Nasty Linux kernel bug found and fixed
1 min read
Jan 21, 2022
A heap overflow bug was recently discovered in the Linux kernel. The patch is available now in most major Linux distributions.
Most reported Linux "security" bugs actually aren't Linux bugs. For example, security vendor CrowdStrike's report on the biggest Linux-based malware families was really about system administration security blunders with telnet, SSH, and Docker, not Linux at all. But, that doesn't mean Linux doesn't have security holes. For example, a new nasty Linux kernel problem has just popped up.
In this one, there's a heap overflow bug in the legacy_parse_param in the Linux kernel's fs/fs_context.c program. This parameter is used in Linux filesystems during superblock creation for mount and superblock reconfiguration for a remount. The superblock records all of a filesystem's characteristics such as file size, block size, empty and filled storage blocks. So, yeah, it's important.
Related Articles
1 - 0 min read
Multiple Chromium DoS, Info Disclosure Vulns Fixed [Updated]
1 - 0 min read
RunC Container Escape Flaws Grant Attackers Host Access
1 - 0 min read
Critical Glibc Flaws Put Major Linux Distros at Risk
1 - 0 min read
Hackers' Backdoor: Warning of New Linux Kernel Vulnerability
