Security Vulnerabilities - Page 10

Discover Security Vulnerabilities News

New Linux Exploit ‘Dirty Cred’ Revealed at Black Hat

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A new Linux kernel exploitation called Dirty Cred was revealed at last week’s Black Hat security conference.

Brittany Day
Aug 18, 2022

Ubuntu 22.04 LTS and 20.04 LTS: Canonical Releases Kernel Security Updates

British Linux distributor Canonical is releasing security updates to the Linux kernel for Ubuntu 22.04 LTS (“Jammy Jellyfish”) and Ubuntu 20.04 LTS (“Focal Fossa”), patching vulnerabilities in its operating systems. The vulnerabilities fixed could lead to a Denial of Service (DOS) lead.

Brittany Day
Aug 15, 2022

CISA Issues Warning on Active Exploitation of UnRAR Software for Linux Systems

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw in the UnRAR utility to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

Brittany Day
Aug 11, 2022

LibreOffice Security Update Fixes Macro Execution Bypass and Potential Password Leaking

The developers of LibreOffice have released updates for the open source Office suite to patch three security issues.

Brittany Day
Jul 29, 2022

Linux x86 32-bit Is Vulnerable To Retbleed But Don't Expect It To Get Fixed

While relevant Intel and AMD processors have been mitigated for the recent Retbleed security vulnerability affecting older generations of processors, those mitigations currently just work for x86_64 kernels and will not work if running an x86 (32-bit) kernel on affected hardware. But it's unlikely to get fixed unless some passionate individual steps up as the upstream developers and vendors have long since moved on to just caring about x86_64.

Brittany Day
Jul 24, 2022

Linux Lands Fix For A Trivial Lockdown Bypass Bug

Merged yesterday afternoon to the mainline Linux 5.19 Git kernel and set for back-porting is a fix for a new security bug. Oracle made public CVE-2022-21505 on Tuesday as a trivial bypass to the Linux kernel's lockdown mode.

Brittany Day
Jul 21, 2022

Retbleed Fixed in Linux Kernel, Patch Delayed

Linus Torvalds says Retbleed has been addressed in the Linux kernel, but code complexity means the release will be delayed by a week to give more time for testing.

Brittany Day
Jul 19, 2022

Torvalds: Linux Kernel Team Has Sorted Retbleed Chip Flaw

Linux kernel developers have addressed the Retbleed speculative execution bug in older Intel and AMD silicon, but the fix wasn't straightforward, so emperor penguin Linus Torvalds has delayed delivery of the next version by a week.

Brittany Day
Jul 19, 2022

Pixel 6 and Galaxy S22 Affected by Major New Linux Kernel Vulnerability

A seemingly major vulnerability has been discovered by security researcher and Northwestern PhD student Zhenpeng Lin, affecting the kernel on the Pixel 6 and 6 Pro and other Android devices running Linux kernel versions based on 5.10 like the Galaxy S22 series. Precise details for how the vulnerability works have not yet been published, but the researcher claims that it can enable arbitrary read and write, privilege escalation, and disable SELinux security protections — in short, this is a biggie.

Brittany Day
Jul 07, 2022

Hacking Linux is Easy with PwnKit

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added PwnKit as a high-severity Linux vulnerability to its list of actively exploited bugs.

Brittany Day
Jul 05, 2022

Microsoft Azure FabricScape Bug Let Hackers Hijack Linux Clusters

Microsoft has fixed a container escape bug dubbed FabricScape in the Service Fabric (SF) application hosting platform that let threat actors escalate privileges to root, gain control of the host node, and compromise the entire SF Linux cluster.

Brittany Day
Jul 01, 2022

CISA Sounds the Alarm Over High-Severity Bug in All Major Linux Distros

A high-severity Linux vulnerability capable of granting abusers root access to target endpoints is being exploited in the wild, researchers have warned.

Brittany Day
Jun 30, 2022

Ubuntu Users Get a Massive Linux Kernel Update, 35 Security Vulnerabilities Patched

Today, Canonical published new Linux kernel security updates for all supported Ubuntu releases and it looks like it’s a massive update that addresses more than 30 security vulnerabilities.

Brittany Day
Jun 11, 2022

Linux Botnets Now Exploit Critical Atlassian Confluence Bug

Several botnets are now using exploits targeting a critical remote code execution (RCE) vulnerability to infect Linux servers running unpatched Atlassian Confluence Server and Data Center installs.

Brittany Day
Jun 09, 2022

VirtualBox On Linux Affected By Security Vulnerability Leaking Host Data To Guests

Security researcher Jason Donenfeld who is known for leading the development of the WireGuard open-source software has outlined a new security vulnerability affecting the Oracle VM VirtualBox software.

Brittany Day
May 23, 2022

Microsoft: Sysrv botnet targets Windows, Linux servers with new exploits

Microsoft says the Sysrv botnet is now exploiting vulnerabilities in the Spring Framework and WordPress to ensnare and deploy cryptomining malware on vulnerable Windows and Linux servers.

Brittany Day
May 17, 2022

Debian GNU/Linux 11 Users Get a Massive Linux Kernel Security Update, Patch Now

The Debian Project has published a massive Linux kernel security update for its Debian GNU/Linux 11 “Bullseye” operating system series to address 19 security vulnerabilities discovered by various security researchers in the upstream Linux 5.10 LTS kernel, which may lead to a privilege escalation, denial of service or information leaks.

Brittany Day
May 06, 2022

Microsoft warns: These flaws could give attackers root privileges on Linux desktops

Microsoft has discovered flaws that could be combined to gain root privileges on Linux systems.

Brittany Day
Apr 29, 2022

Some Lenovo laptops may be carrying a serious security flaw

Hundreds of Lenovo models are vulnerable to three major flaws.

Brittany Day
Apr 21, 2022

Linux secure networking security bug found and fixed

An obnoxious security bug discovered in Linux's IPSec secure networking program has now been fixed.

Brittany Day
Apr 04, 2022

Security Vulnerabilities - Page 10

Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns

Easily Exploitable 10-Year-Old needrestart Utility Flaws Allow Root Access

7-Zip Users Beware: Urgent Update Needed to Fix Code Execution Security Flaw