Linux News Articles
Recent news articles refferecing the vendors vulnerabilities.
Google patches 46 Android bugs, including exploited kernel flaw
CVE-2024-36971 could enable remote code execution due to a use-after-free error.
1 month ago
prophaze.com CVE-2024-47666CVE-2024-47666 : LINUX KERNEL UP TO 6.6.50/6.10.9 PM80XX PM8001_PHY_CONTROL STACK-BASED OVERFLOW - Cloud WAF
CVE-2024-47666 : In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion pointer with a stack address, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and returns...
1 month ago
CybersecurityNews CVE-2024-26581PoC Exploit Released for Linux Kernel Vulnerability that Allows Root Access
poc releaed for a critical security vulnerability, identified as CVE-2024-26581, has been discovered in the Linux kernel, posing significant risks to systems worldwide
3 months ago
yitian.ir CVE-2023-0386CVE-2023-0386 | Vulnerabilities
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file
3 months ago
CVE-2023-2163: How we found and fixed an eBPF Linux Kernel Vulnerability | TechnologyConnect
This blog covers various tips and tools for programming, focusing on enhancing coding efficiency and productivity. It explores popular programming languages, development environments, and vital practices to improve code quality.
3 months ago
IlSoftware.it CVE-2023-2163Google scopre una grave vulnerabilità nel kernel Linux: il ruolo di eBPF
Google scopre una grave vulnerabilità nel kernel Linux e spiega che tutto scaturisce dall'integrazione del prezioso eBPF.
3 months ago
AbcLinuxu CVE-2023-2163KOMIX - Sportovci
Black Hat USA 2024, DEF CON 32, Pwnie Awards 2024 dnes 05:00 | IT novinkyVčera v Las Vegas skončila bezpečnostní konference Black Hat USA 2024 (𝕏) a začala bezpečnostní konference DEF CON 32...
3 months ago
Google Rolls Out Patch For Android Kernel Vulnerability
Google announced the company's August 2024 security patches for Android, including a high-severity zero-day vulnerability exploited in targeted attacks..
3 months ago
Google says Android zero-day was exploited in the wild
Google published information about an Android zero-day vulnerability tracked as CVE-2024-36971, which affects the Linux kernel.
3 months ago
Google patches 46 Android bugs, including exploited kernel flaw
CVE-2024-36971 could enable remote code execution due to a use-after-free error.
3 months ago
The Register CVE-2024-36971Google fixes Android kernel RCE bug under active exploit
Google released 46 fixes for Android in its August security patch batch, including one for a Linux kernel flaw in the mobile OS that can lead to remote code execution (RCE). From the sounds of things, this...
4 months ago
CVE-2024-36971Google fixes Android kernel RCE bug under active exploit
Google released 46 fixes for Android in its August security patch batch, including one for a Linux kernel flaw in the mobile OS that can lead to remote code execution (RCE). From the sounds of things, this...
4 months ago
Security Affairs CVE-2024-36971Google warns of an actively exploited Android kernel flaw
Google addressed an actively exploited high-severity vulnerability, tracked as CVE-2024-36971, impacting the Android kernel.
4 months ago
SecurityLab.ru CVE-2024-36971Ваш Android под ударом: CVE-2024-36971 активно используется злоумышленниками
Августовский патч безопасности призван защитить все уязвимые устройства.
4 months ago
The Hacker News CVE-2024-36971Google Patches New Android Kernel Vulnerability Exploited in the Wild
Google patches CVE-2024-36971, a high-severity Android kernel flaw exploited in targeted attacks. Learn about the August security updates.
4 months ago
Google Patches Android Zero-Day Exploited in Targeted Attacks
Google has patched CVE-2024-36971, a high-severity kernel zero-day vulnerability in Android that has been exploited in targeted attacks.
4 months ago
Google fixes Android kernel zero-day exploited in targeted attacks
Android security updates this month patch 46 vulnerabilities, including a high-severity remote code execution (RCE) exploited in targeted attacks.
4 months ago
Rewterz CVE-2024-36886CVE-2024-36886 – Linux Kernel Zero-Day Vulnerability - Rewterz
Linux Kernel could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free when processing fragmented TIPC messages.
5 months ago
SystemTek CVE-2024-36886Linux Kernel TIPC Message Reassembly Use-After-Free Remote Code Execution Vulnerability [CVE-2024-36886]
CVE number = CVE-2024-36886 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but...
