Security Vulnerabilities - Page 9

Discover Security Vulnerabilities News

What Is Linux Patching?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Anytime you upgrade software, you risk something breaking. This is the nature of the IT beast. The purpose of patches is usually to fix a bug or, worse, a security vulnerability.

Brittany Day
Nov 30, 2022

Use After Free Vulnerability in Linux Kernel Allows Privilege Escalation. Patch Your Kernel

Redhat has just just published a risk advisory about a vulnerability in the Linux Kernel that allows for local privilege escalation. This vulnerability is tracked as CVE-2022-3910 (CVSS score: 7.4).

Brittany Day
Nov 27, 2022

Samba Patches Vulnerability That Can Lead to DoS, Remote Code Execution

Samba this week released patches for an integer overflow vulnerability that could potentially lead to arbitrary code execution.

Brittany Day
Nov 18, 2022

Canonical Releases New Ubuntu Linux Kernel Security Updates to Fix 16 Vulnerabilities

Canonical has released a new Linux kernel security updates for all supported Ubuntu LTS releases to address up to 16 vulnerabilities discovered by various security researchers.

Brittany Day
Nov 17, 2022

Critical Local Privilege Escalation Vulnerability in Linux kernel. Patch immediately

The local privilege escalation vulnerability in the Linux Kernel was reported by Redhat, and its CVE code is 2022-3977. The problem is that the most recent Linux kernel upstream contains a use-after-free vulnerability called mctp sk unhash that may be exploited to elevate privileges to root.

Brittany Day
Nov 16, 2022

What Is the VENOM Vulnerability and How Can You Protect Yourself From It?

You might have heard that the VENOM vulnerability might be worse than Heartbleed, but is that true? What is VENOM? What can you do about it.

Brittany Day
Nov 11, 2022

Microsoft Patch Tuesday Updates Fix 6 Actively Exploited Zero-Days

Microsoft Patch Tuesday updates for November 2022 addressed 64 vulnerabilities, including six actively exploited zero-days.

Brittany Day
Nov 09, 2022

AmpereOne Getting Mitigated Against Spectre-BHB With Linux 6.2

Made public earlier this year was Spectre-BHB / BHI as a speculative execution vulnerability similar to Spectre V2 and affecting Intel and Arm CPUs.

Brittany Day
Nov 09, 2022

The OpenSSL Security Update Story – How Can You Tell What Needs Fixing?

Yesterday, we wrote about the waited-for-with-bated-breath OpenSSL update that attracted many column-kilometres of media attention last week.

Brittany Day
Nov 04, 2022

Ubuntu 22.10 Gets First Kernel Security Update to Address Recent Wi-Fi Stack Vulnerabilities

Canonical published today the first Linux kernel security update for its recently released Ubuntu 22.10 (Kinetic Kudu) operating system series to address recently discovered Wi-Fi Stack security vulnerabilities.

Brittany Day
Oct 28, 2022

CISA: Urgent Patching Needed for Actively Exploited Linux Kernel Flaw

SecurityWeek reports that federal agencies have been ordered by the Cybersecurity and Infrastructure Security Agency to remediate within three weeks a Linux kernel bug, tracked as CVE-2021-3493, which has been added to the agency's Known Exploited Vulnerabilities Catalog following active exploitation by the new stealthy Linux malware Shikitega.

Brittany Day
Oct 25, 2022

Debian and Ubuntu Users Get Kernel Security Updates to Fix Recent Wi-Fi Stack Flaws

Users of the Debian GNU/Linux and Ubuntu Linux distributions received important kernel security updates that address multiple vulnerabilities discovered by various security researchers.

Brittany Day
Oct 20, 2022

Linux Fixes 5 Gaping Holes in Wi-Fi

Linux’s Wi-Fi code has some nasty bugs, which can be exploited simply by being near an attacker. Remote code execution is a possibility—no need to actually connect to a malicious Wi-Fi network.

Brittany Day
Oct 15, 2022

New Ubuntu Linux Kernel Security Updates Fix 16 Vulnerabilities, Patch Now

Canonical has released new Linux kernel security patches for all supported Ubuntu releases to address various security vulnerabilities discovered in the upstream kernel packages.

Brittany Day
Oct 11, 2022

3 Critical Malicious Code Execution Vulnerabilities In Linux Kernel

A security investigator has discovered three new code execution flaws in the Linux kernel that might be exploited by a local or external adversary to take control of the vulnerable computers and run arbitrary code.

Brittany Day
Oct 09, 2022

Alert: 15-year-old Python tarfile Flaw Lurks in 'Over 350,000' Code Projects

Oh cool, a 5,500-day security hole

Brittany Day
Sep 30, 2022

CISA Orders Agencies to Patch Vulnerability Used in Stuxnet Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added half a dozen vulnerabilities to its catalog of Known Exploited Vulnerabilities and is ordering federal agencies to follow vendor’s instructions to fix them.

Brittany Day
Sep 19, 2022

Google Chrome’s Latest Update Has a Security Fix You Should Install ASAP

Google Chrome users on Windows, Mac, and Linux need to install the latest update to the browser to protect themselves from a serious security vulnerability that hackers are actively exploiting.

Brittany Day
Sep 14, 2022

Ubuntu Linux 18.04 systemd Security Patch Breaks DNS in Microsoft Azure

Microsoft Azure customers running Canonical's Ubuntu 18.04 (aka Bionic Beaver) in the cloud have seen their applications fail after a flawed security update to systemd broke DNS queries.

Brittany Day
Sep 01, 2022

8-Year-Old Linux Kernel Bug ‘No Pipe but as Nasty as Dirty Pipe’ Found

Researchers have revealed details about a long-standing security vulnerability that has been active in the Linux kernel for over eight years. The cybersecurity analysts from Northwestern University (Zhenpeng Lin, Yuhang Wu, and Xinyu Xing) described it as:- “As Nasty As Dirty Pipe”.

Brittany Day
Aug 26, 2022

Security Vulnerabilities - Page 9

Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns

Easily Exploitable 10-Year-Old needrestart Utility Flaws Allow Root Access

7-Zip Users Beware: Urgent Update Needed to Fix Code Execution Security Flaw