March 30, 2024 at 01:51AM RedHat issued an urgent security alert about backdoored versions of the XZ Utils data compression library, impacting versions 5.6.0 and 5.6.1. The compromised code interferes with the sshd daemon process and could allow unauthorized remote access under specific circumstances. Microsoft researcher Andres Freund discovered the issue, prompting GitHub to disable … Read more
March 29, 2024 at 06:05PM Red Hat has warned about a backdoor in the xz compression library affecting Fedora Linux 40, 41, and Rawhide. The vulnerability, rated 10/10 in severity, provides remote backdoor access and interferes with sshd authentication. Users are advised to stop using Fedora Rawhide instances. Red Hat Enterprise Linux (RHEL) is not … Read more
March 29, 2024 at 01:55PM Red Hat issues urgent warning regarding backdoor discovered in the latest XZ Utils data compression tools and libraries in Fedora development versions. The malicious code, assigned a 10/10 critical severity score, compromises sshd authentication, potentially allowing unauthorized remote system access. Users are advised to revert to uncompromised version and monitor … Read more
February 7, 2024 at 05:23PM Major Linux distros, including Red Hat, Ubuntu, Debian, and SUSE, are affected by a remote code execution vulnerability in Linux shim (CVE-2023-40547). The flaw allows attackers to take full control of affected systems during the secure boot process. Red Hat has issued an update to address the most severe of … Read more
February 7, 2024 at 10:57AM A critical vulnerability in the Shim Linux bootloader allows attackers to execute code and take control of a system before the kernel loads, bypassing existing security measures. The flaw, known as CVE-2023-40547, was identified by Microsoft’s Bill Demirkapi. It can be exploited through various attack points and affects Linux distributions … Read more