The local privilege escalation vulnerability in the Linux Kernel was reported by Redhat, and its CVE code is 2022-3977. The problem is that the most recent Linux kernel upstream contains a use-after-free vulnerability called mctp sk unhash that may be exploited to elevate privileges to root.
You might have heard that the VENOM vulnerability might be worse than Heartbleed, but is that true? What is VENOM? What can you do about it.
Microsoft Patch Tuesday updates for November 2022 addressed 64 vulnerabilities, including six actively exploited zero-days.
Made public earlier this year was Spectre-BHB / BHI as a speculative execution vulnerability similar to Spectre V2 and affecting Intel and Arm CPUs.
Yesterday, we wrote about the waited-for-with-bated-breath OpenSSL update that attracted many column-kilometres of media attention last week.
Canonical published today the first Linux kernel security update for its recently released Ubuntu 22.10 (Kinetic Kudu) operating system series to address recently discovered Wi-Fi Stack security vulnerabilities.
SecurityWeek reports that federal agencies have been ordered by the Cybersecurity and Infrastructure Security Agency to remediate within three weeks a Linux kernel bug, tracked as CVE-2021-3493, which has been added to the agency's Known Exploited Vulnerabilities Catalog following active exploitation by the new stealthy Linux malware Shikitega.
