Linux News Articles

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its KEV Catalog, based on evidence of active exploitation

2 days ago

CISA warns of attackers exploiting Linux flaw with PoC exploit

CISA has warned U.S. federal agencies about attackers targeting a high-severity vulnerability in the Linux kernel's OverlayFS subsystem that allows them to gain root privileges.

2 days ago

CISA Warns of Linux Kernel Improper Ownership Management Vulnerability Exploited in Attacks

CISA has added a critical Linux kernel vulnerability to its KEV catalog, is being actively exploited in real-world attacks. 

2 days ago

CISA Alerts to Active Exploits of Linux Kernel Ownership Flaw

CISA issued an urgent alert regarding active exploitation of a critical Linux kernel vulnerability, tracked as CVE-2023-0386.

2 days ago

CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability

CISA warns CVE-2023-0386 is being actively exploited, impacting Linux systems via OverlayFS. Patching is urgent.

2 days ago

Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation

Qualys has disclosed two Linux vulnerabilities that can be chained for full root access, and CISA added a flaw to its KEV catalog.

3 days ago

How OpenAI’s o3 model uncovered a zero-day vulnerability in the Linux kernel

Technology expert Sean Heelan explained how he discovered a zero-day vulnerability in Linux using OpenAI's AI model ' o3 ', which dramatically improves its ability to reason about code. How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel's SMB im...

1 week ago

Re: [PATCH openEuler-1.0-LTS 0/2] CVE-2025-37752 - Kernel - mailweb.openeuler.org

patchwork bot 21 May 2025 21 May '25 5:51...

1 week ago

It’s A Trap! – PSW #876

In the security news: Vicious Trap – The malware hiding in your router Hacking your car WSL is open-source, but why? Using AI to find vulnerabilities – a case study Why you should not build your own password manager The inside scoop behind Lumma Infostealer Hacking a smart grill Hardcoded credentia...

2 weeks ago

CVE Trends Dashboard

We're in the process of developing the mobile version of our website to improve your browsing experience on smaller screens. Keep an eye out for its release in the near future.Thank you for your patience!

2 weeks ago

Linux Zero-Day Vulnerability Discovered Using Frontier AI

Large language models have taken a big step forward in their ability to help chase down code flaws, said vulnerability researcher who successfully trained OpenAI's

3 weeks ago

OpenAI’s o3 AI Found a Zero-Day Vulnerability in the Linux Kernel, Official Patch Released

A security researcher has discovered a security flaw in the Linux kernel using the OpenAI o3 reasoning model. An official patch has been released.

4 weeks ago

OpenAI’s o3 AI Found a Zero-Day Vulnerability in the Linux Kernel, Official Patch Released

A security researcher has discovered a security flaw in the Linux kernel using the OpenAI o3 reasoning model. An official patch has been released.

4 weeks ago

Critical Vulnerability in Linux Kernel: INFTL Read OOB Error Handling

Learn about CVE-2025-37892, a critical vulnerability in the Linux kernel affecting Debian systems. Discover how to fix it and check your application with Vulert.

1 month ago

OpenAI's o3 model helps identify significant Linux security threat

A critical zero-day vulnerability, CVE-2025-37899, has been identified within the Linux kernel, affecting its ksmbd component.

1 month ago

AI Finds CVE-2025-37899 Zero-Day In Linux SMB Kernel

OpenAI’s o3 model uncovers CVE-2025-37899, a zero-day use-after-free vulnerability in the Linux kernel’s SMB implementation.

1 month ago

AI Finds CVE-2025-37899 Zero-Day In Linux SMB Kernel

OpenAI’s o3 model uncovers CVE-2025-37899, a zero-day use-after-free vulnerability in the Linux kernel’s SMB implementation.

1 month ago

Linux kernel SMB 0-Day Vulnerability Uncovered Using ChatGPT

A zero-day vulnerability in the Linux kernel was discovered, utilizing OpenAI's o3 model. This finding, designated as CVE-2025-37899, marks a significant advancement in AI-assisted vulnerability research.

1 month ago

Linux kernel SMB 0-Day Vulnerability Uncovered Using ChatGPT

A zero-day vulnerability in the Linux kernel was discovered, utilizing OpenAI's o3 model. This finding, designated as CVE-2025-37899, marks a significant advancement in AI-assisted vulnerability research.

1 month ago

USN-6651-3: Linux kernel (StarFive) vulnerabilities | Ubuntu security notices | Ubuntu

Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.

1 month ago

CVE-2025-37752 Impact, Exploitability, and Mitigation Steps | Wiz

Understand the critical aspects of CVE-2025-37752 with a detailed vulnerability assessment, exploitation potential, affected technologies, and remediation guidance.

CVE-2024-26809: Linux Nftables Double-Free Vulnerability

CVE-2024-26809 is a critical Linux nftables flaw allowing privilege escalation via a double-free bug. Patch your systems to prevent potential exploitation.

