A critical heap-overflow security vulnerability in the Linux kernel Transparent Inter Process Communication (TIPC) module could allow for local exploitation and remote control code, resulting in complete system damage. TIPC is a peer-to-peer protocol used by nodes within a Linux collection to communicate with each other in a customized way; enables different types of messages used for different purposes. According to SentinelOne’s SentinelLabs, the interference in question (CVE-2021-43267) resides exclusively in the type of message that allows nodes to send cryptographic keys to each other. If received, the keys can be used to decrypt other communications from the sending area.
Read More: threatpost
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates