Multiple vulnerabilities found in Linux USB drivers that included with Linux kernel USB subsystem. It can be triggered by an attacker who has a physical access to the machine. These bugs allow attackers to induce a denial of service and to insert malicious scripts or to escalate privileges if they get physical access. All the […]
The general perception of the public is that Linux and macOS operating systems are far more secure as compared to Windows. While this notion holds true in most cases, it won’t be sensible to reject any possibility of exploit. Recently, a Google security researcher, Andrey Konovalov, uncovered a number of Linux vulnerabilities. Konovalov found these […]
kernelpop is a framework for performing automated kernel exploit enumeration on Linux, Mac, and Windows hosts. Requirementspython3 Currently supported CVE’s: *CVE-2017-1000367 *CVE-2017-1000112 *CVE-2017-7308 *CVE-2017-6074 *CVE-2017-5123 *CVE-2016-5195 *CVE-2016-2384 *CVE-2016-0728 *CVE-2015-7547 *CVE-2015-1328 *CVE-2014-4699 *CVE-2014-4014 *CVE-2014-3153 *CVE-2014-0196 *CVE-2009-1185 Run modes default mode The default mode runs with the command python3 kernelpop.py. This processes information about the host kernel […]
Diamorphine is a LKM rootkit for Linux Kernels 2.6.x/3.x/4.x Features When loaded, the module starts invisible; Hide/unhide any process by sending a signal 31; Sending a signal 63(to any pid) makes the module become (in)visible; Sending a signal 64(to any pid) makes the given user become root; Files or directories starting with the MAGIC_PREFIX become […]
Any discussion involving the open source software cannot be completed without the mention of Linux kernel. This collaborative effort has become one of the most popular and successful open source development projects. If we talk about the current state, the Linux operating system runs 90% of the public cloud, has 62% embedded market share, and […]
The development team at NetBSD is going to implement the KASLR (kernel Address Space Layout Randomisation) for 64-bit AMD processors. The KASLR coding technique allows randomizing the location of memory where the NetBSD kernel is loaded. The ASRL technique is widely adopted as a security measure to protect applications from the exploitation of vulnerabilities like buffer overflow because […]
Security researchers have discovered a new privilege-escalation vulnerability in Linux kernel that could allow a local attacker to execute code on the affected systems with elevated privileges. Discovered by Venustech ADLab (Active-Defense Lab) researchers, the Linux kernel vulnerability (CVE-2017-15265) is due to a use-after-free memory error in the Advanced Linux Sound Architecture (ALSA) sequencer interface […]
Cisco issued a security advisory on a local privilege escalation vulnerability in the Linux Kernel, patch it as soon as possible. On Friday, Cisco issued a security advisory on a local privilege escalation vulnerability in the Advanced Linux Sound Architecture (ALSA). The vulnerability in the Linux Kernel, tracked as CVE-2017-15265, is due to a use-after-free memory error […]
Patch diffing is a common technique of comparing two binary builds of the same code – a known-vulnerable one and one containing a security fix. It is often used to determine the technical details behind ambiguously-worded bulletins, and to establish the root causes, attack vectors and potential variants of the vulnerabilities in question. The approach […]
After each major release, Apple is known to share the macOS kernel code. Apple releases a small bit of Darwin code every year, probably, because it’s based on tons of open source technologies. iOS mobile operating system is also built on the macOS foundation, and they share the common Unix-based Darwin core code. Even though you could […]
Linux kernel Long Term Support (LTS) releases are “longterm maintenance” releases that currently come with 2 years of support for the purpose backporting bug and security fixes. The usual Linux kernel releases arrive after about every 7-8 weeks. This free and open source kernel serves as the base for most of the devices, including millions […]
According to security researchers, there is a decade old bug in Windows kernel that can be easily exploited to prevent security apps from identifying malicious programs loaded at runtime. The bug is so old that it dates back to Windows 2000 and is found in all the subsequent Windows OS versions including the most recent […]
Last week, we celebrated the release of Linux kernel 4.13, which is the latest version shipped by Linux boss Linus Torvalds. Linux 4.13 features initial Cannonlake support, AMD Raven Ridge support, changes in the default cifs behaviour, etc. You can read our dedicated Linux kernel 4.13 features article to know more. The road to this […]
Malware developers can abuse a programming error in the Windows kernel to prevent security software from identifying if, and when, malicious modules have been loaded at runtime. The bug affects PsSetLoadImageNotifyRoutine, one of the low-level mechanisms some security solutions use to identify when code has been loaded into the kernel or user space. The problem […]
Update (7th September, 2017): Linux kernel developer Greg Kroah-Hartman has confirmed on his blog that Linux kernel 4.14 will be the next LTS kernel branch, which will be supported with stable kernel patch backports for at least 2 years. You can find the announcement here. Also, don’t forget to read about the best features of Linux […]
Linux kernel 4.12 was released in early July, which was the second biggest release in terms of commits. It came with the support for new AMD Vega graphics support. Following Linux kernel 4.12, Linux boss Linus Torvalds has released Linux kernel 4.13 after seven release candidates. The Linux Kernel Mailing List announcement of kernel 4.13 […]
For those of you who are not interested in iOS research and would like to protect themselves against these vulnerabilities, we urge you to update your iOS device to the latest version. Without an advanced mobile security and mitigation solution on the device (such as Zimperium zIPS), there’s little chance a user would notice any malicious […]
If you search Linux kernel today and look for Linux mascot Tux on the search result page, you’ll notice something unusual. The Google card showed along with the results features a little distorted logo of Tux (Read Tux origin story here). Why is it so? Is our beloved Tux not feeling okay? Before going ahead […]
Short Bytes: Linux kernel 4.12, which was released on July 2nd, 2017, brought along many hardware improvements. If you are willing to try out those improvements, you can install Linux kernel 4.12 in Ubuntu or Linux Mint. You can either use Terminal to download .deb packages and install them manually or you can use Ukuu […]
A new feature added in test snapshots for OpenBSD releases will create a unique kernel every time an OpenBSD user reboots or upgrades his computer. This feature is named KARL — Kernel Address Randomized Link — and works by relinking internal kernel files in a random order so that it generates a unique kernel binary […]
Short Bytes: After the usual development process involving seven release candidates, Linus Torvalds has released Linux kernel 4.12. Regarding commits, probably, it’s the second biggest kernel release. The most significant feature of kernel 4.12 is the support for new AMD Vega graphics processors. You can go ahead and download the Linux kernel 4.12 tarball from […]