IPFS News Link • Hacking, Cyber Security
Linux Kernel Gets Patch For Years-Old Serious Vulnerability
• thehackernews.com by Swati KhandelwalThe latest Linux kernel flaw (CVE-2017-2636), which existed in the Linux kernel for the past seven years, allows a local unprivileged user to gain root privileges on affected systems or cause a denial of service (system crash).
Positive Technologies researcher Alexander Popov discovered a race condition issue in the N_HLDC Linux kernel driver – which is responsible for dealing with High-Level Data Link Control (HDLC) data – that leads to double-free vulnerability.
"Double Free" is one of the most common memory corruption bug that occurs when the application releases same memory location twice by calling the free() function on the same allocated memory.