Happy Friday fellow Linux geeks! This week, important updates have been issued for the Linux kernel, Zstandard and QEMU. Read on to learn about these vulnerabilities and how to secure your system against them. 

 

Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!

Interested in learning about how to manage encrypted Linux devices across the entire organization? Join Garry McCracken CISSP, VP of Technology & CISO, WinMagic and Dave Wreski, Linux security expert and CEO of Guardian Digital for a webinar on Enterprise Linux Encryption Management for Businesses Wednesday October 12th at 2 PM EST. Get Your Spot Now!

Yours in Open Source,

Brittany Signature 150

Linux Kernel

LinuxKernelThe Discovery 

Twenty important security vulnerabilities were discovered in the Linux kernel.

The Impact

These bugs could result in privilege escalation attacks, denial of service (DoS) attacks, information disclosure, and other dangerous threats.

The Fix

An update is available for the Linux kernel that fixes these issues and introduces three new features. We recommend that you update now to protect against attacks and compromise.

Your Related Advisories:

Register to Customize Your Advisories

Zstandard

ZstandardThe Discovery 

It was discovered that Zstandard incorrectly handled certain inputs (CVE-2019-11922).

The Impact

An attacker could possibly use this issue to execute arbitrary code.

The Fix

A Zstandard update mitigates this flaw. We recommend that you update as soon as possible to protect the security and integrity of your systems.

Your Related Advisories:

Register to Customize Your Advisories

QEMU

QemuThe Discovery

Multiple security issues were discovered in the QEMU fast processor emulator (CVE-2020-13253, CVE-2020-15469, CVE-2020-15859 and CVE-2020-25084).

The Impact

These vulnerabilities could result in denial of service (DoS) or the execution of arbitrary code.

The Fix

A security update for QEMU has been released that remedies these flaws. We recommend that you update promptly to protect against potential security threats and disruptive downtime.

Your Related Advisories:

Register to Customize Your Advisories