Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found 0 articles for you...
210
security advisorysecurity fixzero-dayChrome 90.0.4430.85 Advisory Critical: Zero-Day Patch and Security Fixes
Google has released version 90.0.4430.85 of the Chrome browser with seven security fixes, including one for a zero-day vulnerability that was exploited in the wild. . Google on Wednesday released version 90.0.4430.85 of the Chrome browser for Windows, Mac, and Linux. The release contains seven security fixes, including one for a zero-day vulnerability that was exploited in the wild. The zero-day, which was assigned the identifier of CVE-2021-21224, was described as a "type confusion in V8". In an advisory penned by Chrome technical program manager Srinivas Sista, five vulnerabilities were detailed: CVE-2021-21222 heap buffer overflow in V8, CVE-2021-21223 integer overflow in Mojo, CVE-2021-21225 out of bounds memory access in V8, CVE-2021-21226 use after free in navigation, and CVE-2021-21224 type confusion in V8. . Mozilla released Firefox version 88.0.1, addressing five security issues, among them a patch for a critical vulnerability.. Chrome Update, Security Patch, Zero-Day Vulnerability. . Brittany Day
Apr 21, 2021
•
Security Vulnerabilities
210
security advisorykernel securitymemory accessARMv8 Security Issue: PAN Control Bypass and Kernel Implications
Are you aware that memory access protections baked into the ARMv8 64-bit specification are vulnerable to being bypassed? The Arm team has just recently mitigated the bug, which would allow an attacker to circumvent its “Privileged Access Never” (PAN) controls in the kernel. . PAN, introduced in 2014, is a meant to prevent privileged access to user data unless explicitly enabled – as a security mechanism against possible software attacks. A Linux kernel commit message on January 6 this year acknowledges the issue and puts in place a stop-gap measure. But one security researcher, “Siguza” says they originally found the flaw in October 2018 and that PAN “was never an issue to get around”. The link for this article located at Computer Business Review is no longer available. . Deficiencies in memory access controls within ARMv8 architectures present security risks, enabling unauthorized bypassing of kernel-level privileges.. Arm Chips, Vulnerable Memory Access, Kernel Circumvention, PAN Bypass. . Brittany Day
Jan 13, 2020
•
Security Vulnerabilities
78
security advisoryRed HatkernelRed Hat 7 and CentOS 7 Kernel Security Update: Important Fixes
Red Hat and CentOS have announced the availability of important kernel security updates for their Red Hat Enterprise Linux 7 and CentOS Linux 7 operating system series that address two security vulnerabilities and numerous other bugs. Learn more: . Marked by Red Hat Product Security as having a security impact of "Important," the new Linux kernel security update is here to patch two vulnerabilities, namely CVE-2019-14821 , an out-of-bounds memory access issue via MMIO ring buffer discovered in Linux kernel's KVM hypervisor, and CVE-2019-15239 , a flaw that could allow a local attacker to trigger multiple use-after-free conditions, which may lead to a kernel crash or potentially in privilege escalation. Additionally, the kernel update also addresses several bugs, including missing SCSI VPD information for NVMe drives that breaks InfoScale, NULL pointer dereference at check_preempt_wakeup+0x109, panic in pick_next_task_rt, "Detected Tx Unit Hang" error with adapter reset, broken load balancing over VF LAG configuration, security issues on crypto vmx driver, XFS hangs on acquiring xfs_buf semaphore, single CPU VM hangs during open_posix_testsuite, and many others. The link for this article located at Softpedia News is no longer available. . Latest kernel release for Fedora and CentOS tackles severe vulnerabilities and multiple glitches, preserving system stability.. Kernel Updates, Red Hat Security, CentOS Updates, Important Fixes. . LinuxSecurity.com Team
Dec 05, 2019
•
Vendors/Products
78
security advisoryupdatepatchChrome: 10.0.648.204 High: Buffer Error And Memory Access Issues
Google has released version 10.0.648.204 of its Chrome web browser, a maintenance and security update to the Chrome 10 stable branch. The update addresses a total of six vulnerabilities in the WebKit-based browser that can be "exploited by malicious people to compromise a system" and rates all of them with a "High" priority. Secunia, for example, rates the vulnerabilities as highly critical.. According to Google, one of the high risk issues relates to a buffer error in base string handling, while two others have to do with use-after-free, where memory is deallocated but later accessed, in the frame loader and in HTMLCollection. The other issues range from a stale pointer in CSS handling and in SVG text handling, as well as a DOM tree corruption bug. The update also includes several performance and stability fixes and adds support for the browser's password manager on Linux systems. As part of its Chromium Security Reward programme, Google rewarded those who reported security vulnerabilities with a total of $8,500, of which $7,000 went to developer Sergey Glazunov alone. Further details of the Chrome vulnerabilities are being withheld until "a majority of users are up-to-date with the fix". The link for this article located at H Security is no longer available. . The recent update from Microsoft addresses multiple critical vulnerabilities, such as heap corruption and privilege escalation flaws within Windows.. Chrome 10 Update, Google Browser Security, Memory Management Issue. . LinuxSecurity.com Team
Mar 25, 2011
•
Vendors/Products
83
security advisoryOpenSSLmemory accessOpenSSL 0.9.8m Security Advisory: TLS Crash and Memory Access Issue
Crafted TLS packets can crash OpenSSL servers and clients. The problem is caused by an error in the ssl3_get_record() function, which processes SSL records. Data is transferred between end points in SSL records. According to an advisory from the OpenSSL development team, incorrectly formatted records can cause a memory access error.. OpenSSL versions 0.9.8f to 0.9.8m are in theory affected, however the bug depends on the C compiler used. Where 'short' is defined as a 16 bit integer (which is almost always the case) only 0.9.8m is affected. Updating to OpenSSL version 0.9.8n resolves the problem. The link for this article located at H Security is no longer available. . JavaScript vulnerability affects versions 6.0 to 6.5.1, necessary fix provided in update to 6.5.2; essential guidance for web developers.. OpenSSL Update, TLS Crash, Server Admin Guide, Memory Access Error. . LinuxSecurity.com Team
Mar 29, 2010
•
Hacks/Cracks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More