Your Web News in One Place

An Interest In:

Web News this Week

Search Archive

Some of Our Sources

View All Sources

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
May 13, 2020 02:45 pm

Huawei Denies Involvement in Buggy Linux Kernel Patch Proposal

Huawei denied on Monday having any official involvement in an insecure patch submitted to the Linux kernel project over the weekend; patch that introduced a "trivially exploitable" vulnerability. From a report: The buggy patch was submitted to the official Linux kernel project via its mailing list on Sunday. Named HKSP (Huawei Kernel Self Protection), the patch allegedly introduced a series of security-hardening options to the Linux kernel. Big tech companies that heavily use Linux in their data centers and online services, often submit patches to the Linux kernel. Companies like Google, Microsoft, Amazon, and others have been known to have contributed code. On Sunday, the HKSP submission sparked interest in the Linux community as could signal Huawei's wish to possibly contribute to the official kernel. Due to this, the patch came under immediate scrutiny, including from the developers of Grsecurity, a project that provides its own set of security-hardening patches for the Linux kernel. In a blog post published on the same day, the Grsecurity team said that it discovered that the HKSP patch was introducing a "trivially exploitable" vulnerability in the kernel code -- if the patch was to be approved.

Read more of this story at Slashdot.


Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/h_aiJT-lkgQ/huawei-denies-involvement-in-buggy-linux-kernel-patch-proposal

Share this article:    Share on Facebook
View Full Article

Slashdot

Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..

More About this Source Visit Slashdot