many parts make the whole
There is a very interesting writeup at ars technica on a sophisticated malware attack that allowed bad actors to compromise infrastructure that was used to update and distribute Linux. The attack took place back in 2011 which led to 448 accounts being compromised and created a backdoor in OpenSSH that allowed for access to a … Read More “LINUX KERNEL SUPPLIER-SIDE OpenSSH BACKDOOR” »
A buffer overflow vulnerability has been disclosed that could allow for local privilege escalation to root and leakage of stack and heap addresses. The CVSS score is 7.8 HIGH. A patch has been proposed and mitigation is available by disabling unprivileged user namespaces. This is another buffer overflow in nf_tables similar to the one we … Read More “KERNEL STACK BUFFER OVERFLOW in Linux – CVE-2023-0179” »
A vulnerability in the Linux kernel was recently disclosed that could allow a bad actor with local access to escalate to root privileges. A bug in nft_elem_init leads to a buffer overflow and allows for access as root. The vulnerability has a CVSS score of 7.8 HIGH. A patch has been released by the Linux … Read More “LINUX FIREWALL VULNERABILITY – CVE-2022-34918” »