identifier, despite the critical level.
It is also reported that the developers of a number of leading Linux distributions have confirmed the danger posed by the breach. For example, the Canonical and RedHat teams said it could be given a score of 9.9 out of 10.
Nevertheless, there is no patch yet, as the developers continue to discuss the nuances: in particular, how serious the danger of the breach really is.
According to Thread Reader, the researcher who discovered the vulnerability is unhappy with the process of disclosing information about the problem. They say that everything is happening very slowly, although there are already several PoCs (proof-of-concept) on the Web.
Apparently, the problem has existed for more than a decade, and in two weeks, the researchers promise to publish technical details.
Interestingly, the vulnerability has not yet received a CVE identifier, despite the critical level.
It is also reported that the developers of a number of leading Linux distributions have confirmed the danger posed by the breach. For example, the Canonical and RedHat teams said it could be given a score of 9.9 out of 10.
Nevertheless, there is no patch yet, as the developers continue to discuss the nuances: in particular, how serious the danger of the breach really is.
According to Thread Reader, the researcher who discovered the vulnerability is unhappy with the process of disclosing information about the problem. They say that everything is happening very slowly, although there are already several PoCs (proof-of-concept) on the Web.
