Hidden Linux kernel security fixes spotted before release – by using developer chatter as a side channel
1 min read
Sep 07, 2020
Security researchers have found that they can detect Linux kernel security fixes before they are released - information that could be used by malicious hackers to develop and deploy exploit code before patches are widely available.
Boffins affiliated with BMW, Siemens, and two German universities say they can pinpoint obfuscated Linux kernel security fixes, developed in secret, before they are officially released. This is insight miscreants could use to develop and deploy exploit code before patches are widely available.
What's more, the team found that Linux kernel patches are regularly introduced in a way that bypasses public review and discussion, a practice that opens at least a theoretical risk of backdoored code.
Related Articles
1 - 0 min read
Tails 6.2 Improves Security, Expands Multilingual Support
1 - 0 min read
Linux vs. Windows: A Critical Look at Desktop Choices
1 - 0 min read
Spectre V2: A New Threat to Linux Systems
