Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution May 13, 2019 https://www.bleepingcomputer.com/ne...r-to-508-vulnerable-to-remote-code-execution/
I'm curious, what prevents this vulnerability from being exploited? Does Firejail prevent it? AppArmor? SELinux? Or is patching the only solution?
Kernel exploits usually cannot be stopped by security software. However, this exploit is not much of an issue: 1 It was patched already in March for older kernels (the newest kernel is not vulnerable) 2 It is a difficult exploit to pull off, so home users need not worry 3 No actual cases in the wild have been reported.
Seccomp may prevent locally running programs from exploiting some kernel vulnerabilities by restricting access to some kernel syscalls. This is not the case for remote kernel code execution, though. But a lot of distributions were not patched at time of CVE announcement.