Happy Friday fellow Linux geeks! This week, important updates have been issued for the Linux Kernel, GNU C Library and WebKitGTK. Read on to learn about these vulnerabilities and how to secure your system against them.
Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.
Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!
Yours in Open Source,
Linux KernelThe DiscoveryMultiple security issues have been discovered in the Linux kernel, one of which has been deemed the most high-severity Linux security vulnerability in years. CVE-2022-0847, which has been named Dirty Pipe, is a bug in the kernel since version 5.8 due to uninitialized variables. It enables anybody to write arbitrary data to arbitrary files, even if the file is O_RDONLY, immutable or on a MS_RDONLY filesystem. |
GNU C LibraryThe DiscoverySeveral security issues were found in GNU C Library (CVE-2016-10228, CVE-2019-25013, CVE-2020-27618, CVE-2020-29562, CVE-2020-6096, CVE-2021-27645, CVE-2021-3326, CVE-2021-35942, CVE-2021-3998, CVE-2021-3999, CVE-2022-23218 and CVE-2022-23219). The ImpactExploitation of these vulnerabilities could result in denial of service (DoS), the execution of arbitrary code, or information leakage. The FixThese flaws in GNU C Library have now been fixed. Update promptly to protect sensitive information and the security, integrity and availability of your systems. Your Related Advisories:Register to Customize Your Advisories |
WebKitGTKThe DiscoverySeveral remotely-exploitable security issues were discovered in the WebKitGTK Web and JavaScript engines (CVE-2022-22589, CVE-2022-22590 and CVE-2022-22592). The Impact
|
