Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 2 articles for you...
210
security advisorykernel patchlocal exploitUbuntu 21.04 Kernel Update: 17 Critical Fixes and Enhancements
Canonical has released a new major Linux kernel security update for Ubuntu 21.04 (Hirsute Hippo), patching a total of 17 security vulnerabilities! . The new Linux kernel security patch is here about a month and a half after Ubuntu 21.04’s first kernel update and fixes no less than seven security vulnerabilities ( CVE-2020-24586 , CVE-2020-24587 , CVE-2020-24588, CVE-2020-26139 , CVE-2020-26141 , CVE-2020-26145 , CVE-2020-26147 ) discovered by Mathy Vanhoef in Linux kernel’s Wi-Fi implementation, which could allow a physically proximate attacker to inject packets, decrypt fragments, exfiltrate selected fragments, expose sensitive information or cause a denial of service (system crash). The new Ubuntu 21.04 kernel update also patches a race condition ( CVE-2021-32399 ) and a use-after-free flaw ( CVE-2021-33034 ) discovered in Linux kernel’s Bluetooth subsystem and Bluetooth HCI driver respectively. These issues could allow a local attacker to cause a denial of service (system crash) or execute arbitrary code. The link for this article located at 9 to 5 Linux is no longer available. . The latest kernel update on Ubuntu 21.04 addresses 15 security vulnerabilities, significantly reinforcing system defenses against potential threats.. Linux Kernel Update, Ubuntu Security Patches, Kernel Critical Updates. . Brittany Day
Jun 25, 2021
•
Security Vulnerabilities
210
security advisorydenial of serviceUbuntuUbuntu 20.10 & 20.04 LTS CVE-2021-26708 Critical: Kernel DoS Attack
Canonical has released a new Linux kernel security update for its Ubuntu 20.10 (Groovy Gorilla) and Ubuntu 20.04 LTS (Focal Fossa) systems to address a single security vulnerability that could allow a local attacker to crash the system by causing a denial of service (DoS) or run programs as an administrator (root). . The vulnerability (CVE-2021-26708) was discovered by Alexander Popov as multiple race conditions in Linux kernel’s AF_VSOCK implementation, which could allow a local attacker to crash the system by causing a denial of service or run programs as an administrator (root). This security issue affects all Ubuntu 20.10 and Ubuntu 20.04 LTS systems running the Linux 5.8 kernel on all supported architectures, including 64-bit, Raspberry Pi (V8) systems, OEM systems, cloud environments (KVM), as well as Amazon Web Services (AWS), Google Cloud Platform (GCP), Oracle Cloud, and Microsoft Azure Cloud systems. The link for this article located at 9 to 5 Linux is no longer available. . This patch resolves a vulnerability in the kernel that enables local malicious users to compromise and destabilize Ubuntu installations.. Ubuntu Update,Kernal Security Patch,Denial Of Service Attack,Local Exploit,System Crash. . Brittany Day
Feb 11, 2021
•
Security Vulnerabilities
77
local exploitOpenSSHsystem protectionExploring Local Exploit Risks in OpenSSH Security Alerts
When is a 0day in OpenSSH not a 0day? When it's local exploit code. Not the kind that exploits a vulnerability in the system you are logged into, to escalate privilege for example. The kind that takes advantage of potential vulnerabilities in the gray matter between your ears to make a mess of your local system. A reader wrote in to advise us of a potential 0day in the current version of OpenSSH 5.3/5.3p1 released Oct 1, 2009. . He provided a link to a blog post which has what appears to be exploit code. Unfortunately the first thing I did, before I looked at the code, was fire off an email to the OpenSSH list. They responded quite quickly that "It's pretty clear that the code just exploits your local machine...". Woops. A follow up email says "Looks like a rehash of the fake "exploit" from last July." So, the good news is, there does not appear to be a 0day on OpenSSh making the rounds. The bad news is, if you ran the code you are rebuilding your system. Worse still, if you emailed all your friends pointing to the 'exploit' code, well, now you look rather foolish. Lesson one to me, always check things out. Do the research and analysis before crying wolf. Fortunately no harm done. This has to be balanced against the requirement for timeliness of information flow along a contact tree. In this case I erred on the side of alerting quickly. The link for this article located at SANS is no longer available. . Gaining insight into the ramifications of a localized vulnerability in OpenSSH and enhancing our approach to scrutinizing security notifications.. OpenSSH Exploit, Local Exploitation, Security Analysis. . LinuxSecurity.com Team
Feb 08, 2010
•
Server Security
78
security advisorydenial of serviceprivilege escalationLinux Kernel: Multiple DoS And Privilege Escalation Risks Found
Multiple vulnerabilities were identified in Linux Kernel, which could be exploited by malicious [local] users to cause a denial of service and potentially obtain elevated privileges. . The first issue is due to an error in "mm/mempolicy.c" when handling policy system calls, which could be exploited by local attackers to cause a denial of service via a "set_mempolicy" call with a 0 bitmask. The second flaw is due to a one-byte buffer overrun error in "kernel/sysctl.c" when processing an overly long user-supplied string, which could be exploited by local attackers to potentially execute arbitrary commands. The third vulnerability is due to an error in "net/ipv4/fib_frontend.c" when processing malformed "fib_lookup" netlink messages, which could cause illegal memory references. The fourth issue is due to a buffer overflow error in the CA-driver for TwinHan DST Frontend/Card [drivers/media/dvb/bt8xx/dst_ca.c], which could be exploited by malicious users to cause a denial of service or potentially execute arbitrary commands. The link for this article located at FrSIRT is no longer available. . The latest vulnerabilities discovered in the Linux Kernel may lead to Denial of Service (DoS) and permit local users to escalate their privileges. Gain further insights below.. Linux Kernel Security, DoS Protection, Privilege Escalation Risks. . LinuxSecurity.com Team
Jan 04, 2006
•
Vendors/Products
77
security advisorylocal exploitsecurity threatLinux Kernel 2.6.9 Security Advisory: Race Conditions and Exploits
A series of recently announced security flaws open Linux and related technologies to attacks ranging from denials of service and local exploits to the potential for remote system compromise. . . .. A series of recently announced security flaws open Linux and related technologies to attacks ranging from denials of service and local exploits to the potential for remote system compromise. Senior Linux developer Alan Cox announced a set of "race conditions" in the Linux kernel that were fixed in Version 2.6.9. The problems are in the terminal subsystem. Patches are also available for the 2.4x kernel, but not the 2.2 kernel. Cox reports two problems, the first involving a local program performing specific operations with a particular timing, resulting in crashes and "other undefined behavior," including the release of small amounts of random kernel data. The second attack involves dial-up users connecting over PPP (point-to-point protocol) ports and performing a console switch at precisely the right time, causing a crash. The second attack can only be reproduced over direct serial lines, not modems, leading Cox to minimize the possibility of a true remote attack. The link for this article located at Larry Seltzer is no longer available. . Newly discovered vulnerabilities in Linux systems could lead to security breaches, enabling a spectrum of attacks including service interruptions and possible remote intrusions.. Linux Kernel Patches, Race Conditions, Security Threats. . LinuxSecurity.com Team
Oct 21, 2004
•
Server Security
77
security advisorycode executionsendmailSendmail: 8.11-8.12 Moderate: Input Validation Code Execution Risk
Sendmail contains an input validation error, may lead to the execution of arbitrary code with elevated privileges. Local users may be able to write arbitrary data to process memory, possibly allowing the execution of code/commands with elevated privileges.. . .. Sendmail contains an input validation error, may lead to the execution of arbitrary code with elevated privileges. Local users may be able to write arbitrary data to process memory, possibly allowing the execution of code/commands with elevated privileges. --------------------------------------------------------------------------- Security Alert Subject: Sendmail Debugger Arbitrary Code Execution Vulnerability BUGTRAQ ID: 3163 CVE ID: CAN-2001-0653 Published: August 17, 2001 MT Updated: August 20, 2001 MT Remote: No Local: Yes Availability: Always Authentication: Not Required Credibility: Vendor Confirmed Ease: No Exploit Available Class: Input Validation Error Impact: 10.00 Severity: 7.50 Urgency: 6.58 Last Change: Updated packages that rectify this issue are now available from Sendmail. --------------------------------------------------------------------------- Vulnerable Systems: Sendmail Consortium Sendmail 8.12beta7 Sendmail Consortium Sendmail 8.12beta5 Sendmail Consortium Sendmail 8.12beta16 Sendmail Consortium Sendmail 8.12beta12 Sendmail Consortium Sendmail 8.12beta10 Sendmail Consortium Sendmail 8.11.5 Sendmail Consortium Sendmail 8.11.4 Sendmail Consortium Sendmail 8.11.3 Sendmail Consortium Sendmail 8.11.2 Sendmail Consortium Sendmail 8.11.1 Sendmail Consortium Sendmail 8.11 Non-Vulnerable Systems: Summary: Sendmail