The local privilege escalation vulnerability in the Linux Kernel was reported by Redhat, and its CVE code is 2022-3977. The problem is that the most recent Linux kernel upstream contains a use-after-free vulnerability called mctp sk unhash that may be exploited to elevate privileges to root.
You might have heard that the VENOM vulnerability might be worse than Heartbleed, but is that true? What is VENOM? What can you do about it.
Microsoft Patch Tuesday updates for November 2022 addressed 64 vulnerabilities, including six actively exploited zero-days.
Made public earlier this year was Spectre-BHB / BHI as a speculative execution vulnerability similar to Spectre V2 and affecting Intel and Arm CPUs.
Yesterday, we wrote about the waited-for-with-bated-breath OpenSSL update that attracted many column-kilometres of media attention last week.
Canonical published today the first Linux kernel security update for its recently released Ubuntu 22.10 (Kinetic Kudu) operating system series to address recently discovered Wi-Fi Stack security vulnerabilities.
SecurityWeek reports that federal agencies have been ordered by the Cybersecurity and Infrastructure Security Agency to remediate within three weeks a Linux kernel bug, tracked as CVE-2021-3493, which has been added to the agency's Known Exploited Vulnerabilities Catalog following active exploitation by the new stealthy Linux malware Shikitega.
Users of the Debian GNU/Linux and Ubuntu Linux distributions received important kernel security updates that address multiple vulnerabilities discovered by various security researchers.
Linux’s Wi-Fi code has some nasty bugs, which can be exploited simply by being near an attacker. Remote code execution is a possibility—no need to actually connect to a malicious Wi-Fi network.
Canonical has released new Linux kernel security patches for all supported Ubuntu releases to address various security vulnerabilities discovered in the upstream kernel packages.
A security investigator has discovered three new code execution flaws in the Linux kernel that might be exploited by a local or external adversary to take control of the vulnerable computers and run arbitrary code.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added half a dozen vulnerabilities to its catalog of Known Exploited Vulnerabilities and is ordering federal agencies to follow vendor’s instructions to fix them.
Google Chrome users on Windows, Mac, and Linux need to install the latest update to the browser to protect themselves from a serious security vulnerability that hackers are actively exploiting.
Microsoft Azure customers running Canonical's Ubuntu 18.04 (aka Bionic Beaver) in the cloud have seen their applications fail after a flawed security update to systemd broke DNS queries.
Researchers have revealed details about a long-standing security vulnerability that has been active in the Linux kernel for over eight years. The cybersecurity analysts from Northwestern University (Zhenpeng Lin, Yuhang Wu, and Xinyu Xing) described it as:- “As Nasty As Dirty Pipe”.
A new Linux kernel exploitation called Dirty Cred was revealed at last week’s Black Hat security conference.
British Linux distributor Canonical is releasing security updates to the Linux kernel for Ubuntu 22.04 LTS (“Jammy Jellyfish”) and Ubuntu 20.04 LTS (“Focal Fossa”), patching vulnerabilities in its operating systems. The vulnerabilities fixed could lead to a Denial of Service (DOS) lead.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw in the UnRAR utility to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
The developers of LibreOffice have released updates for the open source Office suite to patch three security issues.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
