Tag Archives: Linux

Linux/Unix RCE vulnerabilities in CUPS (Sept. 2024)

[German]There are several critical vulnerabilities in the CUPS printing system, which is used under Linux and Unix. Under certain circumstances, these can be used for remote code execution (RCE) attacks.

Posted in Linux, Security | Tagged , | Leave a comment

Microsoft responds to Linux boot bricked by Windows August 2024 update

[German]The August 2024 updates for Windows have caused collateral damage for Linux users. By switching the boot mechanism to Secure Boot Advanced Targeting (SBAT), the Linux boot loader refused to start on dual-boot systems following the update installation. Microsoft has … Continue reading

Posted in issue, Linux, Update, Windows | Tagged , , , | Leave a comment

Windows August 2024 update 'paralyzes' Linux boot

[German]Users who use Windows and Linux via Secure Boot on computers are likely to have a problem since August 13, 2024. Microsoft has changed something in the boot process with the August 2024 Patchday and switched boot entries from DBX … Continue reading

Posted in issue, Linux, Update, Windows | Tagged , , , , | Leave a comment

regreSSHion: Critical OpenSSH server vulnerability CVE-2024-6387

[German]A critical vulnerability CVE-2024-6387 has been disclosed in OpenSSH servers. The vulnerability, known as regreSSHion, allows remote unauthenticated code execution – and security firms have found over 14 million potentially vulnerable OpenSSH servers on the internet. However, the risk should … Continue reading

Posted in Linux, Security, Software | Tagged , , | Leave a comment

Linux: Backdoor in upstream xz/liblzma; compromise of SSH servers

[German]As of Friday, March 29, 2024, Red Hat has published a warning. The latest versions of the "xz" tools and libraries contain malicious code, a backdoor, which is apparently intended to allow unauthorized access. Affected by the backdoor (vulnerability CVE-2024-3094) … Continue reading

Posted in issue, Linux, Security, Software | Tagged , , | 1 Comment

Vulnerability in GNU C Library (glibc) jeopardizes Linux distros

[German]The Qualys Threat Research Unit (TRU) has recently uncovered four significant vulnerabilities in the GNU C Library (glibc). This library is used in countless Linux applications in common Linux distributions. The vulnerabilities allow attackers to gain root privileges on Linux … Continue reading

Posted in Linux, Security, Software | Tagged , | Leave a comment

Ubuntu 24.04 LTS gets 12 year of support from Cannonical

Cannonical wants to extend the support period for Ubuntu 24.04 LTS, which is expected in April 2024, to 12 years. The extended support period was announced by Canonical CEO Mark Shuttleworth in an interview with the YouTube channel Destination Linux … Continue reading

Posted in Linux | Tagged , | Leave a comment

Linux kernel vulnerability CVE-2024-0193 allows root access

[German]The vulnerability CVE-2024-0193, which allows root access, was discovered in the Linux kernel. This is a use-after-free error in the Netfilter subsystem, which was given a CVSS score of 7.8. However, the vulnerability can only be exploited by local attackers … Continue reading

Posted in Linux, Security | Tagged | Leave a comment

Microsoft published Linux installation guide

[German]Microsoft wants to get rid of some of its Windows users. That's how I interpret the fact that Microsoft published instructions on how to install Linux on their systems at the end of September 2023. Coincides with the terminated upgrade … Continue reading

Posted in Linux | Tagged | 1 Comment

Linux vulnerability Looney Tunables

[German]A buffer overflow vulnerability CVE-2023-4911 exists in the Gnu-C library (glibc) in the dynamic loader used to execute programs. The vulnerability, discovered by Qualys' Threat Research Unit (TRU), is called Looney Tunables and has probably existed since 2021. In the … Continue reading

Posted in Linux, Security | Tagged , | Leave a comment