An old vulnerability was just discovered in the Linux kernel, potentially allowing hackers to gain privilege escalation, or cause a denial of service. The vulnerability was quickly fixed and there have been no signs of it in the wild, although that does not necessarily mean it went unnoticed. According to Positive Technologies expert Alexander Popov, the CVE-2017-2636 vulnerability is seven years old and has affected the majority of popular Linux distributions, including RHEL 6/7, Fedora, SuSE, Debian, and Ubuntu. Alexander Popov found a "race condition in the n_hdlc driver that leads to double-freeing of kernel memory, which can be exploited…
[Continue Reading]