CISA has added the bug to its KEV list, and Microsoft has observed limited exploitation, mainly associated with PoC testing.
The post Exploitation of ‘Copy Fail’ Linux Vulnerability Begins appeared first on SecurityWeek.
‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover
Affecting the kernel’s authencesn cryptographic template, the vulnerability was introduced in 2017 and impacts all distributions.
The post ‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover appeared first on SecurityWeek.
Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access
A race condition in PackageKit allows unprivileged users to escalate privileges when installing packages.
The post Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access appeared first on SecurityWeek.
Organizations Warned of Exploited Linux Vulnerabilities
The flaws allow threat actors to obtain root privileges or bypass authentication via Telnet and gain shell access as root.
The post Organizations Warned of Exploited Linux Vulnerabilities appeared first on SecurityWeek.
Old Attack, New Speed: Researchers Optimize Page Cache Exploits
A team of researchers from the Graz University of Technology in Austria has revived page Linux page cache attacks.
The post Old Attack, New Speed: Researchers Optimize Page Cache Exploits appeared first on SecurityWeek.
Arch Linux Project Responding to Week-Long DDoS Attack
The Arch Linux Project has been targeted in a DDoS attack that disrupted its website, repository, and forums.
The post Arch Linux Project Responding to Week-Long DDoS Attack appeared first on SecurityWeek.
Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation
Qualys has disclosed two Linux vulnerabilities that can be chained for full root access, and CISA added a flaw to its KEV catalog.
The post Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation appeared first on SecurityWeek.
Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected
A researcher has disclosed the details of an unpatched vulnerability that was expected to pose a serious threat to many Linux systems.
The post Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected appeared first on SecurityWeek.
New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous
A new Linux kernel exploitation technique named SLUBStick makes heap vulnerabilities more dangerous.
The post New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous appeared first on SecurityWeek.
CISA Warns of Exploited Linux Kernel Vulnerability
CISA instructs federal agencies to mitigate CVE-2024-1086, a Linux kernel flaw leading to privilege escalation.
The post CISA Warns of Exploited Linux Kernel Vulnerability appeared first on SecurityWeek.
