Ubuntu

Canonical ships Ubuntu Core 26 with 15 years of security maintenance

Linux, News, Ubuntu /

Canonical ships Ubuntu Core 26 with 15 years of security maintenance 2026-05-19 at 15:47 By Anamarija Pogorelec Operators of industrial sensors, edge AI controllers, and connected medical equipment now have a refreshed long-term Linux option for fleets that must stay patched for more than a decade. Canonical released Ubuntu Core 26, the latest long-term supported […]

Canonical ships Ubuntu Core 26 with 15 years of security maintenance Read More »

Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)

containers, Don't miss, exploit, Hot stuff, Linux, News, PoC, Red Hat, SUSE, Theori, Ubuntu, vulnerability /

Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431) 2026-04-30 at 15:31 By Zeljka Zorz Security researchers at Theori have disclosed a high-severity local privilege escalation (LPE) vulnerability (CVE-2026-31431) in the Linux kernel. The flaw, nicknamed “Copy Fail”, has affected virtually every major Linux distribution shipped since 2017, and a working proof-of-concept (PoC) exploit

Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431) Read More »

Ubuntu 26.04 LTS delivers memory-safe system tools and live patching for Arm servers

Linux, News, open source, operating system, Ubuntu /

Ubuntu 26.04 LTS delivers memory-safe system tools and live patching for Arm servers 2026-04-24 at 11:27 By Mirko Zorz Linux distributions have spent the past few years absorbing GPU vendor toolchains, Rust-based system components, and more stringent encryption defaults. Ubuntu 26.04 LTS, codenamed Resolute Raccoon, pulls most of those threads together into a single release

Ubuntu 26.04 LTS delivers memory-safe system tools and live patching for Arm servers Read More »

Minimal Ubuntu Pro expands Canonical’s cloud security offerings

Canonical, cloud security, News, Ubuntu /

Minimal Ubuntu Pro expands Canonical’s cloud security offerings 2026-01-13 at 14:13 By Sinisa Markovic Canonical has released Minimal Ubuntu Pro images for use on public cloud platforms, aiming to give teams a smaller base image with a narrower software footprint. The solution is designed for organizations that want tighter control over what runs inside production

Minimal Ubuntu Pro expands Canonical’s cloud security offerings Read More »

Elementary OS 8.1 rolls out with a stronger focus on system security

Linux, News, open source, Ubuntu /

Elementary OS 8.1 rolls out with a stronger focus on system security 2025-12-24 at 08:17 By Anamarija Pogorelec Elementary OS 8.1 is now available for download and shipping on select hardware from retailers such as Star Labs, Slimbook, and Laptop with Linux. The update arrives after more than a year of refinements based on community

Elementary OS 8.1 rolls out with a stronger focus on system security Read More »

Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)

Debian, Don't miss, Hot stuff, Linux, macOS, News, Stratascale, SUSE, Ubuntu, vulnerability /

Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) 2025-07-01 at 16:11 By Zeljka Zorz If you haven’t recently updated the Sudo utility on your Linux box(es), you should do so now, to patch two local privilege escalation vulnerabilities (CVE-2025-32462, CVE-2025-32463) that have been disclosed on Monday. What is Sudo? Sudo is command-line utility in Unix-like

Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) Read More »

Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019)

Debian, Don't miss, Fedora, Hot stuff, Linux, News, openSUSE, Qualys, Ubuntu, vulnerability /

Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019) 2025-06-18 at 14:49 By Zeljka Zorz Qualys researchers have unearthed two local privilege escalation vulnerabilities (CVE-2025-6018, CVE-2025-6019) that can be exploited in tandem to achieve root access on most Linux distributions “with minimal effort.” About the vulnerabilities (CVE-2025-6018, CVE-2025-6019) CVE-2025-6018 affects the Pluggable

Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019) Read More »

Rsync vulnerabilities allow remote code execution on servers, patch quickly!