PoC Exploit Released For Linux Kernel’s nftables Subsystem Vulnerability

A critical Proof-of-Concept (PoC) exploit has been released for a significant vulnerability in the Linux kernel’s nftables subsystem.

PoC Code Published for Linux nftables Security Vulnerability

Security researchers have published proof-of-concept (PoC) exploit code for CVE-2024-26809, a high-severity double-free vulnerability in Linux’s nftables firewall subsystem.

Critical Linux Kernel Vulnerability Exposes Systems to Privilege Escalation Attacks

A significant vulnerability in the Linux kernel's Virtual Socket (vsock) implementation, designated as CVE-2025-21756, has been identified that could allow local attackers to escalate privileges to root level. 

Critical Linux Kernel Flaw (CVE-2025-21756) Allows Privilege Escalation - IT Security News

IT Security News - Critical Linux Kernel Flaw (CVE-2025-21756) Allows Privilege Escalation -

Critical Linux Kernel Flaw (CVE-2025-21756) Allows Privilege Escalation

A newly disclosed vulnerability in the Linux kernel, tracked as CVE-2025-21756 and dubbed “Attack of the Vsock,”.

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-53104(link is external) Linux Kernel Out-of-Bounds Write...

Linux Kernel Vulnerability Let Attackers Escalate Privilege - PoC Released 

A newly discovered vulnerability, CVE-2024-53141, in the Linux kernel’s IP sets framework has exposed a critical security flaw.

PoC Released for Linux Kernel Vulnerability Allowing Privilege Escalation

A security vulnerability, tracked as CVE-2024-53141, has recently come to light in the Linux kernel's ipset component.

CISA Alerts on Actively Exploited Linux Kernel Out-of-Bounds & Read Flaw

The Cybersecurity and Infrastructure Security Agency (CISA) has issued alerts regarding two actively exploited vulnerabilities in the Linux Kernel.

CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation

CISA adds vulnerabilities CVE-2024-53197, CVE-2024-53150 to catalog

CISA adds CVE-2024-53197 and CVE-2024-53150 to the Known Exploited Vulnerabilities Catalog, urging remediation to protect networks.

Google Releases April Android Update to Address Two Zero-Days

Google’s latest Android update fixes 62 flaws, including two zero-days previously used in limited targeted attacks

2 Android Zero-Day Bugs Under Active Exploit

Neither security issue requires user interaction; and one of the vulnerabilities was used to unlock a student activist's device in an attempt to install spyware.

Google releases new Android update to fix two exploited vulnerabilities

Updating now prevents hackers from exploiting these two confirmed Android security flaws

Google fixes two actively exploited zero-day vulnerabilities in Android

Google has issued patches for 62 vulnerabilities in Android, including two actively exploited zero-days.

Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities

Google patched 62 flaws, including two actively exploited kernel bugs, closing exploit chains used in Android attacks.

Android Update Patches Two Exploited Vulnerabilities

Android’s latest security update resolves two exploited Kernel vulnerabilities, as well as critical-severity bugs.

Google addresses 2 actively exploited vulnerabilities in security update

Serbian security services exploited one of the actively exploited vulnerabilities to break into the phone of a youth activist in Serbia, according to Amnesty International.

Эксплойт для дыры в ядре Linux угрожает пользователям Ubuntu 22.04

Специалисты рассказали о серьёзной уязвимости в ядре Linux, затрагивающей пользователей Ubuntu 22.04. Брешь получила идентификатор CVE-2025-0927 и затрагивает имплементацию файловой системы HFS+.Баг может позволить злоумышленнику повысить локальные

Linux Kernel Vulnerability Allows Attackers to Escalate Privileges via Out-of-Bounds Write

A recently discovered vulnerability in the Linux kernel, identified as CVE-2025-0927, poses a significant threat to system security.

PoC Exploit Released for Use-after-free Linux Kernel Vulnerability

Security researchers have publicly released a proof-of-concept (PoC) exploit for CVE-2024-36904, a critical use-after-free vulnerability.

PoC Exploit Released for Linux Kernel Use-After-Free Vulnerability

A proof-of-concept (PoC) exploit has been released for a use-after-free vulnerability in the Linux kernel, identified as CVE-2024-36904.

PoC Exploit Released for Actively Exploited Linux Kernel Out-Of-Bounds Write Vulnerability

A proof-of-concept (PoC) exploit has been released for a high-severity out-of-bounds write vulnerability in the Linux kernel, identified as CVE-2024-53104. The vulnerability exists within the USB Video Class (UVC) driver and can lead to privilege escalation.

Google rolls out update with security patch to fix zero-day vulnerabilities in Android phones

It has come to light that some state-sponsored espionage team using Cellebrite’s mobile forensic tools may have exploited the CVE-2024-50302 vulnerability to hack the Android phones of student activists of Serbia.

Google fixed two actively exploited Android flaws

Android ’s March 2025 security update addresses over 40 vulnerabilities, including two flaws actively exploited in attacks in the wild.

Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities

Google’s March 2025 Android Security Bulletin fixes 44 vulnerabilities, including two actively exploited flaws.