Security News

Linux users have reported seeing weird white flashes and rapid blinking on their Intel laptop displays after upgrading to Linux kernel version 5.19.12, leading to warnings that the bug may damage displays. Besides being a visual annoyance, the unexpected screen flickering prevents users from doing anything on their systems, and Intel Linux kernel engineer Ville Syrjäl warns that it could also damage the display.

Microsoft has released the final version of security configuration baseline settings for Windows 11, version 22H2, downloadable today using the Microsoft Security Compliance Toolkit.While the new baseline adds extra defenses focusing on multiple areas, the highlight of the latest Windows 11 security baseline is the addition of Kernel Mode Hardware-enforced Stack Protection that provides additional hardware-level protection for kernel code against malware threats.

VMware engineers have tested the Linux kernel's fix for the Retbleed speculative execution bug, and report it can impact compute performance by a whopping 70 percent. In a post to the Linux Kernel Mailing List titled "Performance Regression in Linux Kernel 5.19", VMware performance engineering staffer Manikandan Jagatheesan reports the virtualization giant's internal testing found that running Linux VMs on the ESXi hypervisor using version 5.19 of the Linux kernel saw compute performance dip by up to 70 percent when using single vCPU, networking fall by 30 percent and storage performance dip by up to 13 percent.

Details of an eight-year-old security vulnerability in the Linux kernel have emerged that the researchers say is "As nasty as Dirty Pipe.". "DirtyCred is a kernel exploitation concept that swaps unprivileged kernel credentials with privileged ones to escalate privilege," researchers Zhenpeng Lin, Yuhang Wu, and Xinyu Xing noted.

Apple just pushed out an emergency update for two zero-day bugs that are apparently actively being exploited. There's a remote code execution hole dubbed CVE-20220-32893 in Apple's browser and HTML rendering software, by means of which a booby trapped web page can trick iPhones, iPads and Macs into running unauthorised and untrusted software code.

What is an APIC, and why do I need it? How can you have data that even the kernel can't peek at? What causes this epic failure in APIC? Does the ÆPIC Leak affect me? What to do about it? What's an APIC? How can you have data that even the kernel can't peek at?

Offensive Security has released ​Kali Linux 2022.3, the third version of 2022, with virtual machine improvements, Linux Kernel 5.18.5, new tools to play with, and improved ARM support. With this release, Kali Linux is using Linux Kernel 5.18.5.

Offensive Security has released ​Kali Linux 2022.3, the third version of 2022, with virtual machine improvements, Linux Kernel 5.18.5, new tools to play with, and improved ARM support. With this release, Kali Linux is using Linux Kernel 5.18.5.

The bug fixes for iPhones and iPads include remote code execution flaws in components from the kernel itself to Apple's image rendering library, graphics drivers, video processing modules and more. Several of these bugs warn that "a malicious application may be able to execute arbitrary code with kernel privileges".

NVIDIA has published the source code of its Linux kernel modules for the R515 driver, allowing developers to provide greater integration, stability, and security for Linux distributions. The products supported by these drivers include all models built on the Turing and Ampere architecture, released after 2018, including the GeForce 30 and GeForce 20 series, the GTX 1650 and 1660, and data center-grade A series, Tesla, and Quadro RTX. According to the GPU maker, this is a step toward improving its products' experience on the Linux platform, simplifying the integration process in Linux distributions, debugging, and boosting contribution activity.