Debian, Don't miss, Hot stuff, Linux, News, Ubuntu, vulnerability /

Rsync vulnerabilities allow remote code execution on servers, patch quickly! 2025-01-15 at 16:46 By Zeljka Zorz Six vulnerabilities have been fixed in the newest versions of Rsync (v3.4.0), two of which could be exploited by a malicious client to achieve arbitrary code execution on a machine with a running Rsync server. “The client requires only

Rsync vulnerabilities allow remote code execution on servers, patch quickly! Read More »

Ubuntu 24.10 Oracular Oriole brings tighter security controls

Canonical, Linux, News, open source, operating system, Ubuntu /

Ubuntu 24.10 Oracular Oriole brings tighter security controls 2024-10-11 at 10:16 By Help Net Security Canonical released Ubuntu 24.10 Oracular Oriole, which brings notable advancements, including an updated kernel, new toolchains, and the GNOME 47 desktop environment, along with significant enhancements in software security. “Oracular Oriole sets a new pace for delivering the latest upstream

Ubuntu 24.10 Oracular Oriole brings tighter security controls Read More »

‘WallEscape’ Linux Vulnerability Leaks User Passwords

CVE-2024-28085, Linux, Malware & Threats, Ubuntu, Vulnerabilities, WallEscape /

‘WallEscape’ Linux Vulnerability Leaks User Passwords 2024-04-01 at 19:31 By Ionut Arghire A vulnerability in util-linux, a core utilities package in Linux systems, allows attackers to leak user passwords and modify the clipboard. The post ‘WallEscape’ Linux Vulnerability Leaks User Passwords appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

‘WallEscape’ Linux Vulnerability Leaks User Passwords Read More »

XZ Utils backdoor update: Which Linux distros are affected and what can you do?

Alpine, backdoor, Debian, Don't miss, Fedora, Hot stuff, Kali Linux, Linux, Linux Mint, News, open source, Orca Security, Red Hat, supply chain attacks, Ubuntu, vulnerability /

XZ Utils backdoor update: Which Linux distros are affected and what can you do? 2024-03-31 at 21:01 By Zeljka Zorz The news that XZ Utils, a compression utility present in most Linux distributions, has been backdoored by a supposedly trusted maintainer has rattled the open-source software community on Friday, mere hours until the beginning of

XZ Utils backdoor update: Which Linux distros are affected and what can you do? Read More »

Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545)

containers, Debian, Don't miss, Hot stuff, IoT, Linux, News, open source, patching, Red Hat, security update, Ubuntu, vulnerability /

Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545) 11/10/2023 at 13:31 By Zeljka Zorz Curl v8.4.0 is out, and fixes – among other things – a high-severity SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545). Appropriate patches for some older curl versions have been released, too. Preparation for the security updates A little over a

Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545) Read More »

GNOME users at risk of RCE attack (CVE-2023-43641)

Debian, Don't miss, Fedora, GitHub, Hot stuff, Linux, News, open source, Red Hat, SUSE, Ubuntu, vulnerability, vulnerability disclosure /

GNOME users at risk of RCE attack (CVE-2023-43641) 10/10/2023 at 14:32 By Zeljka Zorz If you’re running GNOME on you Linux system(s), you are probably open to remote code execution attacks via a booby-trapped file, thanks to a memory corruption vulnerability (CVE-2023-43641) in the libcue library. About CVE-2023-43641 Discovered by GitHub security researcher Kevin Backhouse,

GNOME users at risk of RCE attack (CVE-2023-43641) Read More »

“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911)

Debian, Don't miss, Fedora, Hot stuff, Linux, News, PoC, Qualys, Red Hat, security update, Ubuntu, vulnerability /

“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911) 05/10/2023 at 16:17 By Zeljka Zorz A vulnerability (CVE-2023-4911) in the GNU C Library (aka “glibc”) can be exploited by attackers to gain root privileges on many popular Linux distributions, according to Qualys researchers. About CVE-2023-4911 Dubbed “Looney Tunables”, CVE-2023-4911 is a buffer overflow vulnerability

“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911) Read More »

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)

1Password, Alpine, Chrome, containers, Debian, Don't miss, Firefox, Google, Hot stuff, LibreOffice, Linux, macOS, Microsoft Teams, News, Opera, patch, patching, Rezilion, runZero, Signal, Slack, SUSE, Telegram, Ubuntu, Vivaldi, vulnerability, vulnerability management /

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) 27/09/2023 at 14:46 By Zeljka Zorz The Chrome zero-day exploited in the wild and patched by Google a few weeks ago has a new ID (CVE-2023-5129) and a description that tells the whole story: the vulnerability is not in Chrome, but the libwebp library,

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129) Read More »

Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads

cloud security, Featured, Ubuntu, Vulnerabilities, vulnerability /

Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads 27/07/2023 at 17:20 By Kevin Townsend Researchers discovered two vulnerabilities in the Ubuntu OverlayFS module: CVE-2023-2640 and CVE-2023-32629 (together dubbed ‘GameOver(lay)’). The post Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads Read More »

Scroll to Top