15 articles tagged #linux
CVE-2026-23111 is a Linux nf_tables privilege escalation, CVSS 7.8. A full working exploit dropped June 8. Patches available since February — if you haven't applied them yet, now is the deadline.
CVE-2026-46243 (CIFSwitch) is a Linux kernel LPE in the CIFS client, CVSS 7.8. Public PoC available since 27 May 2026. Patches are out — patch and reboot.
CVE-2022-0492 is a logic bug in Linux cgroups v1 that lets a local attacker escape a container and get root on the host. CISA added it to KEV on June 2, 2026. Active exploitation is confirmed.
Seven kernel branches shipped June 1. Three security fixes land in 7.0.11 — TCP ISN leak, tap stack leak, and a keyring race. Dirty Frag is now half-patched: CVE-2026-43500 fixed, CVE-2026-43284 still open upstream.
The 23 May batch release patched a UDP/IPsec corruption bug, a ptrace vulnerability, and the Copy Fail LPE across all active LTS branches.
Azure Linux 4.0 is Microsoft's first Fedora-based general-purpose server distro, released into public preview on Azure VMs. Here's what it means for teams running Linux in production — and why Microsoft now wants to own the OS layer, not just host it.
CVE-2026-31431 lets any local user escalate to root on Linux 4.14+ via a logic flaw in the AF_ALG crypto socket interface. A 732-byte Python script works every time, on every major distro. Here is how to check your exposure and apply the fix.
HPLIP 3.26.4 patches CVE-2026-8631 (CVSS 9.3): unauthenticated remote command injection via the HP printer driver daemon. No interaction required — update now.
Three Linux kernel LPEs in 14 days. This is a triage guide for sysadmins deciding which reboot to schedule first — and what to do until you can.
CVE-2026-46333 lets unprivileged users steal SSH host keys and shadow passwords. Here is how to patch, mitigate, rotate keys, and audit for breach.
Day 2 of Pwn2Own Berlin 2026 yielded 15 zero-days and $385,750 in prizes. Exchange fell to a three-bug RCE chain. Cursor AI and OpenAI Codex were exploited too.
Debian 14 is the first distro to hard-gate on reproducible builds. 414 packages are currently blocked from testing. What this means for maintainers and downstream users.
OpenClaw connects your AI model to 50+ messaging channels. The core gateway works. The plugin ecosystem has a 20% malicious skill rate and two active CVEs.
Linux 7.0 is out. SHA-1 module signing removed, NFSv4.0 becomes kconfig-optional, lazy preemption replaces the old default. Audit your config before upgrading.
CVE-2026-31431 (Copy Fail) is a Linux kernel LPE, CVSS 7.8. Working PoC is public. CISA KEV. Patches out for Ubuntu, Debian, AlmaLinux, and RHEL.