A recently resolved vulnerability in the Linux kernel that had the potential to allow an attacker to gain privilege escalation or cause denial of service went undiscovered for seven years.
Positive Technologies expert, Alexander Popov, found a race condition in the n_hdlc driver that leads to double-freeing of kernel memory. This Linux kernel flaw might be exploited for privilege escalation in the operating system. The (CVE-2017-2636) bug was evaluated as dangerous with a CVSS v3 score of 7.8, towards the higher end of the scale which runs from 1-10.
The Linux team has patched a "dangerous" vulnerability in the Linux kernel that allowed attackers to elevate their access rights and crash affected systems.
The security issue, tracked as CVE-2017-2636, existed in the Linux kernel for the past seven years, after being introduced in the code in 2009.