5 months ago
Oracle Blogs CVE-2023-2598Ksplice Known Exploit Detection for io_uring, glibc, overlayfs and netfilter
Latest edition in this blog series describing recent Ksplice Known Exploit Detection implementations.
5 months ago
dayzerosec CVE-2023-2598Conquering the memory through io_uring - Analysis of CVE-2023-2598
A very powerful bug in the `io_uring ` driver of the linux kernel. In this case, the vulnerability is in the handling of registering fixed buffers via the `IORING_REGISTER_BUFFERS` opcode, which allows an application to 'pin' and register memory for long-term use, which includes making it exempt fro...
5 months ago
CrowdStrike CVE-2024-1086Active Exploitation Observed for Linux Kernel Privilege Escalation Vulnerability (CVE-2024-1086)
Last week, CISA added CVE-2024-1086 to its Known Exploited Vulnerability Catalog. In this blog, we share the details of this vulnerability and how Crowdstrike’s customers are protected from exploitation.
6 months ago
CISA adds Linux kernel flaw to KEV list
The Cybersecurity and Infrastructure Security Agency has updated its Known Exploited Vulnerabilities catalog to include a use-after-free security issue impacting Linux kernel versions from 5.14 to 6.6, tracked as CVE-2024-1086, which could be leveraged to enable arbitrary code execution and privileg...
6 months ago
CISA warns of actively exploited Linux privilege elevation flaw
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added two vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog, including a Linux kernel privilege elevation flaw.
6 months ago
Ars Technica CVE-2024-1086Federal agency warns critical Linux vulnerability being actively exploited
Cybersecurity and Infrastructure Security Agency urges affected users to update ASAP.
6 months ago
Spiceworks CVE-2024-1086CISA Alert on Linux Kernel Flaw - Spiceworks
CISA has added a new security flaw affecting the Linux kernel to its Known Exploited Vulnerabilities (KEV) catalog. Find out more.
6 months ago
CISA Warns of Exploited Linux Kernel Vulnerability
CISA instructs federal agencies to mitigate CVE-2024-1086, a Linux kernel flaw leading to privilege escalation.
6 months ago
The Hacker News CVE-2024-1086CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw
CVE-2024-1086, a high-severity flaw in the Linux kernel, is actively exploited, allowing attackers to gain root access.
6 months ago
IT-Sicherheit: Linux gefährdet - Neue Sicherheitslücke bei Linux Kernel
Für Linux Kernel gibt es eine aktuelle Sicherheitswarnung. Wodurch die IT-Sicherheit bei Systemen von Linux bedroht wird, wie hoch das Risiko ist und wie sich betroffene Nutzer verhalten sollten, lesen Sie hier.
6 months ago
Crypto, Bluetooth Vulns, Unsafe Locks – PSW #822
The PSW crew discusses some crypto topics, such as post-quantum and GoFetch, new Flipper Zero projects, RFID hacking and hotel locks, BlueDucky, side channel attacks and more!
6 months ago
Orpheus Cyber CVE-2023-0179BLOG: Patching The Reserved - Highly Exploitable Kernel Bugs in Purgatory - Orpheus Cyber
Written by Femke Bolle & Alex Ashby The CVE release and NVD CVSS severity scoring processes have well-established latency issues, with CVEs sometimes taking months to be published and scored. This presents a significant threat to any vulnerability management strategy reliant on the NVD and MITRE. T...
6 months ago
Ethical Hacking - CVE-2023-0179: A Buffer Overflow Vulnerability in the Linux Kernel
A buffer overflow vulnerability was recently discovered in the Netfilter subsystem of the Linux kernel. This vulnerability, tracked as CVE-2023-0179, could allow a local attacker to gain root privileges on the affected system.
6 months ago
NopSec CVE-2023-0179Top Trending CVEs of January 2023 | NopSec
Roll up your sleeves and drop to a command line as we cover some of January’s trendiest vulnerabilities. Read more to help your organization stay secure.
6 months ago
Medium CVE-2023-0179CVE-2023-0179: New linux kernel exploit
Have you heard about CVE-2023-0179, the Linux kernel exploit that has been assigned the tracking number CVE-2023-0179? It's a stack-based buffer overflow that exists in the Netfilter framework…
6 months ago
betrusted.it CVE-2023-017964 bytes and a ROP chain - A journey through nftables - Part 1
Dive into the process of Linux kernel exploitation: focus on CVE-2023-0179 and Local Privilege Escalation (LPE).
