Google Increases Bug Bounty Rewards for Linux Kernel Flaws


As part of its open-source Kubernetes-based capture-the-flag (CTF) vulnerability rewards programme, Google is increasing the maximum bounty payouts for Linux vulnerabilities disclosed (VRP).

The Google Kubernetes Engine (GKE) vulnerability reporting tool, known as kCTF, was introduced in 2020 to give security researchers a way to disclose vulnerabilities and be flagged for them. Google is also announcing bonus payments for flaws in the most recent Linux kernel and for evading the recently added mitigations in an effort to encourage security researchers to find ways to circumvent those mitigations.

Google introduced these mitigations to fight against out-of-bounds writes on slab, cross-cache attacks, elastic objects, and freelist corruption.

Read More: Google Boosts Bug Bounty Rewards for Linux Kernel Vulnerabilities

For more such updates follow us on Google News ITsecuritywire News