The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: red hat linux

IBM Buys "Red Hat" Open-Source Software Company for $34 Billion

IBM Buys "Red Hat" Open-Source Software Company for $34 Billion
October 29, 2018Swati Khandelwal
It's been quite a year for the open source platforms. Earlier this year, Microsoft acquired popular code repository hosting service GitHub for $7.5 billion , and now IBM has just announced the biggest open-source business deal ever. IBM today confirmed that it would be acquiring open source Linux firm Red Hat for $190 per share in cash, working out to a total value of approximately $34 billion. Red Hat, known for its Red Hat Enterprise Linux (RHEL) operating system, is a leading software company that offers open-source software products to the enterprise community. Even Oracle uses Red Hat's source code for its Oracle Linux product. Red Hat's last year revenue was $2.4 billion, and this year the company has earned $2.9 billion. But if Red Hat products are open source and updates are free, you might be wondering how does the company earn. Red Hat was one of the first companies who found a successful way to make money from free open-source software. It offers consul

Google Hacker Discloses New Linux Kernel Vulnerability and PoC Exploit

Google Hacker Discloses New Linux Kernel Vulnerability and PoC Exploit
September 28, 2018Mohit Kumar
A cybersecurity researcher with Google Project Zero has released the details, and a proof-of-concept (PoC) exploit for a high severity vulnerability that exists in Linux kernel since kernel version 3.16 through 4.18.8. Discovered by white hat hacker Jann Horn, the kernel vulnerability (CVE-2018-17182) is a cache invalidation bug in the Linux memory management subsystem that leads to use-after-free vulnerability, which if exploited, could allow an attacker to gain root privileges on the targeted system. The use-after-free (UAF) vulnerabilities are a class of memory corruption bug that can be exploited by unprivileged users to corrupt or alter data in memory, enabling them to cause a denial of service (system crash) or escalate privileges to gain administrative access on a system. Linux Kernel Exploit Takes an Hour to Gain Root Access However, Horn says his PoC Linux kernel exploit made available to the public "takes about an hour to run before popping a root shell."

Red Hat Linux DHCP Client Found Vulnerable to Command Injection Attacks

Red Hat Linux DHCP Client Found Vulnerable to Command Injection Attacks
May 15, 2018Mohit Kumar
A Google security researcher has discovered a critical remote command injection vulnerability in the DHCP client implementation of Red Hat Linux and its derivatives like Fedora operating system. The vulnerability, tracked as CVE-2018-1111 , could allow attackers to execute arbitrary commands with root privileges on targeted systems. Whenever your system joins a network, it's the DHCP client application which allows your system to automatically receive network configuration parameters, such as an IP address and DNS servers, from the DHCP (Dynamic Host Control Protocol) server. The vulnerability resides in the NetworkManager integration script included in the DHCP client packages which is configured to obtain network configuration using the DHCP protocol. Felix Wilhelm from the Google security team found that attackers with a malicious DHCP server, or connected to the same network as the victim, can exploit this flaw by spoofing DHCP responses, eventually allowing them to run
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.