Fellow Linux admins-
We've all come to expect to use our browsers for virtually everything these days, including video chat and even file sharing, but with that flexibility comes inherent security risks. Attackers can exploit these features to execute malicious code, obtain sensitive information or disrupt service. How are they doing that and how you can protect yourself?
Central to this communication technology is webRTC, a protocol was created more than a decade ago and has become the primary method for peer-to-peer communications within web browsers and mobile apps. Because it is so closely connected to every part of our browsers, when there is a vulnerability, it's usually a big deal.
That's why it's no surprise this high-risk Chrome vulnerability allows remote attackers to simply craft an HTML page and get you to visit it to be able to compromise your desktop. Read on for more on what you need to do now to prevent it.
Want to know more about webRTC and Chrome vulnerabilities? Let us know at @lnxsec and I'll write up something to share my 30 years of Linux security experience.
You'll also learn about an an 18-year-old X.Org local privilege escalation vulnerability that could enable attackers to steal sensitive data, disrupt services, and manipulate affected systems for personal and financial gain.
If you found value in today’s newsletter, please share it with your friends! Do you have a Linux security-related topic you'd like to cover for our audience? We welcome contributions from passionate, insightful community members who share our love for Linux and security!
Stay safe out there,
ChromiumThe DiscoveryTwo significant Chromium vulnerabilities have been discovered impacting Google Chrome users worldwide. These bugs include an out-of-bounds write in the Dawn system and a use-after-free issue in the WebRTC component. |
X.OrgThe DiscoveryX.Org, one of the most common Linux display servers, has disclosed an 18-year-old local privilege escalation vulnerability within its code base since 2006. |
