Linux Kernel Project Drops 11 Russian Developers Amid US Sanctions Concerns

Linux Foundation removes 11 Russian developers from the Linux kernel project due to U.S. sanctions. Linus Torvalds confirms…...

Unbreakable Enterprise kernel security update

5.15.0-5.76.5.1 - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34883037 CVE-2022-4378 - proc: avoid integer type confusion in getproclong Linus Torvalds Orabug: 34883037 CVE-2022-4378 5.15.0-5.76.5 - KVM: x86: Use SRCU to protect zap in...

Linus Torvalds Apologizes For His Rude Behavior—Takes Time Off

What just happened would definitely gonna surprise you. Linus Torvalds—father of the Linux open-source operating system—finally admitted his behavior towards other developers in the Linux community was hurting people and Linux. In a surprising move this weekend, Torvalds apologized for insulting...

Linus Torvalds Apologizes For His Rude Behavior—Takes Time Off

What just happened would definitely gonna surprise you. Linus Torvalds—father of the Linux open-source operating system—finally admitted his behavior towards other developers in the Linux community was hurting people and Linux. In a surprising move this weekend, Torvalds apologized for insulting...

Unbreakable Enterprise kernel security update

2.6.39-400.298.6 - perf/hwbp: Simplify the perf-hwbp code, fix documentation Linus Torvalds Orabug: 27947612 CVE-2018-100199 2.6.39-400.298.5 - xen-netfront: fix rx stall when reqprodpvt goes back to more than zero again Dongli Zhang Orabug: 25053376 - x86/IBRS: Remove support for IBRSENABLEDUSER...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4025)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4025 advisory. - dccp: CVE-2017-8824: use-after-free in DCCP code Mohamed Ghannam Orabug: 27290300 CVE-2017-8824 - ALSA: pcm: prevent UAF in sndpcminfo Robb Glass...

Intel Halts Spectre/Meltdown Patching for Broadwell and Haswell Systems

Intel is advising OEMs and partners to halt patching for the Spectre and Meltdown vulnerabilities amid numerous reports the updates are causing reboot issues on systems running the Broadwell and Haswell microprocessors. “We recommend that OEMs, cloud service providers, system manufacturers,...

Intel Warns Users Not to Install Its 'Faulty' Meltdown and Spectre Patches

Don't install Intel's patches for Spectre and Meltdown chip vulnerabilities. Intel on Monday warned that you should stop deploying its current versions of Spectre/Meltdown patches, which Linux creator Linus Torvalds calls 'complete and utter garbage.' Spectre and Meltdown are security...

Linux Kernel 4.6.3 Netfilter Privilege Escalation Exploit

This Metasploit module attempts to exploit a netfilter bug on Linux Kernels before 4.6.3, and currently only works against Ubuntu 16.04 not 16.04.1 with kernel 4.4.0-21-generic. Several conditions have to be met for successful exploitation. This module requires Metasploit:...

Linux Kernel 4.6.3 (x86) - 'Netfilter' Local Privilege Escalation (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule 'Linux Kernel 4.6.3 Netfilter Privilege Escalation', 'Description' = %q This module attempts to exploit a netfilter bug on Linux...

Happy Birthday! LINUX Turns 25 Years Old Today

Linux has turned 25! Dear all, today is August 25, 2016, and it is time for the celebration, as it's the 25th Anniversary of the Linux project, announced by its creator, Finnish programmer Linus Torvalds, on August 25, 1991. Who can forget one of the most famous messages in the computing world...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2015-3101)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3101 advisory. - ipc/sem.c: fully initialize semarray before making it visible Manfred Spraul Orabug: 22277382 CVE-2015-7613 - ipc: fix msg newqueue add Guru...

[oss-security] Linux kernel floppy ioctl kernel code execution

Hi, As this was posted to linux-distros, and was supposed to be made public earlier this week, but so far wasn't published on oss-sec ... Reported by Matthew Daley to [email protected]. There apparently exists a proof of concept root exploit, that allows local users with access to a floppy devi...

U.S. Government asked Linus Torvalds to insert Backdoor Into Linux

At the Linuxcon conference in New Orleans today, Linus Torvalds and the other top Linux developers, talked to the Linux faithful about Linux, Microsoft, and other issues. During a question-and-answer ‪session ‬at ‪the LinuxCon, Linux Torvalds admitted to questions from the audience that the U.S...

U.S. Government asked Linus Torvalds to insert Backdoor Into Linux

At the Linuxcon conference in New Orleans today, Linus Torvalds and the other top Linux developers, talked to the Linux faithful about Linux, Microsoft, and other issues. During a question-and-answer ‪session ‬at ‪the LinuxCon, Linux Torvalds admitted to questions from the audience that the U.S...

Linux kernel fcaps本地安全绕过漏洞

Bugtraq ID: 53166 CVE ID：CVE-2012-2123 Linux是一款开放源代码的操作系统。 当使用fcaps存在安全漏洞，允许本地攻击者绕过安全限制如地址控件随机化进行攻击。 0 Linux kernel 3.x Linux kernel 2.6.x 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息： http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=d52fc5dde171f030170a6cb78034d166b13c9445...

Unbreakable Enterprise kernel security and bug fix update

2.6.32-300.3.1.el6uek - proc: fix oops on invalid /proc/ /maps access Linux Torvalds - Revert 'capabilities: do not grant full privs for setuid w/ file caps + no effective caps' Joe Jin - mm: Use MMFCOMPAT instead ia32compat to prevent kabi be broken Joe Jin - proc: enable writing to /proc/pid/me...

Linux Kernel 3.1 RC2 Released

Linux Kernel 3.1 RC2 Released Linus Torvalds has announced the release of Linux kernel 3.1 rc2. There isn't too much to see and Linus notes that this is a fairly calm release for coming just one week after the close of the Linux 3.1 kernel merge window. As LKML is down at the moment, below is the...

Linux Kernel 3.1 RC2 Released

Linux Kernel 3.1 RC2 Released Linus Torvalds has announced the release of Linux kernel 3.1 rc2. There isn't too much to see and Linus notes that this is a fairly calm release for coming just one week after the close of the Linux 3.1 kernel merge window. As LKML is down at the moment, below is the...

Linux Kernel "key_replace_session_keyring()"空指针引用拒绝服务漏洞

Linux是一款开放源代码的操作系统。 security/keys/processkeys.c提供的"keyreplacesessionkeyring"函数存在错误，使用syscallNRkeyctl, KEYCTLSESSIONTOPARENT可导致空指针应用而使内核崩溃。 Linux Kernel 2.6.x 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息：...