Ubuntu

Ubuntu 24.10 Oracular Oriole brings tighter security controls

Canonical, Linux, News, open source, operating system, Ubuntu /

Ubuntu 24.10 Oracular Oriole brings tighter security controls 2024-10-11 at 10:16 By Help Net Security Canonical released Ubuntu 24.10 Oracular Oriole, which brings notable advancements, including an updated kernel, new toolchains, and the GNOME 47 desktop environment, along with significant enhancements in software security. “Oracular Oriole sets a new pace for delivering the latest upstream […]

React to this headline:

Loading spinner

Ubuntu 24.10 Oracular Oriole brings tighter security controls Read More »

‘WallEscape’ Linux Vulnerability Leaks User Passwords

CVE-2024-28085, Linux, Malware & Threats, Ubuntu, Vulnerabilities, WallEscape /

‘WallEscape’ Linux Vulnerability Leaks User Passwords 2024-04-01 at 19:31 By Ionut Arghire A vulnerability in util-linux, a core utilities package in Linux systems, allows attackers to leak user passwords and modify the clipboard. The post ‘WallEscape’ Linux Vulnerability Leaks User Passwords appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

‘WallEscape’ Linux Vulnerability Leaks User Passwords Read More »

XZ Utils backdoor update: Which Linux distros are affected and what can you do?

Alpine, backdoor, Debian, Don't miss, Fedora, Hot stuff, Kali Linux, Linux, Linux Mint, News, open source, Orca Security, Red Hat, supply chain attacks, Ubuntu, vulnerability /

XZ Utils backdoor update: Which Linux distros are affected and what can you do? 2024-03-31 at 21:01 By Zeljka Zorz The news that XZ Utils, a compression utility present in most Linux distributions, has been backdoored by a supposedly trusted maintainer has rattled the open-source software community on Friday, mere hours until the beginning of

React to this headline:

Loading spinner

XZ Utils backdoor update: Which Linux distros are affected and what can you do? Read More »

Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545)

containers, Debian, Don't miss, Hot stuff, IoT, Linux, News, open source, patching, Red Hat, security update, Ubuntu, vulnerability /

Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545) 11/10/2023 at 13:31 By Zeljka Zorz Curl v8.4.0 is out, and fixes – among other things – a high-severity SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545). Appropriate patches for some older curl versions have been released, too. Preparation for the security updates A little over a

React to this headline:

Loading spinner

Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545) Read More »

GNOME users at risk of RCE attack (CVE-2023-43641)

Debian, Don't miss, Fedora, GitHub, Hot stuff, Linux, News, open source, Red Hat, SUSE, Ubuntu, vulnerability, vulnerability disclosure /

GNOME users at risk of RCE attack (CVE-2023-43641) 10/10/2023 at 14:32 By Zeljka Zorz If you’re running GNOME on you Linux system(s), you are probably open to remote code execution attacks via a booby-trapped file, thanks to a memory corruption vulnerability (CVE-2023-43641) in the libcue library. About CVE-2023-43641 Discovered by GitHub security researcher Kevin Backhouse,

React to this headline:

Loading spinner

GNOME users at risk of RCE attack (CVE-2023-43641) Read More »

“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911)

Debian, Don't miss, Fedora, Hot stuff, Linux, News, PoC, Qualys, Red Hat, security update, Ubuntu, vulnerability /

“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911) 05/10/2023 at 16:17 By Zeljka Zorz A vulnerability (CVE-2023-4911) in the GNU C Library (aka “glibc”) can be exploited by attackers to gain root privileges on many popular Linux distributions, according to Qualys researchers. About CVE-2023-4911 Dubbed “Looney Tunables”, CVE-2023-4911 is a buffer overflow vulnerability

React to this headline:

Loading spinner

“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911) Read More »

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)

1Password, Alpine, Chrome, containers, Debian, Don't miss, Firefox, Google, Hot stuff, LibreOffice, Linux, macOS, Microsoft Teams, News, Opera, patch, patching, Rezilion, runZero, Signal, Slack, SUSE, Telegram, Ubuntu, Vivaldi, vulnerability, vulnerability management /

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) 27/09/2023 at 14:46 By Zeljka Zorz The Chrome zero-day exploited in the wild and patched by Google a few weeks ago has a new ID (CVE-2023-5129) and a description that tells the whole story: the vulnerability is not in Chrome, but the libwebp library,

React to this headline:

Loading spinner

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) Read More »

Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads

cloud security, Featured, Ubuntu, Vulnerabilities, vulnerability /

Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads 27/07/2023 at 17:20 By Kevin Townsend Researchers discovered two vulnerabilities in the Ubuntu OverlayFS module: CVE-2023-2640 and CVE-2023-32629 (together dubbed ‘GameOver(lay)’). The post Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads Read More »

Scroll to Top