Author Archives: CIRT Team



CIRT Team

in Security Advisories & Alerts

CVE-2017-7874: Linux Kernel 4.8.0 UDEV < 232 Local Privilege Escalation Vulnerability

Description:  udevd in udev 232, when the Linux kernel 4.8.0 is used, does not properly verify the source of a Netlink message, which allows local users to execute arbitrary commands by leveraging access to the NETLINK_KOBJECT_UEVENT family, and the presence of the /lib/udev/rules.d/50-udev-default.rules file, to provide a crafted REMOVE_CMD value....

Read more

0
28 Aug 2017
Page 4 of 32« First...23456...102030...Last »