Linux admins -

The initramfs is a temporary root filesystem that is loaded into memory before your system boots. If you're in a datacenter or others have physical access to your machine, you need to be aware that an attacker with access to the debug shell can modify the initramfs - injecting malicious code - and repack it without the victim noticing.

Read on to learn more about how this works and what you can do to protect your systems (even if no one else has physical access).

Yours in Open Source,

Dv Signature Newsletter 2024 Esm W150

Dave Wreski

LinuxSecurity Founder

initramfs

The Discovery 

A flaw has been discovered in the initramfs temporary root filesystem that can let an attacker sidestep your full-disk encryption.

LinuxKernel Esm W206

The Impact

With just a bit of physical access and a dash of clever manipulation, this bug can enable an attacker to inject malicious code.

The Fix

Patches have been released for this stealthy initramfs flaw. All impacted admins should update immediately to secure their systems against these dangerous attacks.

Your Related Advisories:

[distro_list_1]

TinyProxy / Sing-box

The Discovery 

Attackers are abusing legitimate proxy tools like TinyProxy and Sing-box to hide malicious activities of carry out suspicious operations.

Ethical Hacking Esm W400

The Impact

These exploits could lead to compromise or ongoing attacks against your Linux systems.

 The Fix

 Important bug fixes have been released to mitigate these flaws. All impacted admins should update as soon as possible to secure their systems and prevent attacks.

Your Related Advisories:

[distro_list_2]