Fellow Linux admins -
Another week, two more high-severity type confusion flaws within the V8 JavaScript engine in Chrome and browsers based on Chromium. Not a time to get complacent, though.
Type confusion flaws make it possible for attackers to take control of your system, inject malicious code to steal sensitive data, corrupt vital information, or even bring down connections across networks. For Linux users, the stakes are particularly high, from interrupted business operations and financial losses to compromised personal data and loss of client trust.
Read on for info on how you can update your system against these threats and more on the tools Google is using and developing to identify these vulnerabilities more quickly.
You'll also learn about a critical CUPS flaw that could result in unauthorized access and data theft through system takeover, disrupting essential infrastructure services reliant on Linux systems.
If you found value in today’s newsletter, please share it with your friends! Do you have a Linux security-related topic you'd like to cover for our audience? We welcome contributions from passionate, insightful community members who share our love for Linux and security!
Stay safe out there,
ChromiumThe DiscoveryTwo high-severity Type Confusion bugs have been found in Chromium (CVE-2024-9602 and CVE-2024-9603). |
CUPSThe DiscoveryIt was recently discovered that CUPS contains a critical vulnerability that allows remote attackers to gain entry and take control of devices remotely. This vulnerability is tracked as CVE-2024-47076 (libcupsfilters), CVE-2024-47175 (libppd), CVE-2024-47176 (cups-browsed) and CVE-2024-47177 (cups-filters). |
