Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 4 articles for you...
210
security advisoryRed Hatprivilege escalationRed Hat: CVE-2024-9050 Important: NetworkManager-libreswan Flaw
Red Hat recently discovered a severe flaw in the NetworkManager-libreswan plugin, allowing local attackers to escalate privileges and gain root access to impacted Linux systems. Tracked as CVE-2024-9050 , this vulnerability has received a Common Vulnerability Scoring System (CVSS) base score of 7.8, underscoring its high severity. . To help you understand this critical bug and measures you can take to practively secure your systems, I'll explain how it works, who is affected, and practical mitigation strategies we admins can implement to reduce risk. Let's begin by understanding the nature of this flaw. Understanding The Nature of This NetworkManager Flaw This vulnerability lies within the NetworkManager-libreswan plugin. It specifically involves its failure to properly sanitize VPN configurations from unprivileged users. The plugin utilizes an executable command, accepting a parameter known as leftupdown, which links NetworkManager-libreswan and NetworkManager for callback functions. The heart of the problem lies in the improper handling of special characters in key-value format configuration, which allows attackers to manipulate values so they are mistakenly taken as keys. Since NetworkManager uses Polkit for unprivileged users to manage network configurations, this vulnerability provides a possible route for local privilege escalation, leading to root-level code execution. What Is the Impact of This Bug on Affected Systems? This flaw affects multiple versions and platforms of Red Hat Enterprise Linux (RHEL), such as RHEL 9.0 Update Services for SAP Solutions and Red Hat Enterprise Linux Server AUS 7.7. Additionally, various architectures may be affected, such as x86_64, ppc64le, aarch64, and s390x. Red Hat has classified this security issue as "Important" and issued patches via multiple security advisories ( RHSA-2024:8312 and RHSA-2024:8338 ). Furthermore, NetworkManager-libreswan packages that address this vulnerability across platforms are now available. Systemadministrators should immediately upgrade affected systems to the latest versions despite available patches. Delaying updates leaves systems vulnerable to exploitation. Who Is at Risk? This vulnerability poses the greatest danger in environments where local users possess network configuration privileges. Server environments typically face lower risks because their local users usually don't have the permissions necessary to exploit this flaw. Still, their risk is higher when local users possess such privileges. Practical Mitigation Strategies for Red Hat Sysadmins System administrators can take various practical steps to mitigate vulnerabilities such as this flaw and secure their systems more effectively. Admins should update NetworkManager-libreswan packages immediately, thus mitigating any identified vulnerabilities and preventing exploitation. Admins must also restrict local user privileges when patch applications cannot be applied to prevent unintended changes to network configuration. Polkit can help administrators do this. However, restricting local user control may have detrimental effects on devices that rely on this mechanism for network administration, such as laptops. Auditing and monitoring network configurations are also integral in detecting unauthorized changes or suspicious activities that could compromise network security. Any anomalies should be promptly investigated to ensure they do not constitute exploits of newly discovered vulnerabilities. User education and upholding the principle of least privilege are equally vital components. Informing local users about potential security threats associated with network configurations and only providing necessary permissions will limit unapproved access and exploitative efforts. Deploying security tools is also vital to increasing system protection. Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) provide extra layers of defense against malicious activities by detecting privilege escalationattempts and warning of suspicious activities. Regularly reviewing and strengthening security policies is crucial to protecting systems against emerging threats and vulnerabilities. Adopting best practices and adhering to security standards are effective strategies for increasing systems' protection. Network segmentation can decrease risks by isolating critical systems and data from other network parts. Access should only be granted to individuals who require it, thus minimizing attack surfaces and potential exploits. Finally, maintaining regular backups of critical data and pre-tested disaster recovery plans helps ensure rapid recovery during a security breach or exploit. These comprehensive mitigation strategies will increase system resilience against flaws like this NetworkManager-libreswan bug. Our Final Thoughts on Addressing This Severe Vulnerability The NetworkManager-libreswan flaw in Red Hat systems is an urgent security threat, highlighting the importance of input sanitization and privilege management within networking-related software components. While Red Hat has provided patches to address this vulnerability, system administrators must act swiftly to update affected systems with these patches as soon as they become available while taking additional preventive steps against potential exploits. By taking proactive measures such as applying patches , restricting local user privileges, auditing network configurations, educating users about security policies and tools deployed, segmenting networks for maximum protection, maintaining backup plans, and maintaining robust disaster recovery plans, organizations can significantly bolster their security posture against vulnerabilities such as this flaw. Employing an all-encompassing security strategy will address this particular vulnerability and build resilience against future threats and attacks. . Address the NetworkManager-libreswan flaw in Red Hat systems with proactive measures to enhance your security posture..NetworkManager-libreswan flaw, Red Hat security measures, privilege escalation mitigation, security updates. . Brittany Day