contains an input validation error, may lead to the execution of arbitrary code with elevated privileges. Impact: Local users may be able to write arbitrary data to process memory, possibly allowing the execution of code/commands with elevated privileges. Technical Description: An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in theprogram's tTflag() function, which is responsible for processing arguments supplied from the command line with the '-d' switch and writing the values to it's internal "trace vector." The vulnerability exists because it is possible to cause a signed integer overflow by supplying a large numeric value for the 'category' part of the debugger arguments. The numeric value is used as an index for the trace vector. Before the vector is written to, a check is performed to ensure that the supplied index value is not greater than the size of the vector. However, because a signed integer comparison is used, it is possible to bypass the check by supplying the signed integer equivalent of a negative value. This may allow an attacker to write data to anywhere within a certain range of locations in process memory. Because the '-d' command-line switch is processed before the program drops its elevated privileges, this could lead to a full system compromise. This vulnerability has been successfully exploited in a laboratory environment. Attack Scenarios: An attacker with local access must determine the memory offsets of the program's internal tTdvect variable and the location to which he or she wishes to have data written. The attacker must craft in architecture specific binary code the commands (or 'shellcode') to be executed with higher privilege. The attacker must then run the program, using the '-d' flag to overwrite a function return address with the location of the supplied shellcode. Exploits: Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@ . Mitigating Strategies: Restrict local access to trusted users only. Solutions: Below is a statement from the Sendmail Consortium regarding this issue: -------------------- This vulnerability, present in sendmail open source versions between 8.11.0 and 8.11.5 has been corrected in 8.11.6. sendmail 8.12.0.Beta users should upgrade to 8.12.0.Beta19. The problemwas not present in 8.10 or earlier versions. However, as always, we recommend using the latest version. Note that this problem is not remotely exploitable. Additionally, sendmail 8.12 will no longer uses a set-user-id root binary by default. -------------------- Updated packages that rectify this issue are available from the vendor: For Sendmail Consortium Sendmail 8.11: Sendmail Consortium upgrade sendmail 8.11.6 For Sendmail Consortium Sendmail 8.11.1: Sendmail Consortium upgrade sendmail 8.11.6 For Sendmail Consortium Sendmail 8.11.2: Sendmail Consortium upgrade sendmail 8.11.6 For Sendmail Consortium Sendmail 8.11.3: Sendmail Consortium upgrade sendmail 8.11.6 For Sendmail Consortium Sendmail 8.11.4: Sendmail Consortium upgrade sendmail 8.11.6 For Sendmail Consortium Sendmail 8.11.5: Sendmail Consortium upgrade sendmail 8.11.6 For Sendmail Consortium Sendmail 8.12beta10: Sendmail Consortium upgrade sendmail 8.12.0 Beta19 For Sendmail Consortium Sendmail 8.12beta12: Sendmail Consortium upgrade sendmail 8.12.0 Beta19 For Sendmail Consortium Sendmail 8.12beta16: Sendmail Consortium upgrade sendmail 8.12.0 Beta19 For Sendmail Consortium Sendmail 8.12beta5: Sendmail Consortium upgrade sendmail 8.12.0 Beta19 For Sendmail Consortium Sendmail 8.12beta7: Sendmail Consortium upgrade sendmail 8.12.0 Beta19 Credit: Discovered by Cade Cairns of the Security Focus SIA Threat Analysis Team. References: web page: Sendmail Homepage (Sendmail) https://www.proofpoint.com/us/products/email-protection/open-source-email-solution ChangeLog: Aug 20, 2001: Updated packages that rectify this issue are now available from Sendmail. Aug 20, 2001: Updated versions of Sendmail will be available today at 4:00 PDT. Aug 09, 2001: Initial analysis. --------------------------------------------------------------------------- HOW TO INTERPRET THIS ALERT BUGTRAQ ID: This is a unique identifier assigned to the vulnerability by. CVE ID: This is a unique identifier assigned to the vulnerability by the CVE. Published: The date the vulnerability wasfirst made public. Updated: The date the information was last updated. Remote: Whether this is a remotely exploitable vulnerability. Local: Whether this is a locally exploitable vulnerability. Credibility: Describes how credible the information about the vulnerability is. Possible values are: Conflicting Reports: The are multiple conflicting about the existance of the vulnerability. Single Source: There is a single non-reliable source reporting the existence of the vulnerability. Reliable Source: There is a