Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 42 articles for you...
210
security advisoryprivilege escalationaccess controlSamba AD: CVE-2023-3961 critical: privilege escalation threat overview
Recent research on Samba Active Directory (AD) implementations has revealed a critical vulnerability that allows attackers to gain elevated privileges and seize control of entire domains. Dubbed CVE-2023-3961 , this flaw affects Samba versions 4.13.0 and later configured as AD Domain Controllers, earning it a CVSS v3 score of 7.5 as it represents an imminent danger for administrators responsible for these environments. Admins must take immediate measures to protect themselves and secure their AD environments against further exploitation by malicious actors. . This article will guide you through the urgent steps necessary for applying the required patches and monitoring administrator accounts. I'll also offer long-term strategies for enforcing security principles, conducting regular audits, and implementing robust access controls. Let's begin by understanding how this Samba flaw works. Understanding How This Vulnerability Works This vulnerability lies in how Samba manages access controls for newly created objects within Active Directory. A delegated administrator with permission to create objects can write all attributes about said new object - including security-sensitive ones - regardless of their security configuration settings. As soon as a new object is created, its administrator is recognized as its creator-owner due to a lack of Access Control Lists (ACLs) at creation time. As a result, they retain extensive rights over their subsequent stewardship, leading to unintended privilege escalation or potentially even modification by malicious actors who could use this design flaw to modify sensitive attributes and raise their privileges within a domain. Security researchers at Red Hat observed that this design flaw could enable unauthorized users to have extensive rights over an object after its creation. Security researchers noted this design flaw as allowing malicious actors access rights to modify sensitive attributes in a given object's context. At its worst, an attacker could exploitthese excessive permissions to gain control of an entire Active Directory infrastructure and pose significant security threats to organizations. Examining the Impact of This Flaw John Smith of InfoSec Partners emphasizes the severity of this flaw by noting that it gives delegated admins far more power than intended. Once an attacker gains access to your domain and escalates their privileges, they could take unwarranted actions such as adding or removing users, changing policies, or even shutting down an entire network. Though this vulnerability has grave consequences, it's essential to note that it only impacts Samba when used as an Active Directory Domain Controller. Samba file server installations and domain member servers remain unaffected. Furthermore, major Linux distributions that do not ship Samba with AD Domain Controller capabilities - like Red Hat Enterprise Linux - remain immune from it. Who Is at Risk? Organizations using Samba AD in production environments are particularly at risk from this vulnerability. These include small businesses that depend on Samba for network resource management and larger enterprises with more complex IT systems. Because the potential impact is so great, affected organizations must act swiftly to safeguard their systems from further risk. Practical Mitigation Advice for Administrators Administrators looking to reduce risks and maintain the security of Samba Active Directory environments should take immediate and long-term actions to protect them. Applying patches —available as versions 4.18.3, 4.17.9, and 4.16.113—to address a known vulnerability is paramount. Monitoring delegated administrator accounts closely so access restrictions remain at an appropriate level is also crucial if patching cannot be immediately implemented. Long-term strategies should follow the principle of least privilege to ensure users only possess access necessary for their roles, thus decreasing any risks of privilege escalation. Conducting regular audits of ActiveDirectory permissions is recommended to detect and eliminate any overly permissive configurations as part of an effort to maintain a secure environment. Ensuring appropriate security hygiene is paramount, including timely patching of all software and systems to address known vulnerabilities. Furthermore, setting up comprehensive access controls to limit access to only authorized individuals is significant in safeguarding sensitive data and critical systems. Security audits should also be undertaken regularly to identify and address potential weaknesses before they can be exploited. Our Final Thoughts on Addressing This Critical Threat CVE-2023-3961 highlights the difficulties of managing IT security infrastructures. Patching can help address such vulnerabilities quickly and strategically. Organizations should take immediate steps to secure their systems by regularly auditing environments, monitoring user activities closely, and following best practices for access control. In doing so, they can protect networks from potential compromise and ensure continuity and protection of critical operations. Are you impacted by this Samba bug? Have you patched your systems? Reach out to us @lnxsec and let us know! . Stay ahead of cyber threats with this guide for timely Samba AD patch deployments and security enhancements to safeguard your network infrastructure. Samba Active Directory, privilege management, access control guidelines, security audits, patch management. . Brittany Day
