According to bug hunter Simone Margaritelli, a critical unauthenticated RCE flaw affecting all GNU/Linux systems and possibly others has been disclosed, rated 9.9 on the CVSS scale.
While official details remain scarce, the flaw's severity, higher than Heartbleed's 7.5 rating, has been confirmed by Canonical and RedHat, giving security teams time to prepare.
Margaritelli expressed frustration over the disclosure process, emphasizing that software developers must take responsibility for flaws in their products, particularly when they affect widely used systems.
Margaritelli plans to release a proof-of-concept exploit and more technical information about this new 'doomsday' flaw by September 30, with no CVE currently assigned.
Collection
[
|
...
]