US CISA adds ‘insane’ Linux Copy Fail flaw to watch list
0
0
Malicious actors with code execution capability may gain root access on Linux systems using as few as 10 lines of Python, according to a researcher.
A newly discovered vulnerability could affect most open-source major Linux distributions released since 2017, according to security researchers.
Codenamed “Copy Fail” by Xint.io and Theori, the flaw caught the attention of the US Cybersecurity and Infrastructure Agency (CISA), who added it to the Known Exploited Vulnerabilities (KEV) catalog on Saturday, warning it poses “significant risks to the federal enterprise.”
"An unprivileged local user can write four controlled bytes into the page cache of any readable file on a Linux system, and use that to gain root," the vulnerability research team at Xint.io and Theori said.
0
0
Manage all your crypto, NFT and DeFi from one placeSecurely connect the portfolio you’re using to start.
0
0
0
0
0
0
0
0