Linux News Articles

Google rolls out update with security patch to fix zero-day vulnerabilities in Android phones

It has come to light that some state-sponsored espionage team using Cellebrite’s mobile forensic tools may have exploited the CVE-2024-50302 vulnerability to hack the Android phones of student activists of Serbia.

5 days ago

Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities

Google’s March 2025 Android Security Bulletin fixes 44 vulnerabilities, including two actively exploited flaws.

6 days ago

Linux kernel flaw added to CISA's exploited vulnerabilities list

Flaw could let attackers escalate privileges on popular Google Android and Pixel devices.

1 week ago

Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone

Cellebrite's zero-day exploit bypassed an Android lock screen to access a Serbian activist’s phone. Amnesty links attack to Linux kernel flaws.

1 week ago

Samsung Update Surprises Galaxy S25 Buyers—You Will Miss Deadline

Samsung’s new flagship comes with a nasty surprise—here’s what to know.

4 weeks ago

Seven Years Old Linux Kernel Vulnerability Let Attackers Execute Remote Code

Researchers have uncovered a critical flaw in the Linux kernel that could allow attackers to execute remote code. 

1 month ago

Google Pixel Deadline—21 Days To Update Or Stop Using Your Phone

Government update warning comes as attacks are confirmed underway.

Linux kernel flaw added to CISA's exploited vulnerabilities list

Flaw could let attackers escalate privileges on popular Google Android and Pixel devices.

Critical Linux 0-Day Attack Warning: U.S. Government Says Act Now

As critical Linux attacks are confirmed, the Department of Homeland Security warns users to update now.

CISA Adds Actively Exploited Linux Kernel Vulnerability to Known Exploited Vuln Catalog

cisa has added a critical Linux kernel vulnerability, CVE-2024-53104, to its Known Exploited Vulnerabilities (KEV) Catalog.

CISA orders agencies to patch Linux kernel bug exploited in attacks

​CISA has ordered federal agencies to secure their systems within three weeks against a high-severity Linux kernel flaw actively exploited in attacks.

Android security update includes patch for actively exploited vulnerability 

Google has addressed a total of 47 security vulnerabilities in its February update for the Android operating system.

Android Security Update Fixes Linux Kernel RCE Flaw Allow Read/Write Access

On February 3, 2025, Google published its February Android Security Bulletin, which addresses a total of 47 vulnerabilities affecting Android devices.

Google warns Android users of a kernel flaw under attack

Google has released its February Android security updates, including a fix for a high-severity kernel-level vulnerability, which is suspected to be in use by targeted exploits. The flaw, CVE-2024-53104, is an...

Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104

Google’s February 2025 update patches 47 Android flaws, including CVE-2024-53104, exploited in the wild, and CVE-2024-45569 in Qualcomm WLAN.

Google fixed actively exploited kernel zero-day flaw

The February 2025 Android security updates addressed 48 vulnerabilities, including a kernel zero-day flaw exploited in the wild.

Vulnerability Patched in Android Possibly Exploited by Forensic Tools

The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild.

Multiple Linux Kernel Vulnerabilities In Defer Partition Scanning Patched

The Linux kernel development team has recently addressed two significant vulnerabilities affecting various versions of the Linux operating system.

Google patches 46 Android bugs, including exploited kernel flaw

CVE-2024-36971 could enable remote code execution due to a use-after-free error.

CVE-2024-47666 : LINUX KERNEL UP TO 6.6.50/6.10.9 PM80XX PM8001_PHY_CONTROL STACK-BASED OVERFLOW - Cloud WAF

CVE-2024-47666 : In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion pointer with a stack address, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and returns...

PoC Exploit Released for Linux Kernel Vulnerability that Allows Root Access

poc releaed for a critical security vulnerability, identified as CVE-2024-26581, has been discovered in the Linux kernel, posing significant risks to systems worldwide

CVE-2023-0386 | Vulnerabilities

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file

CVE-2023-2163: How we found and fixed an eBPF Linux Kernel Vulnerability | TechnologyConnect

This blog covers various tips and tools for programming, focusing on enhancing coding efficiency and productivity. It explores popular programming languages, development environments, and vital practices to improve code quality.

Google scopre una grave vulnerabilità nel kernel Linux: il ruolo di eBPF

Google scopre una grave vulnerabilità nel kernel Linux e spiega che tutto scaturisce dall'integrazione del prezioso eBPF.

KOMIX - Sportovci

Black Hat USA 2024, DEF CON 32, Pwnie Awards 2024 dnes 05:00 | IT novinkyVčera v Las Vegas skončila bezpečnostní konference Black Hat USA 2024 (𝕏) a začala bezpečnostní konference DEF CON 32...

