Retbleed Fixed in Linux Kernel, Patch Delayed
Linus Torvalds says Retbleed has been addressed in the Linux kernel, but code complexity means the release will be delayed by a week to give more time for testing.
Discover Security Vulnerabilities News
Torvalds: Linux Kernel Team Has Sorted Retbleed Chip Flaw
Linux kernel developers have addressed the Retbleed speculative execution bug in older Intel and AMD silicon, but the fix wasn't straightforward, so emperor penguin Linus Torvalds has delayed delivery of the next version by a week.
Pixel 6 and Galaxy S22 Affected by Major New Linux Kernel Vulnerability
A seemingly major vulnerability has been discovered by security researcher and Northwestern PhD student Zhenpeng Lin, affecting the kernel on the Pixel 6 and 6 Pro and other Android devices running Linux kernel versions based on 5.10 like the Galaxy S22 series. Precise details for how the vulnerability works have not yet been published, but the researcher claims that it can enable arbitrary read and write, privilege escalation, and disable SELinux security protections — in short, this is a biggie.
Hacking Linux is Easy with PwnKit
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added PwnKit as a high-severity Linux vulnerability to its list of actively exploited bugs.
Microsoft Azure FabricScape Bug Let Hackers Hijack Linux Clusters
Microsoft has fixed a container escape bug dubbed FabricScape in the Service Fabric (SF) application hosting platform that let threat actors escalate privileges to root, gain control of the host node, and compromise the entire SF Linux cluster.
CISA Sounds the Alarm Over High-Severity Bug in All Major Linux Distros
A high-severity Linux vulnerability capable of granting abusers root access to target endpoints is being exploited in the wild, researchers have warned.
Ubuntu Users Get a Massive Linux Kernel Update, 35 Security Vulnerabilities Patched
Today, Canonical published new Linux kernel security updates for all supported Ubuntu releases and it looks like it’s a massive update that addresses more than 30 security vulnerabilities.
Linux Botnets Now Exploit Critical Atlassian Confluence Bug
Several botnets are now using exploits targeting a critical remote code execution (RCE) vulnerability to infect Linux servers running unpatched Atlassian Confluence Server and Data Center installs.
VirtualBox On Linux Affected By Security Vulnerability Leaking Host Data To Guests
Security researcher Jason Donenfeld who is known for leading the development of the WireGuard open-source software has outlined a new security vulnerability affecting the Oracle VM VirtualBox software.
Microsoft: Sysrv botnet targets Windows, Linux servers with new exploits
Microsoft says the Sysrv botnet is now exploiting vulnerabilities in the Spring Framework and WordPress to ensnare and deploy cryptomining malware on vulnerable Windows and Linux servers.
