GoKawiilismagilov/iStock/Getty Images Plus
Follow ZDNET: Add us as a preferred source on Google.
ZDNET's key takeaways
Another day, another Linux bug.
There is a patch out now.
However, it's not available yet in most distros.
Linux's latest kernel flaw doesn't have a fancy name; it's just called "ssh‑keysign‑pwn." It's the fourth high‑profile local security hole to hit Linux in just a few weeks. This one enables ordinary users to quietly read some of the most sensitive files on a system, including Secure Shell (SSH) host private keys and the shadow password file.
The vulnerability gets its "ssh‑keysign‑pwn" nickname from one of the main exploitation paths: abusing OpenSSH's ssh-keysign helper binary. Keysign -keysign is used for host‑based authentication and typically runs setuid root, opening the system's SSH host keys before dropping privileges to complete its work.
Also: The third major Linux kernel flaw in two weeks has been found - thanks to AI
Just what we needed. Another annoying and potentially dangerous Linux bug.
... continue reading