6 months ago
CybersecurityNews CVE-2024-26925Balaji N
Balaji is an Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security Head of Security - Ethical Hackers Academy Inc
7 months ago
CybersecurityNews CVE-2024-26925Vulnerability Archives
Postman API Testing Platform Flaw Exposes Sensitive Credentials Truffle Security Co. has recently discovered a major vulnerability in Postman, the widely used API testing platform. This flaw...
7 months ago
CybersecurityNews CVE-2024-26925Linux Kernel Vulnerability (CVE-2024-26925) Let Hackers Access Unauthorized Data
In a significant update from the Linux kernel's security team, a critical vulnerability identified as CVE-2024-26925 has been addressed.
7 months ago
prophaze.com CVE-2024-26817CVE-2024-26817 : LINUX KERNEL UP TO 6.8.5 AMDKFD KZALLOC INTEGER OVERFLOW - Cloud WAF
CVE-2024-26817 : In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow.
7 months ago
Medium CVE-2024-1086CVE-2024–1086
CVE-2024-1086 is a use-after-free vulnerability found in the Linux kernel allowing attackers to exploit local systems for privilege escalation. This could lead to unauthorized access and data breaches
7 months ago
.png){kind=small}
Binalyze CVE-2024-1086Proactively Detect Exploitation Attempts on Linux Systems: Unpacking CVE-2024-1086
CVE-2024-1086 is a critical vulnerability that affects Linux operating systems allowing local users to execute code with elevated privileges.
7 months ago
Patches for CVE-2024-1086 for CloudLinux 6h, 7 users on KernelCare Live
Update April 8, 2024: Updated ETA for CloudLinux 6h and CloudLinux 7. The KernelCare team is working to deploy a live patch for CVE-2024-1086 for Clou
7 months ago
DirectAdmin Forums CVE-2024-1086Kernel (CVE-2024-1086)
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation ref...
7 months ago
CloudLinux CVE-2024-1086CVE-2024-1086 Vulnerability - Mitigation for CloudLinux OS servers
A new vulnerability was discovered in the Netfilter subsystem in the Linux kernel identified as CVE-2024-1068. The CloudLinux team is actively working to address and mitigate the security issue within our software.
8 months ago
AlmaLinux OS CVE-2024-1086AlmaLinux OS - CVE-2024-1086 and XZ
An Open Source, community owned and governed, forever-free enterprise Linux distribution.
8 months ago
The Register CVE-2024-1086Easy privilege escalation exploit lands for Linux kernels
A Linux privilege-escalation proof-of-concept exploit has been published that, according to the bug hunter who developed it, typically works effortlessly on kernel versions between at least 5.14 and...
8 months ago
daily.dev CVE-2024-1086Linux Kernel Privilege Escalation Vulnerability (CVE-2024-1086) Alert | daily.dev
A privilege escalation vulnerability (CVE-2024-1086) has been detected in the Linux kernel, allowing local attackers to elevate privileges to root. Affected users should update their kernel version for protection.
8 months ago
Xe Iaso CVE-2024-1086"No way to prevent this" say users of only language where this regularly happens - Xe Iaso
Published on 03/26/2024, 215 words, 1 minutes to read A forlorn business man resting his head on a brown wall next to a window. - Photo by Andrea Piacquadio, source: Pexels In the...
8 months ago
Veeam Community Resource Hub CVE-2024-1086Linux Kernel Exploit - CVE-2024-1086 | Veeam Community Resource Hub
It appears there has been a noticed exploit vulnerability in Linux Kernels v5.14 up to v6.6. The exploit seems to be a “privilege escalation from unpriv...
8 months ago
devopsforum.uk CVE-2024-1086Linux Kernel Privilege Escalation Vulnerability (CVE-2024-1086) Alert
NSFOCUS CERT has detected that details and a proof-of-concept (PoC) tool for a Linux kernel privilege escalation vulnerability CVE-2024-1086, have been publicly disclosed recently. Due to a use-after-free vulnerability in the netfilter: nf_tables component of the Linux kernel, the nft_verdict_ini...
8 months ago