Collaborate Disseminate
A memory corruption vulnerability (CVE-2021-4034) in PolKit, a component used in major Linux distributions and some Unix-like operating systems, can be easily exploited by local unprivileged users to gain full root privileges. While the vulnerability i… Continue reading PolKit vulnerability can give attackers root on many Linux distros (CVE-2021-4034)
A vulnerability (CVE-2021-33909) in the Linux kernel’s filesystem layer that may allow local, unprivileged attackers to gain root privileges on a vulnerable host has been unearthed by researchers. “Qualys security researchers have been able to in… Continue reading Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909)
A vulnerability (CVE-2021-3156) in sudo, a powerful and near-ubiquitous open-source utility used on major Linux and Unix-like operating systems, could allow any unprivileged local user to gain root privileges on a vulnerable host (without authenticatio… Continue reading Sudo vulnerability allows attackers to gain root privileges on Linux systems (CVE-2021-3156)
A vulnerability (CVE-2020-8597) in the Point-to-Point Protocol Daemon (pppd) software, which comes installed on many Linux-based and Unix-like operating systems and networking devices, can be exploited by unauthenticated attackers to achieve code execu… Continue reading PPP Daemon flaw opens Linux distros, networking devices to takeover attacks
A vulnerability affecting Snapd – a package installed by default in Ubuntu and used by other Linux distributions such as Debian, OpenSUSE, Arch Linux, Fedora and Solus – may allow a local attacker to obtain administrator privileges, i.e., r… Continue reading Snapd flaw gives attackers root access on Linux systems
An Indian security researcher has discovered a highly critical flaw in X.Org Server package that impacts OpenBSD and most Linux distributions, including Debian, Ubuntu, CentOS, Red Hat, and Fedora.
Xorg X server is a popular open-source implementation… Continue reading New Privilege Escalation Flaw Affects Most Linux Distributions
A startup that buys zero-day exploits will pay hackers $45,000 for Linux local privilege escalation exploits against popular operating systems like Ubuntu, Debian and Fedora. The company, Zerodium, is famous for its exploit-buying program. It pays bounties as high as $1.5 million bounty if the research is completely original and the target is right. The price depends on the security of the target and the demand in the market. The program might be widely known in the cybersecurity community, but the results are highly secret: Zerodium, based in Washington, D.C., sells its exploits to government customers who will pay for the ability to break virtually any kind of computer. Privilege escalation exploits are particularly valuable because they allow an attacker to gain access to parts of a computer that would otherwise be restricted from them. The new $45,000 bounty for Linux local privilege escalations is a $15,000 raise above Zerodium’s usual $30,000 price tag, suggesting a […]
The post $45,000 bounty offered for Linux zero days appeared first on Cyberscoop.
Researchers have found a flaw in the original fix for the Dirty COW vulnerability patched in October 2016. Continue reading Flaw Found In Dirty COW Patch
Juniper warned Thursday of a high-risk bug in the GD graphics library used in several versions of its Junos OS. Continue reading Juniper Issues Security Alert Tied to Routers and Switches
Windows and Linux in the same line? Yes, you heard that right… and that too, on the same computer and within the same operating system.
Two months ago, Microsoft announced its plans to let its users install three different flavours of the Linux operating system – Ubuntu, Fedora, and SUSE – directly through their Windows Store, allowing them to run Windows and Linux apps side-by-side.
Now,
Continue reading Ubuntu Linux for Windows 10 Released — Yes, You Read it Right