jwhyche (Slashdot reader #6,192) shared this article from Sophos:
Linux systems running kernels prior to 5.0.8 require patching after news emerged of a high-severity flaw that could be remotely exploited.
According to the NIST advisory, CVE-2019-1181 is a race condition affecting the kernel’s rds_tcp_kill_sock in net/rds/tcp.c “leading to a use-after-free, related to net namespace cleanup.” The RDS bit refers to systems running the Reliable Datagram Sockets (RDS) for the TCP module, which means only systems that run applications using this are affected.
The attention-grabbing part is that this opens unpatched systems to remote compromise and denial of service without the need for system privileges or user interaction. On the other hand, the attack complexity is described as ‘high’, and any such attack would need to be launched from the local network.
of this story at Slashdot.
Source:: Slashdot