Home / Security flaw detected in Linux; fix available

Security flaw detected in Linux; fix available

Early this week, a bug was discovered in a software compression library called zlib that is used by most Linux distributions. But a fix has also been released.

A flaw reported in most Linux distributions and open-source operating systems gave open-source advocates yet another opportunity to prove how well their “free” system worked. Early this week, an engineer at Red Hat chanced upon a bug on a software compression library called zlib, used by most Linux distributions, and there were concerns that it would make systems vulnerable to attack from crackers. However, a fix also became immediately available from Red Hat.

“Normally, in an open source community any bug that is identified doesn’t cause any panic because a fix is immediately released,” assured GSC Prabhakar, CEO of GoldenSun Internet and Consulting Research.

Known as a "double-free vulnerability," the software bug causes programmes that use zlib to behave unpredictably when a malicious programme tries to free memory more than once. Programmes do not try to free memory repeatedly except by accident or unless forced by an outside party. “However, there have been no reports of any user’s security being compromised,” clarified Yahya Kassab, business development manager, Red Hat Middle East.

Follow us to get the most comprehensive technology news in UAE delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.