Linux vulnerability news Ubuntu 24. A severe, unauthenticated remote code execution (RCE) flaw has been discovered in GNU Linux systems. The vulnerability exists within the USB Video Class (UVC) driver and can lead to privilege escalation. 6, resides in the NF_tables, a kernel component enabling the Netfilter, which in turn facilitates a variety of network May 31, 2024 · The U. Dec 9, 2024 · This vulnerability exploits a type confusion condition caused by insufficient validation of user-supplied data within nftables. This bug, now identified as CVE-2024-36904, highlights the persistent risks in widely used open-source software. S. Top 10 Riskiest Linux Vulnerabilities. Popular Linux distros such as Debian and Ubuntu seem to be particularly vulnerable Mar 29, 2024 · The malicious versions, researchers said, intentionally interfere with authentication performed by SSH, a commonly used protocol for connecting remotely to systems. Auto-color then proceeds to contact a C2 server, granting the operator the ability to spawn a reverse shell, gather system information, create or modify files, run programs, use the machine as a proxy for communication between a remote IP address and a specific target IP Feb 5, 2025 · CISA has ordered federal agencies to secure their systems within three weeks against a high-severity Linux kernel flaw actively exploited in attacks. btnsy ivmkn ryonui hvthx qqgmux msbo ugpszyn owym nbmfcsbyt tmow