MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
almalinux
Search

AlmaLinux OS - CVE-2024-1086 and XZ (AlmaLinux blog)

Wednesday April 3, 2024. 08:39 PM , from LWN.net
AlmaLinux has announced
updated kernels for AlmaLinux 8 and 9 to address CVE-2024-1086, a
use-after-free vulnerability in the kernel that could be exploited to
gain local privilege escalation. This is notable because the fix
marks a divergence between AlmaLinux and Red Hat Enterprise Linux (RHEL):

In January of this year, a kernel flaw was disclosed and named CVE-2024-1086.
This flaw is trivially exploitable on most RHEL-equivalent
systems. There are many proof-of-concept posts available now,
including one from our Infrastructure team lead, Jonathan Wright (Dealing
with CVE-2024-1086). In multi-user scenarios, this flaw is
especially problematic.

Though this was flagged as something to be fixed in Red Hat
Enterprise Linux, Red Hat has only rated this as a moderate
impact.

The AlmaLinux project would also like to note that it is not
impacted by the XZ backdoor. 'Because enterprise Linux takes a bit
longer to adopt those updates (sometimes to the chagrin of our users),
the version of XZ that had the back door inserted hadn't made it
further than Fedora in our ecosystem.'
Read more at LWN.net
https://lwn.net/Articles/968299/

Related News

almalinux AlmaLinux 9.4 Beta 'Seafoam Ocelot' now available BetaNewsApr 15
cve- Development Release: AlmaLinux OS 9.4 Beta DistroWatchApr 15
hat Asus ROG Strix Scar 18 (2024) Review: Portable Powerhouse Gaming Wired: Tech.Apr 15
enterprise 10 Best Retro Game Consoles (2024): Evercade, Polymega, Analogue Pocket, and Controllers Wired: Tech.Apr 14
flaw 9 Best Smartwatches (2024): Apple Watch, Wear OS, Hybrid Watches Wired: Tech.Apr 14
red 6 gaming laptop features that matter most in 2024 PC WorldApr 12
linux Build 2024: Microsoft plans to enhance PowerToys with new AI tools BetaNewsApr 12
our 10 Best AI Social Media Tools 2024 eWeekApr 12
kernel 21 Best Dog Accessories (2024): Dog Beds, Pet Cameras, Carriers, and More Wired: Tech.Apr 11
blog Best laptops for engineering students 2024: Expert picks and advice PC WorldApr 11
best Best of Watches and Wonders 2024 Wired: Tech.Apr 11
beta The Best Personal Safety Devices, Apps, and Wearables (2024) Wired: Tech.Apr 11
tools The Best Cat Toys, Litter Boxes, and Other Supplies for Your Furry Friend (2024) Wired: Tech.Apr 11
gaming The 9 Best Air Fryers for healthier fries (2024) Wired: Tech.Apr 11
deals [$] LWN.net Weekly Edition for April 11, 2024 LWN.netApr 11
almalinux It's 2024 and Intel silicon is still haunted by data-spilling Spectre TheRegisterApr 10
cve- CHIPS Act hangover sees most US science agency budgets cut for 2024 TheRegisterApr 10
hat The 12 Best Turntables for Your Vinyl Collection (2024) Wired: Tech.Apr 9
enterprise 21 Best Deals From the Target Circle Week Deals Event (2024) Wired: Tech.Apr 9
flaw The Best Total Solar Eclipse Photos (2024) Wired: Tech.Apr 8
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Current Date
Apr, Mon 29 - 20:24 CEST