The ‘grinch’ isn’t a Linux vulnerability, Red Hat says

The “grinch” Linux vulnerability that Alert Logic raised alarms about Tuesday is not a vulnerability at all, according to Red Hat.

“This report incorrectly classifies expected behavior as a security issue,” said a Red Hat bulletin issued Wednesday, responding to Alert Logic’s claims.

Security firm Alert Logic Tuesday claimed that grinch could be as severe as the Heartbleed bug and that it’s a serious design flaw in how Linux systems handle user permissions, which could allow malicious attackers to gain root access to a machine.

To read this article in full or to leave a comment, please click here