Nov 19, 2024
•
Security Vulnerabilities
210
security advisorysecurity issueremote code executionCUPS: 2024-47176 critical: Remote Code Execution Risk Advisory
CUPS, or the Common Unix Printing System , is an open-source printing system widely utilized on Unix-like operating systems such as Linux, BSDs, and macOS. CUPS acts as an open-source print server, allowing a computer to become an effective print server while managing print jobs and queues and providing a standardized interface for printing services. . It was recently discovered that CUPS contains a critical vulnerability that allows remote attackers to gain entry and take control of devices remotely. Furthermore, this issue could allow unauthenticated remote code execution, meaning an attacker could gain control without prior authentication of affected systems. Let's take a closer look at this critical flaw that could lead to data theft and hijacking of affected systems. I'll then share measures you should be taking to ensure your systems and your sensitive information are secure. Understanding This Critical CUPS Flaw Simone Margaritelli disclosed this vulnerability, which was identified as affecting most Linux distributions, some BSD variants, Google ChromeOS, Oracle's Solaris, and potentially other systems where CUPS is used. The main issue is related to the cups-browsed service. The vulnerability, tracked as CVE-2024-47076 (libcupsfilters), CVE-2024-47175 (libppd), CVE-2024-47176 (cups-browsed) and CVE-2024-47177 (cups-filters), allows a remote, unauthenticated attacker to exploit CUPS via network access in the following way: Access Point: The main entry point is UDP port 631, which CUPS uses for incoming print jobs and administrative tasks. Spoofing Mechanism: If direct access to port 631 is unavailable, attackers might use spoofing techniques involving zeroconf, mDNS, or DNS-SD advertisements. Command Execution: By exploiting this vulnerability, an attacker can silently replace existing printers' IPP URLs with malicious ones or install new printers. When a print job is queued, the malicious URL triggers arbitrary command execution, granting the attackercontrol over the system. This can be particularly dangerous when printing services are exposed to the local network or the internet. What Is the Impact of This Vulnerability? This vulnerability has an estimated CVSS severity score of 9.9 out of 10, which indicates high impact and low complexity to exploit. Its scope of impact is wide-reaching, potentially impacting hundreds of thousands of devices exposed to the internet, including most Linux distributions, certain BSDs, ChromeOS Solaris systems, and systems using CUPS printers. If successful exploitation occurs, consequences could include anything from unauthorized access and data theft through system takeover to disrupting essential infrastructure services reliant on Linux systems. Protection Measures for Users & Admins Does this critical flaw impact your systems? If so, don't stress! To mitigate this security risk, users and administrators should immediately implement the mitigation strategies discussed below. Disable and Remove cups-browsed: Disable the cups-browsed service if it's not needed. Remove the cups-browsed package if it's not required. sudo systemctl stop cups-browsed sudo systemctl disable cups-browsed sudo apt-get remove --purge cups-browsed Update CUPS Installation: Regularly check for updates to CUPS and apply security patches released by your distro(s). sudo apt-get update sudo apt-get upgrade cups Network Configuration: Block access to UDP port 631 using firewall rules to prevent exposure to the network/internet. Consider blocking DNS-SD traffic if it's not needed. sudo ufw deny 631/udp Monitor for Further Guidance: Follow security bulletins and advisories from your OS maintainers and CUPS developers to stay updated with new information about this vulnerability and additional protective measures. Assess Your Risk: Evaluate how exposed your systems are to this vulnerability. Systems that are firewalling CUPS or do not havecups-browsed installed are likely secure from this issue. Our Final Thoughts on This Severe CUPS Flaw These recently disclosed vulnerabilities in CUPS pose a severe security threat to devices running Unix-like operating systems. Admins must take swift action to mitigate this threat by disabling unnecessary services, updating software, and restricting network access. These steps will help protect your systems against remote hijacking attacks, data theft, and other damaging attacks. . Severe CUPS flaw enables remote code execution, posing threats of data breach and system takeover on Linux platforms.. CUPSVulnerability,RemoteExploit,SystemHijacking,CUPSUpdate. . Brittany Day
