Security News

A new Linux NetFilter kernel flaw has been discovered, allowing unprivileged local users to escalate their privileges to root level, allowing complete control over a system. Netfilter is a packet filtering and network address translation framework built into the Linux kernel that is managed through front-end utilities, such as IPtables and UFW. According to a new advisory published yesterday, corrupting the system's internal state leads to a use-after-free vulnerability that can be exploited to perform arbitrary reads and writes in the kernel memory.

Roid security updates released this month patch a high-severity vulnerability exploited as a zero-day to install commercial spyware on compromised devices. According to a Google Threat Analysis Group report published in March, it was exploited as part of a complex chain of multiple 0-days and n-days in a spyware campaign targeting Samsung Android phones.

"The kernel failed to protect applications that attempted to protect against Spectre v2, leaving them open to attack from other processes running on the same physical core in another hyperthread," the vulnerability disclosure explains. Linux kernel 6.0 debuts, Linus Torvalds teases 'core new things' coming in version 6.1 Older AMD, Intel chips vulnerable to data-leaking 'Retbleed' Spectre variant Apple gets lawsuit over Meltdown and Spectre dismissed Boffins release tool to decrypt Intel microcode.

Oops init triggering oops via BUG() ------[ cut here ]------ kernel BUG at /home/duck/Articles/linuxoops/oops. When kernel version 6.2.3 came out at the end of last week, two tiny changes quickly proved to be problematic, with users reporting kernel oopses when managing disk storage.

Microsoft is testing a new diagnostic tool in Windows 11 that lets you create live kernel memory dumps without disrupting the operation of Windows. A live kernel dump is a snapshot of the kernel's memory at the time of the dump, which is then saved to a file.

ZDI doesn't just deal in competitive bug hunting in its twice-a-year contests, so it also regularly puts out vulnerability notices for zero-days that were disclosed in more conventional ways, like this one, entitled Linux Kernel ksmbd Use-After-Free Remote Code Execution Vulnerability. Even though this bug has had some dramatic coverage over the holiday weekend, given that it was a remote code execution hole in the Linux kernel itself, and came with a so-called CVSS score of 10/10, considered Critical.

Merry Christmas, Linux systems administrators: Here's a kernel vulnerability with a CVSS score of 10 in your SMB server for the holiday season giving an unauthenticated user remote code execution. Luckily for the sysadmins reaching for more brandy to pour in that eggnog, it doesn't appear to be that widespread. Discovered the Thalium Team vulnerability research team at French aerospace firm Thales Group in July, the vulnerability is specific to the ksmbd module that was added to the Linux kernel in version 5.15.

Microsoft now has an advisory out that's blaming rogue partners. The problem with certified kernel drivers, of course, is because they have to be signed by Microsoft, and because driver signing is compulsory on Windows, it means that if you can get your kernel driver signed, you don't need hacks or vulnerabilities or exploits to be able to load one as part of a cyberattack.

In brief Apple has patched an iOS and iPad OS vulnerability that's already been exploited. Apple issued patches for iOS 16.1 and iPad OS 16, to address this and 19 other vulnerabilities.

The "Clear-and-present danger" prize goes to iOS and iPadOS, which get updated to version 16.1 and 16 respectively, where one of the listed security vulnerabilites allows kernel code execution from any app, and is already actively being exploited. As you might have assumed, given that the release of Ventura takes macOS to version 13, three-versions-ago macOS 10 Catalina doesn't appear in the list this time.