#linux-kernel-security

[ follow ]
#privilege-escalation #zero-day-mitigation #patch-management #vulnerability-response #operational-risk
Information security
fromTechzine Global
23 hours ago

Linux kernel kill switch proposal sparks fierce debate

Privileged administrators could disable vulnerable kernel functions temporarily until patches arrive, reducing exposure during zero-day gaps but raising concerns about delaying patching and adding operational risk.
Information security
fromZDNET
1 day ago

Dirty Frag is a new Linux bug putting your system at risk - and there's no easy fix yet

Dirty Frag enables local privilege escalation from an unprivileged account to root by corrupting kernel page cache via networking and authentication logic bugs.
Information security
fromtheregister
1 day ago

Linux kernel maintainers pitch emergency killswitch after CopyFail and Dirty Frag chaos

Admins could disable specific vulnerable kernel functions at runtime to stop exploits before patches are built, distributed, and rebooted.
fromTechzine Global
2 months ago

Linux security layer extremely vulnerable: 12.6 million systems affected

The vulnerabilities exploit a confused deputy attack. An unauthorized user can manipulate a privileged process to perform actions on their behalf, without having the necessary rights themselves. Specifically, attackers abuse tools such as Sudo or Postfix to modify AppArmor profiles via pseudo-files such as /sys/kernel/security/apparmor/.load and .replace.
Information security
Software development
fromZDNET
2 months ago

Linux explores new way of authenticating developers and their code - here's how it works

The Linux kernel is transitioning from PGP-based developer identification to a more efficient system that addresses privacy concerns and streamlines the cumbersome face-to-face key-signing verification process.
[ Load more ]