Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and newsgroup client. The identified vulnerabilities could result in denial of service attacks, unauthorized acce...
A critical security vulnerability has been found in the popular Joomla open-source content management system that has left millions of websites open to the risk of remote code execution (RCE) due to multiple cross-site scripting (XSS) bugs. The vulnerability is linked to a fundamental flaw in Joomla's core filter component and is tracked as CVE-2024-21726.
A critical vulnerability in the Shim program, which is used in Linux distributions that support secure boot. The bug, CVE-2023-40547, allows an attacker to execute remote code, potentially resulting in complete system compromise.
Multiple security vulnerabilities have recently been discovered in the XOrg Server prior to 21.1.11, and Xwayland display implementations prior to 23.2.4. These vulnerabilities could potentially result in heap overflows, out-of-bounds writes, and local privilege escalation, potentially enabling attackers to view additional infrastructure to attack, add or delete users, or modify permissions of files or other users.
Imagine your most sensitive and critical information being made accessible to threat actors without your permission or knowledge. This is exactly what a new information disclosure flaw discovered in the Linux kernel up to 5.17 could result in. As a Linux admin, staying up-to-date on vulnerabilities like this one is crucial to keeping your critical systems and confidential data secure. To help you understand and protect against this kernel bug, we'll explore its implications for security practitioners and the long-term consequences it may bring. We'll also explain how to secure your systems against this dangerous kernel flaw.
Four significant vulnerabilities have been discovered in the GNU C Library (glibc), a fundamental component of most Linux distributions. These vulnerabilities pose a significant risk to millions of Linux systems, as they can allow attackers to gain full root access and execute remote code on affected systems.
Vulnerabilities in the Linux kernel are an unfortunate reality of open-source software, as no code is ever perfect. While the open-source community overall does an excellent job finding and patching bugs, zero days will occasionally slip through. Recently, security researchers discovered yet another local privilege escalation vulnerability that impacts all versions of the Linux kernel.
Vulnerabilities have been discovered in Bluetooth technology that affect various operating systems. As Linux admins, infosec professionals, Internet security enthusiasts, and sysadmins, it is crucial to understand the implications of these vulnerabilities and the impact they may have on our work. Let's have a closer look at these flaws, how they work, their impact on Linux users, and how to mitigate your risk.
In the wake of the infamous “Terrapin vulnerability,” which allows a man-in-the-middle (MITM) attacker to access impacted users’ sensitive information in transit, Debian and Ubuntu have released security updates addressing five OpenSSH flaws. Let's explore the intricacies of these vulnerabilities, how they work, and recommended measures to fortify your OpenSSH environment.
Researchers recently uncovered a sophisticated attack dubbed Terrapin that takes advantage of a weakness in the SSH protocol to gain access to servers. The attack targets a specific implementation issue in OpenSSH 7.2 through 8.8 that allows remote code execution. By sending carefully crafted data, attackers can overflow the stack buffer and execute commands, leading to complete server compromise.
Ansible is a widely used open-source configuration management and automation tool popular among Linux system administrators. A vulnerability recently disclosed in Ansible could allow attackers to access sensitive information on servers Ansible manages. This is a serious issue that Linux admins and IT teams need to take action on.
It was discovered that the HAProxy load balancing reverse proxy incorrectly handled URI components containing the hash character (CVE-2023-45539). This vulnerability is very straightforward for a remote attacker to exploit and severely threatens impacted users’ sensitive information, making it among the worst bugs we’ve seen in a while!
A severe use-after-free vulnerability has been found in Chromium (CVE-2023-5472), which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability, which Chromium has rated as “high-severity”, is related to a bug in the webRTC (Real-time Communication) functionality.
A newly discovered vulnerability in Bluetooth affects Android, Apple, and Linux devices and could be used to inject keystrokes into devices using a man-in-the-middle attack.
LockBit ransomware is exploiting a critical Citrix bleed vulnerability to break into enterprise networks. The malware spreads via infected USB sticks and allows hackers to steal data and install more malware.
Several vulnerabilities have been found in the widely used Xorg X server, the most severe being an out-of-bounds write flaw due to an incorrect calculation of a buffer offset (CVE-2023-5367). Due to how easy this vulnerability is to exploit and its significant threat to the confidentiality, integrity, and availability of impacted systems, this bug has received a National Vulnerability Database base score of 7.8 out of 10 (“High” severity).
The Curl application is a tool many software programs use to transmit various types of data to and from servers. It's essentially a workhorse allowing the other programs on your computer to communicate with the internet in a standard and efficient manner.
Uncontrolled Recursion has been discovered in pdfinfo and pdftops in version 0.89.0 of the Poppler PDF rendering library (CVE-2020-23804). This severe stack overflow vulnerability, which has received a National Vulnerability Database base score of 7.5 out of 10, significantly threatens the availability of impacted systems.
A severe, remotely exploitable Type Confusion vulnerability has been found in Chromium (CVE-2023-5346). Due to its significant threat to the confidentiality, integrity, and availability of impacted systems, this bug has received a National Vulnerability Database base score of 8.8 out of 10 (“High” severity).
A notorious buffer overflow vulnerability dubbed “Looney Tunables” was recently found in the GNU C Library. This severe bug exists in the glibc dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable (CVE-2023-4911). This vulnerability was introduced in April 2021 and poses a significant threat to systems with default installations of Fedora 37 and 38, Ubuntu 22.04 and 23.04, and Debian 12 and 13.