Security News

A doozy of a bug that could allow any local user on most Linux or Unix systems to gain root access has been uncovered - and it had been sitting there for a decade, researchers said. The bug was found in Sudo, a utility built into most Unix and Linux operating systems that lets a user without security privileges access and run a program with the credentials of another user.

A vulnerability in GNOME Display Manager could allow a standard user to create accounts with increased privileges, giving a local attacker a path to run code with administrator permissions. The process involves running a few simple commands in the terminal and modifying general system settings that do not require increased rights.

The bug allows users to bypass privilege restrictions to execute commands as root.

All it takes is -u#-1 ... Wh%& t#e fsck*? It's only Monday, and we already have a contender for the bug of the week.…

Unpatched vulnerabilities found in the rkt container runtime can be exploited by an attacker to escape the container and gain root access to the host.  read more

Rogue 'worker' processes can sneak in with elevated privileges at startup Apache HTTP Server has been given a patch to address a potentially serious elevation of privilege vulnerability.…

Ubuntu and some other Linux distributions suffer from a severe privilege escalation vulnerability that could allow a local attacker or a malicious program to obtain root privileges and total...

The issue affects default installations of Ubuntu Server and Desktop and is likely included in many Ubuntu-like Linux distributions.

A vulnerability affecting Snapd – a package installed by default in Ubuntu and used by other Linux distributions such as Debian, OpenSUSE, Arch Linux, Fedora and Solus – may allow a local attacker...

A serious vulnerability in runC, a widely used CLI tool for spawning and running containers, could be exploited to compromise the runC host binary from inside a privileged runC container, allowing...