Linux & Open Source News

Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Roundcube webmail vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2023-43770, this issue is a persistent cross-site...

A race condition vulnerability usually occurs in concurrent or multi-threaded programs where multiple processes or threads access shared resources without proper synchronization. Unpredictable outcomes like data corruption, system crashes, or...

Multiple vulnerabilities were discovered in FreeImage, an open-source support library for graphic image formats. These vulnerabilities, when left unaddressed, could potentially lead to denial of service attacks. On 16th January...

Squid is a powerful tool for caching proxy for the web, but like any software, it is not immune to vulnerabilities. Several security vulnerabilities have been discovered that could potentially...

Several vulnerabilities were discovered in libde265, an Open H.265 video codec implementation. These vulnerabilities could result in denial of service and potentially the execution of arbitrary code if a specially...

A set of critical security vulnerabilities has been found in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification. Named PixieFail...

Google-owned Mandiant has uncovered a new malware exploiting vulnerabilities in Ivanti Connect Secure VPN and Policy Secure devices. These malwares have been utilized by several threat groups, including the China-nexus...

A new variant of the sophisticated botnet “FritzFrog” has emerged, leveraging the Log4Shell vulnerability for propagation. Despite more than two years passing since the Log4j flaw was discovered, attackers continue...

GitLab has recently released important patches to fix a critical security vulnerability affecting both its Community Edition (CE) and Enterprise Edition (EE). The flaw, identified as CVE-2024-0402, carries a CVSS...

As a fundamental element of nearly every Linux-based system, the GNU C Library, or glibc, acts as a core library connecting applications with the Linux kernel. It provides essential functions...

Mozilla released the new version of its popular browser, Firefox 122, on January 23, 2024. It came 1 month and 5 days after the previous Firefox 121 and brings several...

The Ubuntu security team has recently released Ubuntu kernel updates to address several high-severity Linux kernel vulnerabilities. The affected operating systems include Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 23.10,...