single reliable source reporting the existence of the vulnerability. Conflicting Details: There is consensus on the existence of the vulnerability but not it's details. Multiple Sources: There is consensus on the existence and details of the vulnerability. Vendor Confirmed: The vendor has confirmed the vulnerability. Class: The class of vulnerability. Possible values are: Boundary Condition Error, Access Validation Error, Origin Validation Error, Input Valiadtion Error, Failure to Handle Exceptional Conditions, Race Condition Error, Serialization Error, Atomicity Error, Environment Error, and Configuration Error. Ease: Rates how easiliy the vulnerability can be exploited. Possible values are: No Exploit Available, Exploit Available, and No Exploit Required. Impact: Rates the impact of the vulnerability. It's range is 1 through 10. Severity: Rates the severity of the vulnerability. It's range is 1 through 10. It's computed from the impact rating and remote flag. Remote vulnerabiliteis with a high impact rating receive a high severity rating. Local vulnerabilities with a low impact rating receive a low severity rating. Urgency: Rates how quickly you should take action to fix or mitigate the vulnerability. It's range is 1 through 10. It's computed from the severity rating, the ease rating, and the credibility rating. High severity vulnerabilities with a high ease rating, and a high confidence rating have a higher urgency rating. Low severity vulnerabilities with a low ease rating, and a low confidence ratinghave a lower urgency rating. Last Change: The last change made to the vulnerability information. Vulnerable Systems: The list of vulnerable systems. A '+' preceding a system name indicates that one of the system components is vulnerable vulnerable. For example, Windows 98 ships with Internet Explorer. So if a vulnerability is found in IE you may see something like: Microsoft Internet Explorer + Microsoft Windows 98 Non-Vulnerable Systems: The list of non-vulnerable systems. Summary: A concise summary of the vulnerability. Impact: The impact of the vulnerability. Technical Description: The in-depth description of the vulnerability. Attack Scenarios: Ways an attacker may make use of the vulnerability. Exploits: Exploit intructions or programs. Mitigating Strategies: Ways to mitigate the vulnerability. Solutions: Solutions to the vulnerability. Credit: Information about who disclosed the vulnerability. References: Sources of information on the vulnerability. Related Resources: Resources that might be of additional value. ChangeLog: History of changes to the vulnerability record. --------------------------------------------------------------------------- Copyright 2001 . A flaw in input sanitization within Sendmail could potentially allow unauthorized execution of arbitrary code with increased privileges.. Sendmail, Arbitrary Code, Input Validation Error, Elevated Privileges. . LinuxSecurity.com Team
Aug 21, 2001
•
Server Security
74
local exploitopenbsdsecurity concernsOpenBSD Local Root Exploit Discussion Following Bugtraq Announcement
Last week several vulnerabilities with OpenBSD were announced on the full disclosure list Bugtraq. That a hole was found and exploited is not an amazing thing. The amazing and impressive thing is how long OpenBSD had gone without a local root . . . . Last week several vulnerabilities with OpenBSD were announced on the full disclosure list Bugtraq. That a hole was found and exploited is not an amazing thing. The amazing and impressive thing is how long OpenBSD had gone without a local root exploit. There was a reaction to the announcements by the OpenBSD developer team about the exploits that surprised me. The reaction was to imply that the developers had been hiding the truth about the exploits so as to not tarnish the reputation of OpenBSD. Just in case you think that I am a militant OpenBSD user defending the true faith, let me explain that I am a Linux user. I have played with OpenBSD and will most likely play with it again. I am not however, what you could call a member of the OpenBSD community. As I said I am a Linux user. I have been impressed with the work the OpenBSD team has done in proactivly finding bugs and the results they have gotten from this approach. I think that there is room in the world for Linux, *BSD, and even the commercial Unix variants. It is my belief there are advantages to having choices and using different approaches to solve common problems. The link for this article located at RootPrompt.org is no longer available. . Multiple security flaws disclosed in FreeBSD; feedback from maintainers sparks questions regarding openness.. OpenBSD Exploits, Bugtraq Issues, OpenBSD Reactions. . Anthony Pell
Oct 09, 2000
•
Network Security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More