Red Hat News Articles
Recent news articles refferecing the vendors vulnerabilities.
Former US Army Sergeant pleads guilty after amateurish attempt at selling secrets to China
Infosec in brief A former US Army sergeant has admitted he attempted to sell classified data to China. Joseph Daniel Schmidt last Friday pled guilty after the Feds charged him with using his top secret...
1 week ago
Former US Army Sergeant admits he sold secrets to China
Infosec in brief A former US Army sergeant has admitted he attempted to sell classified data to China. Joseph Daniel Schmidt last Friday pled guilty after the Feds charged him with using his top secret...
1 week ago

CVE-2025-6019: time to upgrade Linux
Vulnerability CVE-2025-6019 allows an attacker to gain root privileges in most Linux distributions.
2 weeks ago

New Linux bug CVE-2025-6019 a “critical and universal” risk
Newly found Linux vulnerability CVE-2025-6019, is a “critical and universal” risk in Ubuntu, Fedora, Debian, and openSUSE says Qualys.
2 weeks ago
New Linux udisks flaw lets attackers get root on major Linux distros
Attackers can exploit two newly discovered local privilege escalation (LPE) vulnerabilities to gain root privileges on systems running major Linux distributions.
2 weeks ago
Five Critical Security Vulnerabilities Disclosed in Widely-Used libxml2 Library
The maintainers of libxml2, a fundamental XML parsing library used across countless software applications, have disclosed five serious security vulnerabilities that could enable denial-of-service attacks and...
2 weeks ago
New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora
Linux vulnerabilities CVE-2025-5054 and CVE-2025-4598 let local attackers extract sensitive data via SUID core dumps.
WARNING: HIGH VULNERABILITY IN KEYCLOAK COULD LEAD TO PRIVILEGE ESCALATION AND IMPERSONATION. PATCH IMMEDIATELY!
CVE-2024-8698 is a privilege escalation and impersonation vulnerability located in the SAML signature validation method within the Keycloak XMLSignatureUtil
The Windows Security Updates of August 2024 are now available - BitLocker Recovery issue fixed - gHacks Tech News
Here is an overview of the August 2024 security updates that Microsoft released for its Windows operating systems.

PoC Exploit Published for Linux Kernel Privilege Escalation Flaw
A critical vulnerability has been discovered in the netfilter subsystem of the Linux kernel Privilege Escalation Flaw.
CVE-2023-6246 Archives
All posts tagged "CVE-2023-6246" Security Architecture GNU C Library Vulnerability Leads to Full Root Access Researchers at Qualys call attention to a vulnerability in Linux’s GNU C Library...
glibc - CVE CyberSecurity Database News
CVE CyberSecurity Database News - Latest cybersecurity news and CVE details Sign...

Tag: CVE-2023-6246 | Qualys Security Blog
Join the discussion today! Learn more about Qualys and industry best practices. Share what you know and build a reputation. Secure your systems and improve...

Debian: DSA-5611-1: glibc security update | LinuxSecurity.com
Debian Security Advisory DSA-5611-1 https://www.debian.org/security/Salvatore Bonaccorso January 30,

Glibc library vulnerability published
CVE-2023-6246 found in glibc (GNU C Library) affects Debian, Ubuntu and Fedora, and likely other Linux distributions.

Glibc library vulnerability published
CVE-2023-6246 found in glibc (GNU C Library) affects Debian, Ubuntu and Fedora, and likely other Linux distributions.
New Glibc Library Flaw Grants Root Access to Major Linux Distros - Cyber Kendra
New Glibc Library Flaw Grants Root Access to Major Linux Distros

CVE-2024-1753: Podman/Buildah Vulnerability Allow Container Escapes
A serious vulnerability (CVE-2024-1753) has been discovered in the popular containerization tools Podman and Buildah

Critical Shim Vulnerability Affecting Linux Secure Boot: An In-depth Look
A serious vulnerability, CVE-2023-40547, discovered in Shim could lead to remote code execution. The bug affects Linux distributions supporting secure boot.

The Real Shim Shady - How CVE-2023-40547 Impacts Most Linux Systems - Eclypsium | Supply Chain Security for the Modern Enterprise
Six new vulnerabilities have been identified in the shim bootloader used to support Secure Boot in most Linux distributions. One vulnerability in particular, CVE-2023-40547, can be exploited to control the boot sequence and circumvent operating system controls.

Linux Systems Exposed: Critical RCE Vulnerability in Shim Bootloader Demands Urgent Patching
A severe RCE vulnerability in the shim bootloader threatens Linux systems using Secure Boot. Update to shim 15.8 and follow these steps to mitigate the risk.

EP1652: Chill Chill Security - CVE-2023-40547 by Chill Chill Security
Sponsor by SEC Playground
Linux Devs Rush to Patch Critical Vulnerability in Shim
The flaw allows the installation of malware that operates at the firmware level
RedHat patches critical flaw in Linux shim bootloader
Security pros say teams need to patch right away because attackers can leverage the bug to gain control of the entire boot process.

How to fix CVE-2023-40547 in Linux
CVE-2023-40547 is a critical vulnerability allowing bootkit installations on Linux systems. Here's everything you need to know.

Critical Shim Boot Loader Vulnerability Affects Linux Distributions (CVE-2023-40547) - OP INNOVATE
CVE-2023-40547 poses a critical threat to Linux distributions with a CVSS score of 9.8, enabling Secure Boot bypass and potential remote code execution. Discovered by Bill Demirkapi, this vulnerability is critical in the shim boot loader's HTTP response handling and could lead to system compromise t...

