Google Boosts Bug Bounty Rewards for Linux Kernel Vulnerabilities

Source
Advertisement


Called kCTF, the program was launched in 2020 to provide security researchers with the means to report vulnerabilities in the Google Kubernetes Engine (GKE), for which they receive a flag.

“All of GKE and its dependencies are in scope, but every flag caught so far has been a container breakout through a Linux kernel vulnerability. We’ve learned that finding and exploiting heap memory corruption vulnerabilities in the Linux kernel could be made a lot harder,” Google notes.

Advertisement