Critical Linux Kernel Bug Allows Remote Takeover

30
Critical Linux Kernel Bug Allows Remote Takeover

A critical heap-overflow security vulnerability in the Linux kernel Transparent Inter Process Communication (TIPC) module could allow for local exploitation and remote control code, resulting in complete system damage. TIPC is a peer-to-peer protocol used by nodes within a Linux collection to communicate with each other in a customized way; enables different types of messages used for different purposes. According to SentinelOne’s SentinelLabs, the interference in question (CVE-2021-43267) resides exclusively in the type of message that allows nodes to send cryptographic keys to each other. If received, the keys can be used to decrypt other communications from the sending area.

Read More: threatpost