"Linux would have prevented this!" literally true because my former colleague KP Singh wrote a kernel security module that lets EDR implementations load ebpf into the kernel to monitor and act on security hooks and Crowdstrike now uses that rather than requiring its own kernel module that would otherwise absolutely have allowed this to happen, so everyone please say thank you to him
It is time we realize and accept that there can never be a single nor objective criticality score for a CVE.
I just wrote a blog post about how to use the new counted_by attribute in C and the Linux kernel. I've been mentioning this attribute in my presentations over the past year, and I thought it was about time to write about it. So, here you go:
"How to use the new counted_by attribute in C (and Linux)"
https://embeddedor.com/blog/2024/06/18/how-to-use-the-new-counted_by-attribute-in-c-and-linux/
I hope you find it useful. Thanks!
Kernel Self-Protection Project β π‘ π§
@camdoncady @dangoodin @gregkh @kurtseifried @Di4na I cover that and many other things in this blog post
https://opensourcesecurity.io/2024/06/03/why-are-vulnerabilities-out-of-control-in-2024/
Over vorige post, je kan ook zeggen dat het kabinet "geen grip heeft op de migratie" (naar de cloud). https://berthub.eu/articles/posts/de-hele-overheid-naar-de-cloud-dat-is-een-politiek-besluit/
Of course it has. CVE identifiers have been misinterpreted/misused/misunderstood this way for years.