CVE-2018-14634: Linux Mutagen Astronomy Vulnerability Affects RHEL and Cent OS Distros

A new serious problem has been discovered to affect the Linux operating system, the bug is known as the Linux Mutagen Astronomy vulnerability and assigned the CVE-2018-14634 advisory. The security team that reported it has posted a proof-of-concept cod… Continue reading CVE-2018-14634: Linux Mutagen Astronomy Vulnerability Affects RHEL and Cent OS Distros

2 Billion Bluetooth Devices Still Affected by the Blueborne Vulnerability

Following last year’s disclosure of the BlueBorne vulnerability security experts note that about 2 billion Bluetooth devices are still affected by it. BlueBorne is a collection of bugs that allow the hackers to intrude into them. Many of these de… Continue reading 2 Billion Bluetooth Devices Still Affected by the Blueborne Vulnerability

CVE-2018-5390: Vulnerability in Linux Kernel allows for DoS Attacks

A vulnerability has been identified in the Linux Kernel (version 4.9+) which is tracked in the CVE-2018-5390 advisory. It lists several conditions that allow criminals to modify packets leading to the coordination of DOS (Denial of service) attacks. CV… Continue reading CVE-2018-5390: Vulnerability in Linux Kernel allows for DoS Attacks

CVE-2018-3639: Spectre Variant 4 Vulnerability Affects the Linux Kernel

A Spectre variant 4 vulnerability has been identified in the Linux kernel and represents a very dangerous threat to all affected machines. All system administrators are urged to apply the latest updates as soon as possible to mitigate any possible…Re… Continue reading CVE-2018-3639: Spectre Variant 4 Vulnerability Affects the Linux Kernel

CVE-2018-8781: 8-Year-Old Linux Kernel Bug Discovered

Check Point researchers recently took the time to review the Linux kernel, and more specifically they looked into drivers trying to roll their own usage of the mmap() function. How Was CVE-2018-8781 Discovered? The idea of re-implementing kernel functi… Continue reading CVE-2018-8781: 8-Year-Old Linux Kernel Bug Discovered

Meltdown and Spectre CPU Flaws Affect Intel, ARM, AMD Processors

Unlike the initial reports suggested about Intel chips being vulnerable to some severe ‘memory leaking’ flaws, full technical details about the vulnerabilities have now been emerged, which revealed that almost every modern processor since 1995 is vulne… Continue reading Meltdown and Spectre CPU Flaws Affect Intel, ARM, AMD Processors

New Linux Malware Exploits SambaCry Flaw to Silently Backdoor NAS Devices

Remember SambaCry?

Almost two months ago, we reported about a 7-year-old critical remote code execution vulnerability in Samba networking software, allowing a hacker to remotely take full control of a vulnerable Linux and Unix machines.

We dubbed the… Continue reading New Linux Malware Exploits SambaCry Flaw to Silently Backdoor NAS Devices

A Decade Old Unix/Linux/BSD Root Privilege-Escalation Bug Discovered

Update: Find working Exploits and Proof-of-Concepts at the bottom of this article.

Security researchers have discovered more than a decade-old vulnerability in several Unix-based operating systems — including Linux, OpenBSD, NetBSD, FreeBSD and Solaris — which can be exploited by attackers to escalate their privileges to root, potentially leading to a full system takeover.

Dubbed Stack Clash

Continue reading A Decade Old Unix/Linux/BSD Root Privilege-Escalation Bug Discovered

High-Severity Linux Sudo Flaw Allows Users to Gain Root Privileges

A high-severity vulnerability has been reported in Linux that could be exploited by a low privilege attacker to gain full root access on an affected system.

The vulnerability, identified as CVE-2017-1000367, was discovered by researchers at Qualys Sec… Continue reading High-Severity Linux Sudo Flaw Allows Users to Gain Root Privileges

High-Severity Linux Sudo Flaw Allows Users to Gain Root Privileges

A high-severity vulnerability has been reported in Linux that could be exploited by a low privilege attacker to gain full root access on an affected system.

The vulnerability, identified as CVE-2017-1000367, was discovered by researchers at Qualys Sec… Continue reading High-Severity Linux Sudo Flaw Allows Users to Gain Root Privileges