News

A security issue affects the Linux 3.13 kernel of the Ubuntu14.04 LTS (Trusty Tahr) operating system series and its derivatives, including Kubuntu, Xubuntu, Lubuntu, Ubuntu Kylin, Ubuntu Studio, Mythbuntu, and others, allowing attackers to run programs as an administrator. The vulnerability is a race condition (CVE-2019-6133) discovered by Jann Horn of Google Project Zero in Linux kernel’s fork() system call, which could allow a ...

Parrot offers several options for running a Linux operating system that pays much closer attention to security matters. If you already are handy with digital forensic tasks and want a state-of-the-art system to handle pentesting and privacy issues, check out the Parrot Security release. Parrot Security offers a complete all-in-one environment for pentesting, privacy, digital forensics, reverse-engineering and software development. It ...

Linus says don’t get excited, but the new release contains some significant updates. Linus Torvalds, the creator of the Linux kernel has announced the release of Linux 5.0. Despite any excitement around the major release number, the fact is these numbers really don’t mean much. Torvalds has often said that he chooses a new number when the version number becomes ...

Canonical released a new Linux kernel security patch for its long-term supported Ubuntu 18.04 LTS (Bionic Beaver) operating system series to address several security vulnerabilities. The Linux kernel security update addresses three vulnerabilities, including a race condition (CVE-2019-6133) in Linux kernel’s fork() system call, which could allow a local attacker to gain access to services were authorizations are cached, and ...

LibreSignage, “a FOSS digital signage solution for managing a network of digital signage clients…anything from small advertisement displays to larger commercial billboards”, is looking for beta testers for LibreSignage v1.0.0: “If you’d like to try out the latest and greatest of LibreSignage development, you can pull the LibreSignage Docker image by pulling libresignage:v1.0.0-beta-1 from Docker Hub. The readme in the GIT repository contains ...

Linux kernel 5.0 is out. Linus writes, “We have more than a handful of real fixes in the last week, but not enough to make me go “Hmm, things are really unstable”. In fact, at least two thirds of the patches are marked as being fixes for previous releases, so it’s not like 5.0 itself looks bad.” The merge window ...

A proof-of-concept hack allows adversaries to tweak old exploits, have code jump containers and attack underlying infrastructure. Researchers at CyberArk have created a proof-of-concept attack that allows adversaries to bypass container security, escape the container and compromise an entire host system. However, the attack scenario is limited, in that a successful attack depends on unpatched vulnerabilities to be present in ...

With no official Google Drive Linux client available, it’s left to third-party apps, devs services to fill the file-syncing void for FOSS fans. And boy are there are a lot of options out there that do just that! One could compile a list of various Google Drive Linux clients available for Linux, ranging from those with a GUI to those using a CLI. I ...

In my day job at LinuxGizmos, I’ve been neck deep recently in embedded Linux hardware news from the Embedded World show in Nuremberg. There are plenty of new SBCs and compute modules — many based on NXP’s newly shipping i.MX8M Mini — as well as a new Qualcomm Robotics RB3 Platform, more IoT gateways, and Linux-ready chips like ST’s STM32MP1 and Octavo SiP version of the SoC. Yet, Embedded World ...

Thunderclap vulnerabilities allow the creation of highly dangerous malicious peripherals that can steal data from OS memory. Windows, Mac, Linux, and FreeBSD systems are all impacted by a new vulnerability that was disclosed this week at the NDSS 2019 security conference. The vulnerability –named Thunderclap– affects the way Thunderbolt-based peripherals are allowed to connect and interact with these operating systems, ...