Oct 24, 2024
•
Security Vulnerabilities
210
security advisorybuffer overflowcriticalLinux Kernel CVE-2023-0179 Critical: Privilege Escalation Threat
A new privilege escalation vulnerability has been identified in the Linux kernel by researcher Davide Ornaghi. This vulnerability might enable a local attacker to execute code on vulnerable computers with elevated rights if the kernel is installed on those systems. . Additionally, Davide published the proof-of-concept and the write-up. The vulnerability, which has been assigned the tracking number CVE-2023-0179, is a stack-based buffer overflow that exists in the Netfilter subsystem. An authorized attacker might exploit this issue to get elevated privileges as root if the attacker executed a program that had been carefully written for the purpose. The Linux kernel has a framework known as netfilter that enables a variety of networking-related actions to be performed in the form of individualized handlers. This may be accomplished by filtering incoming network packets. Netfilter provides the functionality necessary for directing packets through a network and preventing packets from reaching sensitive locations within a network by offering a variety of functions and operations for packet filtering, network address translation, and port translation. [1] These features allow Netfilter to provide the functionality required for directing packets through a network. . A recently uncovered vulnerability in the Linux kernel enables local adversaries to execute malicious code on compromised machines.. Privilege Escalation, Linux Kernel Vulnerability, Malware Execution. . Brittany Day
Jan 17, 2023
•
Security Vulnerabilities
210
security advisorysecurity issuekernel updateUbuntu LTS 22.04, 20.04, 18.04: Security Advisory For Kernel Update
Canonical has released a new Linux kernel security updates for all supported Ubuntu LTS releases to address up to 16 vulnerabilities discovered by various security researchers. . The new Linux kernel security updates are about one month after the previous kernel update , which patched the recently disclosed Wi-Fi driver stack vulnerabilities, and are available only for all supported Ubuntu LTS (Long-Term Support) versions, including Ubuntu 22.04 LTS (Jammy Jellyfish), Ubuntu 20.04 LTS (Focal Fossa), and Ubuntu 18.04 LTS (Bionic Beaver). Fixed in this new Linux kernel update are a total of 16 vulnerabilities, including five that are common to all supported Ubuntu releases. These are CVE-2022-2978 , a use-after-free vulnerability discovered by Hao Sun and Jiacheng Xu in the NILFS file system implementation that could allow a local attacker to crash the system or execute arbitrary code, CVE-2022-3028 , a race condition discovered by Abhishek Shah in the PF_KEYv2 implementation that could allow a local attacker to expose sensitive information (kernel memory) or crash the system, and CVE-2022-3635 , a use-after-free vulnerability discovered in the IDT 77252 ATM PCI device driver that could allow a local attacker to crash the system or execute arbitrary code. The link for this article located at 9 to 5 Linux is no longer available. . Canonical has rolled out fresh updates for the Linux kernel to fix 16 security flaws affecting all supported Ubuntu LTS versions.. Ubuntu Kernel Updates, System Security Patch, LTS Security Fixes. . Brittany Day
Nov 17, 2022
•
Security Vulnerabilities
210
security advisorycriticalcode executionLinux Kernel Advisory: Critical Malicious Code Execution Threats
A security investigator has discovered three new code execution flaws in the Linux kernel that might be exploited by a local or external adversary to take control of the vulnerable computers and run arbitrary code. . The roccat_report_event function in drivers/hid/hid-roccat.c has a use-after-free vulnerability identified as CVE-2022-41850 (CVSS score: 8.4). A local attacker might exploit this flaw to run malicious script on the system by submitting a report while copying a report-> value . Patch has be released to addresses the Linux Kernel 5.19.12 vulnerability CVE-2022-41850. . Uncover three vital vulnerabilities in the Linux kernel that may permit attackers to execute harmful code, potentially enabling them to seize control over compromised systems.. Linux Kernel,Critical Flaws,Code Execution,Malicious Code,Security Advisory. . Brittany Day
Oct 09, 2022
•
Security Vulnerabilities
78
security advisorydenial of servicekernel updateUbuntu 20.04 & 18.04 Live Patch Critical DoS Prevention Update
Canonical has released a new Linux kernel live patch for its Ubuntu 20.04 LTS and Ubuntu 18.04 LTS OS series to address a single security vulnerability in Linux kernel’s Shiftfs out-of-tree stacking file system, which could have allowed a local attacker to cause a denial of service (memory exhaustion) or gain root privileges by executing arbitrary code. . This new Linux kernel live patch security update comes hot on the heels of the latest Linux kernel security updates released by Canonical last week for all supported Ubuntu Linux releases. It’s available for users of the Ubuntu 20.04 LTS (Focal Fossa) and Ubuntu 18.04 LTS (Bionic Beaver) operating systems who use the Canonical Livepatch Service for rebootless kernel updates and fixes a single security vulnerability. The link for this article located at 9 to 5 Linux is no longer available. . Canonical has released a kernel patch for Ubuntu 20.04 and 18.04 to fix a critical security vulnerability. Download it now to secure your system. Ubuntu Kernel Patch, Canonical Livepatch, Linux Kernel Security. . LinuxSecurity.com Team