Oct 01, 2024
•
Security Vulnerabilities
210
security advisoryremote code executionpatch managementGoogle Chrome 124 Critical Security Update: Risks and Impact on Linux
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw enabling remote attackers to execute arbitrary code, potentially resulting in data loss or full system compromise. The Google Stable channel has been updated to 124.0.6367.78 for Linux, mitigating these dangerous bugs. To help you safeguard your critical Linux systems and sensitive data, let's examine the flaws found in Chrome and Chromium - its open-source foundation, their security implications, and the importance of patching to secure your systems. . What Vulnerabilities Have Been Discovered & Fixed in Google Chrome? A critical Type Confusion vulnerability has been found in the ANGLE graphics layer engine ( CVE-2024-4058 ). This flaw allows attackers to remotely execute arbitrary code or perform sandbox escapes, which can result in unauthorized access, data loss, corruption, or complete system compromise. This presents a significant threat to user privacy and information security. This vulnerability was discovered by Toan (suto) Pham and Bao (zx) Pham of Qrious Secure. As a result, Google awarded them a $16,000 bounty. This raises questions about the effectiveness of Google's bounty program and whether the rewards are proportionate to the severity of the flaws discovered. It also highlights the role of ethical hacking and bug bounty programs in identifying and patching vulnerabilities. Another high-severity vulnerability identified is an out-of-bounds read in the V8 API ( CVE-2024-4059 ), also addressed in this update. However, Google Chrome withheld information regarding the reward for this issue. This lack of transparency raises concerns about how rewards are assigned in bug bounty programs and whether specific vulnerabilities are prioritized less. Admins and security practitioners must understand the full extent of the vulnerabilities and their implications, as this information can inform their risk assessment and mitigation strategies. Furthermore, a use-after-free condition hasbeen identified in the Dawn implementation of the WebGPU standard ( CVE-2024-4060 ). While details about the reward for this issue are also withheld, this issue emphasizes the importance of thoroughly testing and reviewing open-source software , as even popular and widely used projects can contain critical security flaws. What Are the Implications & Longterm Consequences of These Flaws? The implications of these vulnerabilities go beyond immediate risks. They raise questions about the effectiveness of the software development and testing processes employed by Google and the broader industry. We cannot understate the impact of these vulnerabilities on admins and organizations. They expose sensitive data, leading to financial loss and eroding trust in online platforms. Therefore, Linux admins and impacted organizations must immediately update Chrome to the latest version to ensure their systems are secure. You will find information on how to update to Chrome 124 here. Our Final Thoughts on These Google Chrome Bugs This critical security update for Google Chrome addresses several vulnerabilities, including a crucial flaw that enables attackers to steal data and fully compromise systems. In this article, we've highlighted the implications and raised questions about the effectiveness of bug bounty programs, the transparency of rewards, and the development and testing processes employed by Google. As security practitioners and members of the open-source community, it is crucial to understand the implications of these vulnerabilities and take immediate action to update systems and advocate for robust security practices . By staying informed and proactive , we can better protect ourselves and our organizations from potential cyber threats. . Assess fundamental weaknesses in the Chrome version 124 upgrade aimed at reducing vulnerabilities to data compromise and security breaches for Linux operating system users.. Chrome Security Update, Critical Flaws in Chrome, Linux Browser Security, BugBounty Program Insights. . Brittany Day
May 30, 2024
•
Security Vulnerabilities
210
security advisoryFedoraremote code executionDebian: DSA-5611-1 Critical: Glibc Remote Code Execution Risks
