Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and newsgroup client. The identified vulnerabilities could result in denial of service attacks, unauthorized acce...
The patch management process can be painful, tedious, and time and labor intensive. Often, all this effort is for no other purpose than to maintain the operational status quo. And for devs or sysadmins, patch management has to happen on top of handling every-day activities as well as any other additional challenges that occur during service interruptions or system reboots.
NVIDIA has released a security update for its GPU display driver, containing a fix for a high-severity flaw that threat actors can exploit to perform, among other things, code execution and privilege escalation.
CVE-2022-4139 was made public as an i915 kernel graphics driver security issue affecting all Gen12 graphics -- from integrated Tigerlake graphics up through the latest Raptor Lake graphics as well as the in-development Meteor Lake code plus the discrete GPUs of DG2/Alchemist and Arctic Sound.
Anytime you upgrade software, you risk something breaking. This is the nature of the IT beast. The purpose of patches is usually to fix a bug or, worse, a security vulnerability.
Redhat has just just published a risk advisory about a vulnerability in the Linux Kernel that allows for local privilege escalation. This vulnerability is tracked as CVE-2022-3910 (CVSS score: 7.4).
Canonical has released a new Linux kernel security updates for all supported Ubuntu LTS releases to address up to 16 vulnerabilities discovered by various security researchers.
The local privilege escalation vulnerability in the Linux Kernel was reported by Redhat, and its CVE code is 2022-3977. The problem is that the most recent Linux kernel upstream contains a use-after-free vulnerability called mctp sk unhash that may be exploited to elevate privileges to root.
Canonical published today the first Linux kernel security update for its recently released Ubuntu 22.10 (Kinetic Kudu) operating system series to address recently discovered Wi-Fi Stack security vulnerabilities.
SecurityWeek reports that federal agencies have been ordered by the Cybersecurity and Infrastructure Security Agency to remediate within three weeks a Linux kernel bug, tracked as CVE-2021-3493, which has been added to the agency's Known Exploited Vulnerabilities Catalog following active exploitation by the new stealthy Linux malware Shikitega.
Users of the Debian GNU/Linux and Ubuntu Linux distributions received important kernel security updates that address multiple vulnerabilities discovered by various security researchers.
Linux’s Wi-Fi code has some nasty bugs, which can be exploited simply by being near an attacker. Remote code execution is a possibility—no need to actually connect to a malicious Wi-Fi network.
Canonical has released new Linux kernel security patches for all supported Ubuntu releases to address various security vulnerabilities discovered in the upstream kernel packages.
A security investigator has discovered three new code execution flaws in the Linux kernel that might be exploited by a local or external adversary to take control of the vulnerable computers and run arbitrary code.