PuTTY’s security flaw (CVE2024-31497) in ECDSA P521 keys risks private data exposure. Urgent update is needed.
The post High-Priority PuTTY Vulnerability Threatens Server Access Security appeared first on Linux Today.
A critical vulnerability in Linux XZ Utils (CVE-2024-3094) enables remote system breaches via SSH. Immediate action is required.
The post The Upstream XZ Tarballs Have Been Backdoored appeared first on Linux Today.
LibreOffice 7.6.2 and LibreOffice 7.5.7 contain a fix for CVE 2023-4863, a heap buffer overflow discovered in the widely used libwebp library.
The post LibreOffice 7.6.2 and 7.5.7 Address Critical WebP Vulnerability appeared first on Linux Today.
Atlas VPN has confirmed the existence of a zero-day vulnerability that may allow website owners to discover Linux users’ real IP address.
The post Atlas VPN Zero-Day Allows Sites to Discover Linux Users’ IP Address appeared first on Linux Today.
CyFox researchers have discovered a DLL planting/hijacking vulnerability in popular media center application Stremio. Learn more here.
The post Stremio Vulnerability Exposes Millions to Attack appeared first on Linux Today.
A vulnerability in KeePass can be exploited to retrieve the master password from the software’s memory, says the researcher who unearthed the flaw. Learn more here.
The post KeePass Flaw Allows Retrieval of Master Password, PoC is Public appeared first…
A newly discovered security issue in Devuan’s default installation allows for obtaining root privileges without a password. Learn more here.
The post Devuan Users Are at Risk: Take Action to Protect Your System appeared first on Linux Today.
Oxeye discovered a new vulnerability (CVE-2023-0620) in the HashiCorp Vault Project, an identity-based secrets and encryption management system.
The post HashiCorp Vault Vulnerability Could Lead to RCE: Patch Today appeared first on Linux Today.
Serious security vulnerabilities identified in multiple DJI drones have the potential to allow users to modify crucial drone identification details. Learn more here.
The post Vulnerability in DJI Drones May Reveal Pilot’s Location appeared first …
Linux kernel’s eBPF has become a stand-out open-source tool for monitoring and manipulating cloud-based Linux containers at a deep level.
The post How AWS Uses eBPF to Identify Security Risks appeared first on Linux Today.
In this article, we’ll explore the vulnerability of Linux systems to viruses and the factors that make them less susceptible compared to other operating systems.
The post Can Linux Get Viruses? Explore the Vulnerability of Linux Systems appeared …
OpenSSL released a security advisory regarding several security vulnerabilities that were recently discovered and fixed. Learn more here.
The post OpenSSL Security Advisory: High-Severity Vulnerability Fixed appeared first on Linux Today.
With the latest warning from OpenSSL, we can safely say that come Nov. 1, everyone — and I mean everyone — will need to patch OpenSSL 3.x. Learn more here.
The post OpenSSL Warns of Critical Security Vulnerability With Upcoming Patch appeared first on …
Due to an OpenSSL vulnerability, Fedora Linux 37 has been postponed with a new release date. Learn more here.
The post Fedora 37 Release Has Been Postponed for the Second Time appeared first on Linux Today.
The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSSL version 3.0.7, which will fix a critical vulnerability in the popular open-source cryptographic library (but does not affect OpenSSL versions before 3.0). Learn…
The enterprise-grade Titan M security chip was custom-built to help protect data. Derived from the same chip Google uses to protect its cloud data centers, it handles processes and information, such as passcode protection, encryption, and secure transactions in apps. Damiano Melotti, Security Researcher, Quarkslab, talks about the vulnerability research challenges encountered while exploring Google’s […]
The post Dissecting Google’s Titan M Chip: Vulnerability Research Challenges appeared first on Linux Today.
The biggest threat patched in this new Linux kernel security update for Ubuntu systems is CVE-2022-0435, a stack-based buffer overflow vulnerability discovered by Samuel Page in Linux kernel’s TIPC (Transparent Inter-Process Communication) protocol implementation, which could allow a remote attacker to cause a denial of service (system crash) on installations that have a TIPC bearer […]
The post Ubuntu Users Receive a New Major Linux Kernel Update, 22 Security Flaws Patched appeared first on Linux Today.
The Log4Shell vulnerability is described as the most critical zero-day vulnerability ever. Learn how to protect your Linux system against it.
The post What Is Log4Shell and How to Protect Your Linux System Against It appeared first on Linux Today.
We just published a new collection targeting Linux’s Local Privilege Escalation, and CVE-2021-4034 is its first scenario! While this will not allow you to prevent the exploit, it will give you insight into whether you have been compromised by this vuln…
According to the researchers, the vulnerability (CVE-2021-4034) was discovered in PolicyKit’s pkexec tool, which incorrectly handled command-line arguments. This could lead to local privilege escalation, allowing any regular user in a GNU/Linux distribution to gain administrative privileges and run programs as an administrator (root). The good news is that most major GNU/Linux distributions already received […]
The post 12-Year-Old PolicyKit Local Privilege Escalation Flaw Now Patched in Major Linux Distros appeared first on Linux Today.