Four significant vulnerabilities have been discovered in the GNU C Library (glibc) , a fundamental component of most Linux distributions. These vulnerabilities pose a significant risk to millions of Linux systems, as they can allow attackers to gain full root access and execute remote code on affected systems. . What Are These Vulnerabilities? Am I Impacted? The first vulnerability, tracked as CVE-2023-6246 , is a heap-based buffer overflow flaw in the syslog and vsyslog functions of the GNU C Library. This vulnerability allows unprivileged users to escalate their privileges and gain full root access, enabling attackers to view additional infrastructure to attack, add or delete users, or modify permissions of files or other users. It affects major Linux distributions such as Debian, Ubuntu, and Fedora. This vulnerability alone should raise concern among Linux admins and infosec professionals as it has the potential for widespread system compromise. Two additional vulnerabilities related to the same function have been found in Glibc: CVE-2023-6779 and CVE-2023-6780 . These vulnerabilities involve off-by-one heap-based buffer overflows and integer overflow issues. Although they are described as having a minor impact, further investigation reveals that their exploitation can be even more complex. These vulnerabilities add complexity and increase the risk factor for Linux systems. The final vulnerability discovered is a memory corruption issue in the qsort function of the GNU C Library. This flaw can be exploited when qsort() is used with a nontransitive comparison function and when an attacker controls many elements. According to researchers, "Exploitation of these vulnerabilities may allow attackers to gain remote code execution (RCE) on affected systems, potentially leading to data theft and system compromise." This highlights the importance of addressing these vulnerabilities promptly, as they can have severe consequences for system security. One significant aspect to consider is thewide range of affected versions of the GNU C Library. The vulnerabilities discovered impact all Glibc versions dating back to September 1992. This has implications for older systems that may still be in use, as well as newer systems that have yet to update to the latest release. This raises questions about the long-term consequences of maintaining and securing Linux systems running older versions of the GNU C Library. How Can I Secure My Linux Systems Against These Bugs? Immediate action is required to mitigate these bugs. We advise users to update their Glibc versions to mitigate the risks, while system administrators and developers should review their applications and libraries to ensure the safety of their systems. This calls for a diligent and proactive approach from Linux admins and information security professionals to protect their systems and stay ahead of potential attacks. Debian , Fedora , Gentoo , Mageia , and Ubuntu have released important advisory updates addressing these vulnerabilities. Final Thoughts on These GlibC Flaws & Their Impact In conclusion, the discovery of critical flaws in the GNU C Library has far-reaching implications for Linux systems. The vulnerabilities can lead to privilege escalation, remote code execution, and system compromise. Linux admins, infosec professionals, and sysadmins must be aware of these vulnerabilities and take immediate action to update their systems and mitigate the risks. These issues highlight the ongoing importance of keeping software components up to date and conducting regular security reviews to ensure the safety of Linux systems. Stay safe out there, fellow Linux users! . Recent security flaws identified in the GNU C Library necessitate urgent action from Linux administrators and system operators.. glibc Issues, Remote Code Threats, Linux Service Updates, System Security Alerts. . Dave Wreski
Feb 11, 2024
•
Security Vulnerabilities
210
security advisoryprivilege escalationpatch managementLinux Kernel CVE-2024-0193 Critical: Threat of Root Escalation
Vulnerabilities in the Linux kernel are an unfortunate reality of open-source software , as no code is ever perfect. While the open-source community overall does an excellent job finding and patching bugs, zero days will occasionally slip through. Recently, security researchers discovered yet another local privilege escalation vulnerability that impacts all versions of the Linux kernel. . This new vulnerability could allow an attacker with local access to gain root privileges. Given the ubiquity of Linux, especially in server environments, this is a serious issue that needs to be addressed promptly. Summary of This New Vulnerability A concerning new Linux kernel vulnerability was disclosed this week that could allow attackers to gain root privileges on affected systems. The vulnerability, tracked as CVE-2024-0193 , is a use-after-free flaw found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system. While many details are still emerging, the implications could be serious for Linux-based systems if not properly patched. However, the good news is that fixes have already been released and made available for affected kernel versions. What Are the Implications for Linux Users? This new kernel vulnerability puts many Linux systems at risk. While desktop users are less likely to be targeted, servers and cloud infrastructure using Linux will