Linux Distros Hit By RCE Vulnerability in Shim Bootloader
However, not everyone agrees with the NVD's assessment of CVE-2023-40547 being a near-maximum severity bug.

Major Linux Flaw Opens Door to Undetectable Bootkit Infections
A critical vulnerability (CVE-2023-40547) in the Linux bootloader shim exposes millions of systems to persistent, stealthy bootkits. Learn how to protect yourself and stay updated on patches.
Critical flaw in Shim bootloader impacts major Linux distros
A critical vulnerability in the Shim Linux bootloader enables attackers to execute code and take control of a target system before the kernel is loaded, bypassing existing security mechanisms.

Linux Shim Bootloader Flaw Expose Most Linux Distros to Code Execution Attacks
Shim is maintained by Red Hat and used in almost all Linux distributions that support secure boot including Debian, Ubuntu, SUSE, and many others.
Critical Bootloader Vulnerability in Shim Impacts Nearly All Linux Distros
A critical vulnerability (CVE-2023-40547) has been found in the shim bootloader, leaving millions of Linux systems vulnerable to attack.

Critical vulnerability in shim puts Linux systems in jeopardy | Candid.Technology
A vulnerability tracked as CVE-2023-40547 has been discovered in the Secure Boot process that is widely used by Linux distributions.

Shim15.8 RPM availability for Rocky Linux 8 to fix CVE-2023-40546 CVE-2023-40547 CVE-2023-40548 CVE-2023-40549 CVE-2023-40550 CVE-2023-40551 - Rocky Linux General - Rocky Linux Forum
Hi Team, SHIM released 15.8 addressing 7 CVEs (1 with critical score of 9.8 CVE-2023-40547) When can we expect x86_64 RPM.

CVE-2023-6246 Root Access Vulnerability in glibc - Open Source Security Foundation
The CVE-2023-6246 vulnerability in glibc can allow an attacker to escalate their local unprivileged access to the full root privilege level. CVEs like this highlight the significance of the initiatives that OpenSSF has been championing like Memory Safe Languages, Tools, and Coordinated Vulnerability...

Glibc library vulnerability published
CVE-2023-6246 found in glibc (GNU C Library) affects Debian, Ubuntu and Fedora, and likely other Linux distributions.

Glibc library vulnerability published
CVE-2023-6246 found in glibc (GNU C Library) affects Debian, Ubuntu and Fedora, and likely other Linux distributions.
Qualys discovers glibc flaw that could enable attackers to gain full root access
Well, here's another reminder to keep your PC up to date. Despite Linux being known for security, it's not perfect (no software is) and researchers at Qualys have discovered multiple vulnerabilities in the GNU C Library.
Qualys TRU Discovers Important Vulnerabilities in GNU C Library’s syslog() | Qualys Security Blog
The Qualys Threat Research Unit (TRU) has recently unearthed four significant vulnerabilities in the GNU C Library, a cornerstone for countless applications in…
New Linux glibc flaw lets attackers get root on major distros
Unprivileged attackers can get root access on multiple major Linux distributions in default configurations by exploiting a newly disclosed local privilege escalation (LPE) vulnerability in the GNU C Library (glibc).
Root access vulnerability in glibc library impacts many Linux distros
Qualys researchers discovered a root access flaw, tracked as CVE-2023-6246, in GNU Library C (glibc) affecting multiple Linux distributions.
CVE-2023-43786 & CVE-2023-43787 Vulns in libX11: All You Need To Know
Learn all about the 35-year-old vulnerabilities found by our Security Team in libX11, causing a denial-of-service and remote code execution.

CVE-2023-40547 Archives
VulnerabilityJanuary 25, 2024CVE-2023-40547: The Critical Shim Flaw Compromising Linux BootloadersRecently, a new vulnerability has been unearthed that strikes at the very core of system boot processes,...

CVE-2023-40547: The Critical Shim Flaw Compromising Linux Bootloaders
Identified with a CVSS score of 8.3, CVE-2023-40547 exposes a remote code execution vulnerability within Shim.
CVE-2023-43786 & CVE-2023-43787 Vulns in libX11: All You Need To Know
Learn all about the 35-year-old vulnerabilities found by our Security Team in libX11, causing a denial-of-service and remote code execution.

Linux Kernel CVE-2023-6546 - Unveiling A Critical Vulnerability
This is a custom exploit which targets Ubuntu 18.04+20.04 LTS/Centos 8/RHEL 8 to attain root privileges via arbitrary kernel code
CVE-2023-6546 Archives
VulnerabilityJanuary 16, 2024CVE-2023-6546 PoC Exploit: A Gateway to Linux System TakeoverA cybersecurity researcher, Nassim Asrir has released the details, and a proof-of-concept (PoC) exploit for a...
CVE-2023-6546/ZDI-24-020 — Linux LPE · Issue #18719 · rapid7/metasploit-framework
Summary Linux Kernel GSM Multiplexing Race Condition Local Privilege Escalation Vulnerability (CVE-2023-6546), by @Nassim-Asrir Basic example https://github.com/Nassim-Asrir/ZDI-24-020 $ gcc exploit.c -o exploit -lpthread $ ./exploit [+]...
CVE-2023-6546 PoC Exploit: A Gateway to Linux System Takeover
Nassim Asrir has released the details, and a proof-of-concept (PoC) exploit for a high-severity vulnerability, CVE-2023-6546