تم الإعلان عن ثغرة أمنية جديدة في نظام لينكس تتيح تصعيد الصلاحيات محلياً وتُعرف باسم Fragnesia. توصف هذه الثغرة بأنها مشابهة لثغرة Dirty Frag وتتعلق بخلل في منطق ESP/XFRM.
تسمح الثغرة بكتابة بايتات عشوائية في ذاكرة التخزين المؤقت لنواة النظام للملفات ذات صلاحية القراءة فقط. قد تتيح هذه القدرة للمهاجمين المحليين الحصول على صلاحيات مرتفعة في الأنظمة المتأثرة.
من إعداد الذكاء الاصطناعي صورة مولدة بواسطة الذكاء الاصطناعي
A critical Linux vulnerability known as CopyFail, tracked as CVE-2026-31431, allows attackers to gain root access on systems running kernels since 2017. Publicly released exploit code has heightened risks for data centers and personal devices. Ubuntu's infrastructure has been offline for over a day due to a DDoS attack, hampering security communications.
A security researcher has disclosed Dirty Frag, a new Linux kernel exploit that allows local users to gain root privileges. The flaw affects major distributions and remains unpatched on most systems despite earlier fixes for a similar issue.
من إعداد الذكاء الاصطناعي
NVIDIA engineer Sasha Levin has proposed a new mechanism for the Linux kernel that would let administrators quickly disable flawed functions on live systems. The patch, called killswitch, aims to mitigate privilege escalation risks without waiting for full fixes. It remains under review on the Linux Kernel Mailing List.
A new variant of the SysUpdate malware has been discovered targeting Linux systems, featuring advanced encryption for command-and-control communications. Security researchers at LevelBlue identified the threat during a digital forensics engagement and developed a tool to decrypt its traffic. The malware disguises itself as a legitimate system service to evade detection.