May 21, 2021
•
Vendors/Products
78
security advisoryRed HatkernelRed Hat 7 and CentOS 7 Kernel Security Update: Important Fixes
Red Hat and CentOS have announced the availability of important kernel security updates for their Red Hat Enterprise Linux 7 and CentOS Linux 7 operating system series that address two security vulnerabilities and numerous other bugs. Learn more: . Marked by Red Hat Product Security as having a security impact of "Important," the new Linux kernel security update is here to patch two vulnerabilities, namely CVE-2019-14821 , an out-of-bounds memory access issue via MMIO ring buffer discovered in Linux kernel's KVM hypervisor, and CVE-2019-15239 , a flaw that could allow a local attacker to trigger multiple use-after-free conditions, which may lead to a kernel crash or potentially in privilege escalation. Additionally, the kernel update also addresses several bugs, including missing SCSI VPD information for NVMe drives that breaks InfoScale, NULL pointer dereference at check_preempt_wakeup+0x109, panic in pick_next_task_rt, "Detected Tx Unit Hang" error with adapter reset, broken load balancing over VF LAG configuration, security issues on crypto vmx driver, XFS hangs on acquiring xfs_buf semaphore, single CPU VM hangs during open_posix_testsuite, and many others. The link for this article located at Softpedia News is no longer available. . Latest kernel release for Fedora and CentOS tackles severe vulnerabilities and multiple glitches, preserving system stability.. Kernel Updates, Red Hat Security, CentOS Updates, Important Fixes. . LinuxSecurity.com Team
Dec 05, 2019
•
Vendors/Products
77
security advisoryremote accesslocal attackNetBSD 5.0.2 Security Advisory: Issues with TLS Session Renegotiation
The NetBSD development team have announced the release of the second "critical/security" update of the 5.0 release branch, NetBSD 5.0.2. The latest maintenance release includes a number of important security and stability fixes for the BSD based operating system.. NetBSD 5.0.2 features two fixes related to security advisories, including an issue in the OpenSSL Transport Layer Security (TLS) session renegotiation that could allow an attacker to remotely intercept communication. The developers have disabled TLS session renegotiation in order to prevent Man-in-the-Middle attacks. The second advisory fix corrects an issue that could allow a local attacker to invoke a kernel panic due to issues in the azalia(4) and hdaudio(4) drivers. The link for this article located at H Security is no longer available. . NetBSD 5.0.2 introduces essential patches for OpenSSL SSL concerns and safeguards against kernel crash exploits within audio components.. NetBSD Update, OpenSSL Fixes, Kernel Issues, NetBSD Security, TLS Vulnerability. . LinuxSecurity.com Team
Feb 16, 2010
•
Server Security
67
security advisorycriticalvulnerabilityOpenSSH 3.0.2 Security Advisory: Critical UseLogin Local Attack Fix
OpenSSH 3.0.2 has just been released. This release fixes a vulnerability in the UseLogin option of OpenSSH. This option is not enabled in the default installation of OpenSSH.. . .. OpenSSH 3.0.2 has just been released. This release fixes a vulnerability in the UseLogin option of OpenSSH. This option is not enabled in the default installation of OpenSSH. Date: Tue, 4 Dec 2001 13:48:19 +0100 From: Markus Friedl Reply-To: openssh@openbsd.org To: openssh-unix-announce@mindrot.org, openssh-unix-dev@mindrot.org Cc: openssh@openbsd.org, lwn@lwn.net, announce@openbsd.org, misc@openbsd.org, dengue@deadly.org, news@linuxsecurity.com Subject: OpenSSH 3.0.2 fixes UseLogin vulnerability OpenSSH 3.0.2 has just been released. It will be available from the mirrors listed at https://www.openssh.org/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. We would like to thank the OpenSSH community for their continued support and encouragement. Important Changes: ================== This release fixes a vulnerability in the UseLogin option of OpenSSH. This option is not enabled in the default installation of OpenSSH. However, if UseLogin is enabled by the administrator, all versions of OpenSSH prior to 3.0.2 may be vulnerable to local attacks. The vulnerability allows local users to pass environment variables (e.g. LD_PRELOAD) to the login process. The login process is run with the same privilege as sshd (usually with root privilege). Do not enable UseLogin on your machines or disable UseLogin again in /etc/sshd_config: UseLogin no We also have received many reports about attacks against the crc32 bug. This bug has been fixed about 12 months ago in OpenSSH 2.3.0. However, these attacks cause non-vulnerable daemons to chew a lot of cpu since the crc32 attack sends a tremendously large amount of data which must beprocessed. OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller and Ben Lindstrom. The following patch fixes the UseLogin vulnerability in OpenSSH 3.0.1 and earlier releases. --- session.c 11 Oct 2001 13:45:21 -0000 1.108 +++ session.c 1 Dec 2001 22:14:39 -0000 @@ -875,6 +875,7 @@ child_set_env(&env, &envsize, "TZ", getenv("TZ")); /* Set custom environment options from RSA authentication. */ + if (!options.use_login) while (custom_environment) { struct envstring *ce = custom_environment; char *s = ce-> s; . OpenSSH 3.1.0 addresses significant vulnerabilities in UseLogin feature, effectively safeguarding against potential local breaches.. OpenSSH, UseLogin, security fix, local risks, software release. . LinuxSecurity.com Team
Dec 04, 2001
•
Cryptography
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More