Google to Pay Hackers $31,337 for Exploiting Patched Linux Kernel Flaws

Cyber Security

Products You May Like

Google on Monday announced that it will pay security researchers to find exploits using vulnerabilities, previously remediated or otherwise, over the next three months as part of a new bug bounty program to improve the security of the Linux kernel.

To that end, the company is expected to issue rewards worth $31,337 for exploiting privilege escalation in a lab environment for each patched vulnerability, an amount that can climb up to $50,337 for working exploits that take advantage of zero-day flaws in the kernel and other undocumented attack techniques.

Automatic GitHub Backups

Specifically, the program aims to uncover attacks that could be launched against Kubernetes-based infrastructure to defeat process isolation barriers (via NSJail) and break out of the sandbox to leak secret information.

The program is expected to last until January 31, 2022.

“It is important to note, that the easiest exploitation primitives are not available in our lab environment due to the hardening done on Container-Optimized OS,” Eduardo Vela of Google Bug Hunters Team said.

Prevent Data Breaches

The rewards program also exists in conjunction with Android’s VRP rewards, allowing researchers to demonstrate exploits that work on the mobile operating system, which could be eligible for up to $250,000 in bug bounties. More details about the contest can be found here.

Products You May Like

Articles You May Like

Top Smartphone Deals Under Rs. 20,000 During Amazon Prime Day Sale
Samsung Galaxy Z Fold6 and Z Flip6: Transforming the Foldable Experience With Galaxy AI
Nvidia rebounds after TSMC says AI chip demand remains strong
Amazon Prime Day: Top Deals on iPhone 15, iPhone 14, iPhone 13, and Other Models
WazirX Cryptocurrency Exchange Loses $230 Million in Major Security Breach

Leave a Reply

Your email address will not be published. Required fields are marked *