#linux

Plus: Microsoft scolded for a “cascade” of security failures, AI-generated lawyers send fake legal threats, a data broker quietly lobbies against US privacy legislation, and more.

Debian Linux Security Advisory 5655-1 - It was discovered that Cockpit, a web console for Linux servers, was susceptible to arbitrary command execution if an administrative user was tricked into opening an sosreport file with a malformed filename.

A remote code execution vulnerability in Gibbon online school platform version 26.0.00 and lower allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the endpoint /modules/System%20Admin/import_run.php&type=externalAssessment&step=4. As it allows remote code execution, adversaries could exploit this flaw to execute arbitrary commands, potentially resulting in complete system compromise, data exfiltration, or unauthorized access to sensitive information.

Linux versions starting with 6.5 suffer from a read-after-type-change of folio in cachestat() that leads to a kernel pointer leak.

Red Hat Security Advisory 2024-1678-03 - An update for nodejs is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a denial of service vulnerability.

With versions of the whoami crate >= 0.5.3 and < 1.5.0, calling any of these functions leads to an immediate stack buffer overflow on illumos and Solaris: - `whoami::username` - `whoami::realname` - `whoami::username_os` - `whoami::realname_os` With versions of the whoami crate >= 0.5.3 and < 1.0.1, calling any of the above functions also leads to a stack buffer overflow on these platforms: - Bitrig - DragonFlyBSD - FreeBSD - NetBSD - OpenBSD This occurs because of an incorrect definition of the `passwd` struct on those platforms. As a result of this issue, denial of service and data corruption have both been observed in the wild. The issue is possibly exploitable as well. This vulnerability also affects other Unix platforms that aren't Linux or macOS. This issue has been addressed in whoami 1.5.0. For more information, see [this GitHub issue](https://github.com/ardaku/whoami/issues/91).

Improving security in the applications that drive the digital economy is a necessary undertaking, requiring ongoing collaboration between the public and private sectors.

A Babuk variant has been involved in at least four attacks on VMware EXSi servers in the last six weeks, in one case demanding $140 million from a Chilean data center company.

By Waqas Another day, another malware threat! This is a post from HackRead.com Read the original post: New Latrodectus Downloader Malware Linked to IcedID and Qbot Creators

An April 2023 study from Kent State University found that remote workers are more likely to be vigilant of security threats and take actions to ward them off than their in-office counterparts.