Fifteen-Year-Old Linux Vulnerability Allows Local Privilege Escalation, Information Leak, and Denial of Service
1 min read
Mar 23, 2021
Researchers have discovered three vulnerabilities capable of granting attackers root privileges on Linux systems if they are able to gain access through other methods. These bugs, which affect the iSCSI kernel subsystem, have existed for more than 15 years.
Similarly, The Zero Day Initiative (ZDI) researchers uncovered another decade and a half old Linux vulnerability affecting ISC BIND servers configured to use GSS-TSIG features.
The discovery of old but active bugs underscores the need for open-source maintainers to monitor external modules to ensure they observe the best security practices, according to the ZDI.
Related Articles
1 - 0 min read
xz-style Attacks Continue to Target Open-Source Maintainers
1 - 0 min read
Spectre V2: A New Threat to Linux Systems
1 - 0 min read
Hacked VMs Reveal New Attack Risks
1 - 0 min read
Multiple Chromium DoS, Info Disclosure Vulns Fixed [Updated]
