Thank you for reading our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week's most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.
Today’s newsletter highlights our two most recent feature articles: How To Encrypt Files on Linux and LinuxSecurity User Survey Results: How Do You Compare?. We also examine various topics including three fifteen-year-old vulnerabilities in the iSCSI kernel subsystem which could lead to local privilege escalation, information leakage and Denial of Service (DoS) conditions, and how Endlessh can help secure SSH servers. Happy Monday - and happy reading!
Researchers have discovered three vulnerabilities capable of granting attackers root privileges on Linux systems if they are able to gain access through other methods. These bugs, which affect the iSCSI kernel subsystem, have existed for more than 15 years.
Canonical has released another Linux kernel security update for Ubuntu to address six vulnerabilities affecting the Linux 5.8 and 5.4 kernels of several Ubuntu releases. Update ASAP to prevent DoS, information leakage and other security threats.
Endlessh is an SSH tarpit that very slowly sends an endless, random SSH banner. It keeps SSH clients locked up for hours or even days at a time. Learn about Endlessh and how it helps secure SSH servers.
Learn how Kubernetes can be configured and used to satisfy the seven principles for a successful DevSecOps approach using Kubernetes identified in the Department of Defense Enterprise DevSecOps Reference Design .
Linus Torvalds and Greg Kroah-Hartman have shared their thoughts with ZDNet's Steven J. Vaughan-Nichols about the possibility of new Linux kernel code being written in Rust "a high performance but memory-safe language sponsored by the Mozilla project.
Im writing this post because I often hear that kernel exploitation is intimidating or difficult to learn. As a result, Ive decided to start a series of basic bugs and exercises to get you started! Prerequisites Knowledge of the Linux command line Knowing how to read and write basic C may be beneficial Being able to debug with the help of a virtual computer or another system Able to install the kernel module compilation build requirements A basic understanding of the difference between userland and kernelland could be helpful Having a basic understanding of assembly can be beneficial for future episodes For this part, I wrote a simple Linux character device , /dev/shell . This driver will take two arguments, uid and cmd , and it will execute the cmd command as the specified uid . To understand how this driver works, Ill explain a few things!
Cybersecurity researchers have identified two new vulnerabilities in Linux-based OSes that, if successfully exploited, could enable attackers to bypass mitigations for speculative attacks such as Spectre and obtain sensitive information from kernel memory.