WeSearch

A security bug in AEAD sockets

·1 min read · 0 reactions · 0 comments · 7 views

Security analysis firm Xint has disclosed a security bug in the Linux kernel that allows for a [...]

Original article
LWN.net (Linux Weekly News)
Read full at LWN.net (Linux Weekly News) →
Opening excerpt (first ~120 words) tap to expand

Security analysis firm Xint has disclosed a security bug in the Linux kernel that allows for arbitrary 4-byte writes to the page cache, and which has been present since 2017. The vulnerability has been fixed in mainline kernels. A proof-of-concept script demonstrates how to use the flaw to corrupt a setuid binary, which works on multiple distributions, by requesting an AEAD-encrypted socket from user space and splicing a particular payload into it. A supplemental blog post gives more details about the discovery and remediation. A core primitive underlying this bug is splice(): it transfers data between file descriptors and pipes without copying, passing page cache pages by reference.

Excerpt limited to ~120 words for fair-use compliance. The full article is at LWN.net (Linux Weekly News).

Anonymous · no account needed
Share 𝕏 Facebook Reddit LinkedIn Threads WhatsApp Bluesky Mastodon Email

Discussion

0 comments

More from LWN.net (Linux Weekly News)

Why is Britain’s economy so stuck? It’s the tension between what voters want and what the bond markets allow | Larry Elliott
The Guardian — Politics·1
Supreme Court notice to Centre on plea to establish revenue judicial service for land disputes
The Hindu — Top·1
Carvana: In A Class Of Its Own With Furious Growth Rates
Seeking Alpha·1
Docebo: FY 2026 Looks Better, But Land-And-Expand Still Needs To Prove Itself
Seeking Alpha·1
Design Therapeutics, Inc. (DSGN) Q1 2026 Earnings Call Prepared Remarks Transcript
Seeking Alpha·1
‘We are not running away’: Jewish community in Golders Green defiant in face of fear after stabbing attack
The Independent·1