be prime targets. Since the bug allows privilege escalation, attackers could exploit it to gain root access to systems. This makes it critical for sysadmins and cloud infrastructure operators to apply patches once available. The bug specifically impacts the Linux kernel's task structure. So any services or applications interacting with the kernel taskstruct would potentially be vulnerable if accessible remotely. Web applications and network-facing services will need to be checked for exposure once patches are ready. While patches will address the specific vulnerability, they remind us that determined attackers are continuously probing Linux and open-source software for weaknesses. So ongoing vigilance and rapid patch deployment will continue to be essential for the Linux community. Mitigation Strategies While a patch is being worked on, Linux admins and users should take steps to mitigate the risks associated with this new vulnerability. Here are some best practices: Upgrade to the latest kernel version if a patch becomes available. Monitor Linux security bulletins for patched kernel releases. Be wary of untrusted inputs. Sanitize and validate any external data before passing it to sensitive kernel functions. Limit access to the kernel. Reduce the number of apps and users with root or kernel access. Consider virtualization or containerization to isolate the kernel and limit the potential impact. Enforce the principle of least privilege. Revoke any unnecessary permissions from users and programs. Monitor system logs for signs of unauthorized access or escalation attempts. Employ additional security controls like SELinux mandatory access controls on critical systems. Evaluate the risks associated with any unpatched kernel vulnerabilities and have a remediation plan. Proactively limiting kernel access, patching quickly, and monitoring logs closely can help mitigate risks while waiting for an official fix. However, upgrading to patched kernel versions promptly remains the best defense. Patch Availability Major distributions have released updates mitigating this flaw , which impacted users should apply immediately. For other distros and custom-compiled kernels, system administrators will need to manually apply patches as they become available or switch to adistro with an updated kernel. So admins should watch closely for patch announcements on kernel mailing lists. The good news is the open-source Linux community has historically been extremely responsive with security patches compared to proprietary operating systems. While a precise timeline isn't available yet, we can expect an expedited response to this critical escalation of privilege flaw. Stay tuned for updates and patches. Long-Term Consequences The discovery of this new Linux kernel vulnerability could have significant long-term impacts on the security of Linux systems. While patches are being made available, there is still the issue of getting users actually to implement them in a timely manner. The complexity of patching production systems means many may continue running vulnerable kernels for years to come. This provides ample opportunity for attackers to develop exploits. Since the vulnerability exists in the core kernel code has implications for a wide range of Linux distributions and versions. New exploits leveraging this bug could potentially work across many different distros and platforms. The ubiquitous nature of Linux amplifies the scope of systems potentially impacted. There is also concern that patches for this vulnerability could introduce new bugs and instability into the kernel. Rapid patching does not always allow for extensive testing and validation. Any downstream impacts from mitigations could further complicate upgrading efforts. Ultimately, this vulnerability will likely have a long tail of exposure as patches slowly make their way into production. The window of opportunity for exploits may remain open for years after patches are available. Proactive patching and upgrading of kernels will be critical for Linux users to limit their risk. This bug provides a glimpse into the complexities of managing security for such a massive open-source project like Linux. Our Final Thoughts on This New Privilege Escalation Bug The discovery of this new Linux kernelvulnerability demonstrates the constant battle between security researchers and malicious actors. While concerning, this vulnerability also highlights the resiliency and responsiveness of the open-source community. Within days of being disclosed, patches were made available to mitigate the issue. The key takeaways for Linux users and sysadmins are to remain vigilant, keep systems updated, utilize available security tools, and follow best practices like the principle of least privilege. The ability for threats to escalate privileges reinforces the importance of limiting damage potential through proper system hardening. Proactive monitoring for new vulnerabilities and emerging threats is essential, as is having an incident response plan in place. With