Negotiamini Media
Truth is Powerful

Old Linux storage bugs, new security patches

4

One of the good things about Linux is that it supports so much old hardware. With just a bit of work, there’s almost no computing hardware that can’t run Linux. That’s the good news. The bad news is that sometimes ancient security holes can be found within old programs. That’s the case with Linux’s Small Computer System Interface (SCSI) data transport driver.

Want a good tech job? Then you need to know Linux and open-source software. One of the best ways to pick them up is via a Linux Foundation course.

A trio of security holes — CVE-2021-27365 , CVE-2021-27363 , and CVE-2021-27364 — was found by security company GRIMM researchers in an almost forgotten corner of the mainline Linux kernel. The first two of these have a Common Vulnerability Scoring System (CVSS) score above 7, which is high. While you may not have had a SCSI or iSCSI drive in ages, these 15 years old bugs are still around. One of them could be used in a Local Privilege Escalation (LPE) attack. In other words, a normal user could use them to become the root user.

Don’t let the word “local” fool you. As Adam Nichols, Principal of Software Security […]

Click here to view original web page at www.zdnet.com

Comments
Loading...

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More