'Linux systems running kernels prior to 5.0.8 require patching after
news emerged of a high-severity flaw that could be remotely exploited.
According to the NIST advisory, CVE-2019-1181 is a race condition
affecting the kernel's rds_tcp_kill_sock in net/rds/tcp.c "leading to
a use-after-free, related to net namespace cleanup." The RDS bit
refers to systems running the Reliable Datagram Sockets (RDS) for the
TCP module, which means only systems that run applications using this
The attention-grabbing part is that this opens unpatched systems to
remote compromise and denial of service without the need for system
privileges or user interaction. On the other hand, the attack
complexity is described as 'high', and any such attack would need to
be launched from the local network.'
-- source: https://linux.slashdot.org/story/19/05/18/2122204
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174