Tuesday November 15, 2016

Major Linux Security Hole Gapes Open

A major security hole in Linux has been discovered. I'm not sure I would have used the term "hole gapes open" to describe the discovery but that's probably because I have a dirty mind. . big grin

Sometimes Linux users can be smug about their system's security. And sometimes a major hole that's been hiding in Linux since about version 2.6 opens up and in you fall. As described in the security report, CVE-2016-4484, the hole allows attackers "to obtain a root initramfs [initial RAM file system] shell on affected systems. The vulnerability is very reliable because it doesn't depend on specific systems or configurations. Attackers can copy, modify, or destroy the hard disc as well as set up the network to exflitrate data.