Celah kernel Linux memungkinkan pengguna tanpa hak akses mendapatkan akses root

Para peneliti Qualys telah mengidentifikasi cacat logika pada kernel Linux yang memungkinkan pengguna lokal tanpa hak akses untuk mengungkapkan file sensitif dan menjalankan perintah arbitrer sebagai root.

Kerentanan ini memengaruhi instalasi default dari beberapa distribusi Linux utama. Unit Riset Ancaman Qualys menemukan masalah ini dan merincinya dalam sebuah posting blog yang diterbitkan pada hari Jumat.

Artikel Terkait

Illustration depicting the Linux CopyFail vulnerability enabling root access exploits alongside Ubuntu's DDoS-induced outage.
Gambar dihasilkan oleh AI

Linux CopyFail exploit threatens root access amid Ubuntu outage

Dilaporkan oleh AI Gambar dihasilkan oleh AI

A critical Linux vulnerability known as CopyFail, tracked as CVE-2026-31431, allows attackers to gain root access on systems running kernels since 2017. Publicly released exploit code has heightened risks for data centers and personal devices. Ubuntu's infrastructure has been offline for over a day due to a DDoS attack, hampering security communications.

Researchers have identified a high-severity flaw in the Linux kernel that can allow untrusted users to gain root access. The issue stems from one incorrect character in the code.

Dilaporkan oleh AI

A security researcher has disclosed Dirty Frag, a new Linux kernel exploit that allows local users to gain root privileges. The flaw affects major distributions and remains unpatched on most systems despite earlier fixes for a similar issue.

A newly published zero-day exploit allows attackers with physical access to bypass BitLocker encryption on Windows 11 devices in seconds. The attack, named YellowKey, targets the default TPM-only configuration and grants full access to encrypted drives via a simple USB-based method.

Dilaporkan oleh AI

Linus Torvalds has announced the latest Linux release candidate while calling attention to a growing issue with AI-generated bug reports. The flood of such reports has rendered the kernel security mailing list nearly impossible to manage.

Situs web ini menggunakan cookie

Kami menggunakan cookie untuk analisis guna meningkatkan situs kami. Baca kebijakan privasi kami untuk informasi lebih lanjut.
Tolak