The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on compromised hosts. The vulnerability in question is CVE-2024-21338 (CVSS score: 7.8), which can permit an attacker to gain SYSTEM privileges. It was resolved by Microsoft earlier this […]
Arm has released security patches to contain a security flaw in the Mali GPU Kernel Driver that has come under active exploitation in the wild. Tracked as CVE-2023-4211, the shortcoming impacts the following driver versions – Midgard GPU Kernel Driver: All versions from r12p0 – r32p0 Bifrost GPU Kernel Driver: All versions from r0p0 – […]
In a sign that cybersecurity researchers continue to be under the radar of malicious actors, a proof-of-concept (PoC) has been discovered on GitHub, concealing a backdoor with a “crafty” persistence method. “In this instance, the PoC is a wolf in sheep’s clothing, harboring malicious intent under the guise of a harmless learning tool,” Uptycs researchers […]
A Microsoft Windows policy loophole has been observed being exploited primarily by native Chinese-speaking threat actors to forge signatures on kernel-mode drivers. “Actors are leveraging multiple open-source tools that alter the signing date of kernel mode drivers to load malicious and unverified drivers signed with expired certificates,” Cisco Talos said in an exhaustive two-part report […]
Details have emerged about a newly identified security flaw in the Linux kernel that could allow a user to gain elevated privileges on a target host. Dubbed StackRot (CVE-2023-3269, CVSS score: 7.8), the flaw impacts Linux versions 6.1 through 6.4. There is no evidence that the shortcoming has been exploited in the wild to date. […]
WinTapix is a driver developed by Microsoft for Windows.Donut is a position-independent shellcode that is used by this driver. It loads.NET Assemblies, PE files, and other Windows payloads from memory and then executes them with arguments. According to the findings of the analysis conducted by Fortinet specialists on the sample, the component in question is […]
A new privilege escalation vulnerability has been identified in the Linux kernel by researcher Davide Ornaghi. This vulnerability might enable a local attacker to execute code on vulnerable computers with elevated rights if the kernel is installed on those systems. Additionally, Davide published the proof-of-concept and the write-up. The vulnerability, which has been assigned the […]
This flaw, which has been identified that affects the ksmbd NTLMv2 authentication in the Linux kernel, is known to quickly cause the operating system on Linux-based computers to crash. Namjae Jeon is the developer of KSMBD, which is an open-source In-kernel CIFS/SMB3 server designed for the Linux Kernel. It is an implementation of the SMB/CIFS […]
The use after free vulnerability, which is linked to ksmbd, affects computers running Linux distributions powered by kernels earlier than 5.15.61. This leaves susceptible systems open to cyberattacks from a remote location. SMB servers that have ksmbd enabled are vulnerable to hacking due to a serious vulnerability in the Linux kernel (CVSS score of 10). […]
A recently discovered security flaw in the Linux kernel might be exploited locally by an attacker to get elevated privileges on susceptible computers and run malicious script on such systems. The vulnerability, which has been assigned the tracking number CVE-2022-4139 and received a CVSS score of 7.0, affects impacted Linux kernel stable branches (all of […]
Redhat has just just published a risk advisory about a vulnerability in the Linux Kernel that allows for local privilege escalation. This vulnerability is tracked as CVE-2022-3910 (CVSS score: 7.4). This vulnerability is referred to be a use-after-free problem, and it can be found in io uring on the Update of Reference Count. io uring […]
The local privilege escalation vulnerability in the Linux Kernel was reported by Redhat, and its CVE code is 2022-3977. The problem is that the most recent Linux kernel upstream contains a use-after-free vulnerability called mctp sk unhash that may be exploited to elevate privileges to root. When a program tries to utilize memory that has […]
The Linux kernel WiFi stack has five serious flaws, according to research, which a hacker might use to execute arbitrary code or inflict a denial of service. CVE-2022-42719 The vulnerability, identified as CVE-2022-42719, was brought on by a use-after-free issue in the multi-BSSID element’s ieee802 11 parse elems full function of net/mac80211/util.c. A remote authenticated […]
A security investigator has discovered three new code execution flaws in the Linux kernel that might be exploited by a local or external adversary to take control of the vulnerable computers and run arbitrary code.The roccat_report_event function in drivers/hid/hid-roccat.c has a use-after-free vulnerability identified as CVE-2022-41850 (CVSS score: 8.4). A local attacker might exploit this […]
A critical flaw in the Linux kernel has been identified by a security expert (CVE-2022-2964, CVSS score: 7.8) that an adversary may use to execute arbitrary code. An adversary might utilize the CVE-2022-2964 flaw to run arbitrary code or bring about a DoS attack on the system by delivering a specifically designed request. Currently, security […]
Details of an eight-year-old security vulnerability in the Linux kernel have emerged that the researchers say is “as nasty as Dirty Pipe.” Dubbed DirtyCred by a group of academics from Northwestern University, the security weakness exploits a previously unknown flaw (CVE-2022-2588) to escalate privileges to the maximum level. “DirtyCred is a kernel exploitation concept that […]
Linux distributions are in the process of issuing patches to address a newly disclosed security vulnerability in the kernel that could allow an attacker to overwrite arbitrary data into any read-only files and allow for a complete takeover of affected systems. Dubbed “Dirty Pipe” (CVE-2022-0847, CVSS score: 7.8) by IONOS software developer Max Kellermann, the […]
Cybersecurity specialists report the detection of a severe vulnerability in the Linux kernel whose exploitation would allow threat actors to escape from a container to execute arbitrary commands. The flaw was tracked as CVE-2022-0492 and received a score of 7/10 according to the Common Vulnerability Scoring System (CVSS). The flaw was described as a privilege […]
Details have emerged about a now-patched high-severity vulnerability in the Linux kernel that could potentially be abused to escape a container in order to execute arbitrary commands on the container host. The shortcoming resides in a Linux kernel feature called control groups, also referred to as cgroups version 1 (v1), which allows processes to be […]
SentinelOne cybersecurity specialists report the detection of CVE-2021-45388, a severe remote code execution (RCE) vulnerability in the KCodes NetUSB kernel module. This is a project employed by numerous hardware vendors to add USB over IP functionality into products such as routers, printers, and storage drives. The vulnerability was identified by researcher Max Van Amerongen during […]
Cybersecurity specialists report the patching of a critical vulnerability in the Transparent Inter Process Communication (TIPC) module, implemented in the Linux kernel to facilitate communication within the cluster through Ethernet or UDP connections. According to the report, successful exploitation of the flaw would allow threat actors to execute arbitrary code on the affected module. In […]