Keep your bits under the radar!

Linux Bugs

All OS you can imagine in this moment, have a huge problem with bugs and errors that is made with knowing and mistaking while developing. In linux world we have a huge support from developers who gain open source feelings, and they are fixing bugs.

Not so long ago in this “perfect” OS - developers found a huge bugs “holes” that may be disastrous to users, they named (CVE-2016-6480,  CVE-2016-8655, CVE-2016-6828)

CVE-2016-8655 is the worst of the bunch. It enables local users, which can include remote users with virtual and cloud-based Linux instances, to crash the system or run arbitrary code as root.

Philip Pettersson, a hacker and security researcher, found this bug. With it, a user can create a race condition in the Linux kernel's packet_set_ring function. A race condition happens when a system attempts to perform two or more operations simultaneously instead of one following the successful completion of the other.

The second security issue, CVE-2016-6480, also involves a race condition but it's not as serious. In this one, Adaptec AAC RAID controller driver can be used by a local attacker to crash a system.

The third, CVE-2016-6828 can be used to break the Linux kernel's TCP retransmit queue handling code. This can be used to crash a vulnerable server or execute arbitrary code. It is, however, harder to use than Pettersson's discovery, so it's not as dangerous.

To protect you should patch your Linux system as soon as possible to avoid running into troubles. Patches are now available on all major Linux distributions.