An issue exists in net/tipc/crypto.c in the Linux kernel prior to 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote malicious users to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
|Vulnerable Product||Search on Vulmon||Subscribe to Product|
linux linux kernel
Get our weekly newsletter Plus: Uncle Sam gets tough on patching, NIST needs you, and more
In brief A consortium of private equity types have stumped up $12bn in cash to acquire what's left of McAfee the company plus another couple of billion to pay off its debts.
McAfee has been in and out of the stock market: it last went public in October 2020 with a valuation of $3.6bn. It then spun off its enterprise security business in March for $4bn in another cash deal, and now the consumer side of the business has been snapped up for $14bn total.
“This transaction is a testamen...
A critical heap-overflow security vulnerability in the Transparent Inter Process Communication (TIPC) module of the Linux kernel could allow local exploitation and remote code execution, leading to full system compromise.
TIPC is a peer-to-peer protocol used by nodes within a Linux cluster to communicate with each other in an optimized way; it enables various types of messages that are used for different purposes. According to SentinelOne’s SentinelLabs, the bug in question (CVE-2021-432...