LibreOffice Security Update Fixes Macro Execution Bypass and Potential Password Leaking
The developers of LibreOffice have released updates for the open source Office suite to patch three security issues.
Discover Security Vulnerabilities News
Linux x86 32-bit Is Vulnerable To Retbleed But Don't Expect It To Get Fixed
While relevant Intel and AMD processors have been mitigated for the recent Retbleed security vulnerability affecting older generations of processors, those mitigations currently just work for x86_64 kernels and will not work if running an x86 (32-bit) kernel on affected hardware. But it's unlikely to get fixed unless some passionate individual steps up as the upstream developers and vendors have long since moved on to just caring about x86_64.
Linux Lands Fix For A Trivial Lockdown Bypass Bug
Merged yesterday afternoon to the mainline Linux 5.19 Git kernel and set for back-porting is a fix for a new security bug. Oracle made public CVE-2022-21505 on Tuesday as a trivial bypass to the Linux kernel's lockdown mode.
Retbleed Fixed in Linux Kernel, Patch Delayed
Linus Torvalds says Retbleed has been addressed in the Linux kernel, but code complexity means the release will be delayed by a week to give more time for testing.
Torvalds: Linux Kernel Team Has Sorted Retbleed Chip Flaw
Linux kernel developers have addressed the Retbleed speculative execution bug in older Intel and AMD silicon, but the fix wasn't straightforward, so emperor penguin Linus Torvalds has delayed delivery of the next version by a week.
Pixel 6 and Galaxy S22 Affected by Major New Linux Kernel Vulnerability
A seemingly major vulnerability has been discovered by security researcher and Northwestern PhD student Zhenpeng Lin, affecting the kernel on the Pixel 6 and 6 Pro and other Android devices running Linux kernel versions based on 5.10 like the Galaxy S22 series. Precise details for how the vulnerability works have not yet been published, but the researcher claims that it can enable arbitrary read and write, privilege escalation, and disable SELinux security protections — in short, this is a biggie.