cyberattacks on the rise, all organizations should actively work to improve their security posture. Though daunting, threats like this also present an opportunity to identify weak points and improve. By working together and sharing information, the security community can stay a step ahead of malicious actors. Though risks remain, knowledge and preparation are the best defenses against new vulnerabilities. Our weekly newsletters are an excellent way to stay updated on the latest information, insights and advisories impacting your systems' security. Stay safe and secure, Linux users! . A recently discovered flaw in the kernel enables local malicious users to gain higher privileges on Unix-based platforms, prompting immediate patch releases.. Linux Kernel Security, Privilege Escalation, Patch Management. . Brittany Day
Feb 11, 2024
•
Security Vulnerabilities
210
security advisorycode executioncritical flawUbuntu Security Advisory: Node.js Vulnerabilities Resolved for Exploitation
Several significant security issues were fixed in Node.js, including two critical vulnerabilities that have received a National Vulnerability Database base score of 9.8 out of 10. CVE-2019-15605 is an HTTP request smuggling bug in Node.js 10, 12, and 13 that causes malicious payload delivery when transfer-encoding is malformed, and CVE-2019-15606 is an authorization bypass issue in Nodejs 10, 12, and 13. . A remote attacker could possibly use these issues to obtain sensitive information or execute arbitrary code. Essential Node.js security updates have been released to fix these severe flaws. We urge all impacted users to apply the updates released by Ubuntu immediately to protect their critical systems and sensitive data against attacks leading to compromise. To stay on top of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user , subscribe to our Linux Advisory Watch newsletter, and customize your advisories for your distro(s). This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems. Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s) . . Crucial patches rolled out for Node.js addressing severe vulnerabilities. Safeguard your infrastructure and information from threats immediately.. Node.js Critical Issues, Ubuntu Security Fixes, Code Execution Vulnerabilities. . Brittany Day
Oct 05, 2023
•
Security Vulnerabilities
210
security advisoryremote exploitsoftware updateDjango 3.2: Critical Advisory for Remote Exploit Risk - CVE-2023-31047
It was discovered that Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1 incorrectly handled uploading multiple files using one form field (CVE-2023-31047). With a low attack complexity, no privileges required to exploit, and a high confidentiality, integrity and availability impact, this vulnerability has been rated as “Critical” by the National Vulnerability Database (NVD). . A remote attacker could possibly use this issue to bypass certain validations, potentially leading to the compromise of confidential information and loss of access to critical systems. An important update for Django that fixes this bug has been released. We strongly recommend that all impacted users apply the Django updates issued by their distro(s) as soon as possible to protect the confidentiality, integrity and availability of their systems. To stay on top of important updates released by the open-source programs and applications you use, be sure to register as a LinuxSecurity user , then subscribe to our Linux Advisory Watch newsletter and customize your advisories for the distro(s) you use. This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems. Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s) . . A severe Django security issue exposed file upload weaknesses, risking remote attacks. Upgrade immediately to secure your environments!. Django Security, Remotely Exploitable Flaw, Security Update. . Brittany Day
Jun 01, 2023
•
Security Vulnerabilities
78
security advisorysoftware updateantivirusCisco: CVE-2023-20032 Critical: ClamAV Remote Code Execution Threat
Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that could lead to remote code execution on susceptible devices. . Tracked as CVE-2023-20032 (CVSS score: 9.8), the issue relates to a case of remote code execution residing in the HFS+ file parser component. The flaw affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Google security engineer Simon Scannell has been credited with discovering and reporting the bug. "This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write," Cisco Talos said in an advisory. "An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device." The link for this article located at The Hacker News is no longer available. . Serious vulnerability in ClamAV opens the door for remote code execution threats; Cisco has released a security patch to protect affected systems.. ClamAV Remote Execution, Cisco Security Update, Antivirus Vulnerability, Open Source Security. . LinuxSecurity.com Team
Feb 20, 2023
•
Vendors/Products
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More