Para peneliti Qualys telah mengidentifikasi cacat logika pada kernel Linux yang memungkinkan pengguna lokal tanpa hak akses untuk mengungkapkan file sensitif dan menjalankan perintah arbitrer sebagai root.
Kerentanan ini memengaruhi instalasi default dari beberapa distribusi Linux utama. Unit Riset Ancaman Qualys menemukan masalah ini dan merincinya dalam sebuah posting blog yang diterbitkan pada hari Jumat.
Dilaporkan oleh AI Gambar dihasilkan oleh AI
A critical Linux vulnerability known as CopyFail, tracked as CVE-2026-31431, allows attackers to gain root access on systems running kernels since 2017. Publicly released exploit code has heightened risks for data centers and personal devices. Ubuntu's infrastructure has been offline for over a day due to a DDoS attack, hampering security communications.
A security researcher has disclosed Dirty Frag, a new Linux kernel exploit that allows local users to gain root privileges. The flaw affects major distributions and remains unpatched on most systems despite earlier fixes for a similar issue.
Dilaporkan oleh AI
A new Linux local privilege escalation vulnerability known as Fragnesia has been made public. The flaw is described as similar to Dirty Frag and involves an ESP/XFRM logic bug.
A newly published zero-day exploit allows attackers with physical access to bypass BitLocker encryption on Windows 11 devices in seconds. The attack, named YellowKey, targets the default TPM-only configuration and grants full access to encrypted drives via a simple USB-based method.
Dilaporkan oleh AI
Greg Kroah-Hartman, maintainer of the Linux kernel, stated that AI-driven code review tools have become genuinely useful. He told The Register that the technology reached an inflection point about a month ago, leading to actionable bug reports.