Google Rolls Out Patch For Android Kernel Vulnerability

Google announced the company's August 2024 security patches for Android, including a high-severity zero-day vulnerability exploited in targeted attacks..

Google says Android zero-day was exploited in the wild

Google published information about an Android zero-day vulnerability tracked as CVE-2024-36971, which affects the Linux kernel.

Google patches 46 Android bugs, including exploited kernel flaw

CVE-2024-36971 could enable remote code execution due to a use-after-free error.

Google fixes Android kernel RCE bug under active exploit

Google released 46 fixes for Android in its August security patch batch, including one for a Linux kernel flaw in the mobile OS that can lead to remote code execution (RCE). From the sounds of things, this...

Google warns of an actively exploited Android kernel flaw

Google addressed an actively exploited high-severity vulnerability, tracked as CVE-2024-36971, impacting the Android kernel.

Ваш Android под ударом: CVE-2024-36971 активно используется злоумышленниками

Августовский патч безопасности призван защитить все уязвимые устройства.

Google Patches New Android Kernel Vulnerability Exploited in the Wild

Google patches CVE-2024-36971, a high-severity Android kernel flaw exploited in targeted attacks. Learn about the August security updates.

Google Patches Android Zero-Day Exploited in Targeted Attacks

Google has patched CVE-2024-36971, a high-severity kernel zero-day vulnerability in Android that has been exploited in targeted attacks. 

Google fixes Android kernel zero-day exploited in targeted attacks

Android security updates this month patch 46 vulnerabilities, including a high-severity remote code execution (RCE) exploited in targeted attacks.

CVE-2024-36886 – Linux Kernel Zero-Day Vulnerability - Rewterz

Linux Kernel could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free when processing fragmented TIPC messages.

Linux Kernel TIPC Message Reassembly Use-After-Free Remote Code Execution Vulnerability [CVE-2024-36886]

CVE number = CVE-2024-36886 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but...

Ksplice Known Exploit Detection for io_uring, glibc, overlayfs and netfilter

Latest edition in this blog series describing recent Ksplice Known Exploit Detection implementations.

Conquering the memory through io_uring - Analysis of CVE-2023-2598

A very powerful bug in the `io_uring ` driver of the linux kernel. In this case, the vulnerability is in the handling of registering fixed buffers via the `IORING_REGISTER_BUFFERS` opcode, which allows an application to 'pin' and register memory for long-term use, which includes making it exempt fro...

Active Exploitation Observed for Linux Kernel Privilege Escalation Vulnerability (CVE-2024-1086)

Last week, CISA added CVE-2024-1086 to its Known Exploited Vulnerability Catalog. In this blog, we share the details of this vulnerability and how Crowdstrike’s customers are protected from exploitation.

CISA adds Linux kernel flaw to KEV list

The Cybersecurity and Infrastructure Security Agency has updated its Known Exploited Vulnerabilities catalog to include a use-after-free security issue impacting Linux kernel versions from 5.14 to 6.6, tracked as CVE-2024-1086, which could be leveraged to enable arbitrary code execution and privileg...

CISA warns of actively exploited Linux privilege elevation flaw

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added two vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog, including a Linux kernel privilege elevation flaw.

Federal agency warns critical Linux vulnerability being actively exploited

Cybersecurity and Infrastructure Security Agency urges affected users to update ASAP.

CISA Alert on Linux Kernel Flaw - Spiceworks

CISA has added a new security flaw affecting the Linux kernel to its Known Exploited Vulnerabilities (KEV) catalog. Find out more.

CISA Warns of Exploited Linux Kernel Vulnerability

CISA instructs federal agencies to mitigate CVE-2024-1086, a Linux kernel flaw leading to privilege escalation.

CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw

CVE-2024-1086, a high-severity flaw in the Linux kernel, is actively exploited, allowing attackers to gain root access.

IT-Sicherheit: Linux gefährdet - Neue Sicherheitslücke bei Linux Kernel

Für Linux Kernel gibt es eine aktuelle Sicherheitswarnung. Wodurch die IT-Sicherheit bei Systemen von Linux bedroht wird, wie hoch das Risiko ist und wie sich betroffene Nutzer verhalten sollten, lesen Sie hier.

Crypto, Bluetooth Vulns, Unsafe Locks – PSW #822

The PSW crew discusses some crypto topics, such as post-quantum and GoFetch, new Flipper Zero projects, RFID hacking and hotel locks, BlueDucky, side channel attacks and more!

BLOG: Patching The Reserved - Highly Exploitable Kernel Bugs in Purgatory - Orpheus Cyber

Written by Femke Bolle & Alex Ashby The CVE release and NVD CVSS severity scoring processes have well-established latency issues, with CVEs sometimes taking months to be published and scored. This presents a significant threat to any vulnerability management strategy reliant on the NVD and MITRE.  T...