Kali Linux adds VM-like snapshot feature to bare-metal installs
Offensive Security has announced its implementation of a file system snapshot in Kali Linux, a feature designed to add VM-like snapshotting to bare-metal installs. [...]
Linux is an open-source operating system used across servers and devices, so kernel, distribution, and software vulnerabilities can affect deployed systems.
Search across headline titles and summaries.
Background for this topic.
Linux is an open-source operating-system kernel: privileged software that manages hardware, memory, processes, filesystems, and networking. Most deployments use it through a distribution that adds user-space tools, package managers, libraries, and an update policy. This distinction matters in security reporting: a kernel flaw, a distribution-package flaw, and a flaw in an application running on Linux may have different affected versions and fixes.
Material attack surfaces include kernel code, loadable modules and device drivers, network services, local privilege boundaries, and third-party packages. Vulnerabilities can enable denial of service, information disclosure, or escalation from an unprivileged account to root, depending on configuration and exploitability. Administrators should track upstream and distribution advisories, apply security updates, and reboot when a running kernel remains vulnerable. Mandatory access-control systems such as SELinux or AppArmor can restrict compromised processes; signed repositories, audit logs, and tested configuration baselines support package integrity and investigation. Open source does not itself guarantee security: exposure depends on code, configuration, maintenance, and the surrounding software stack.
Offensive Security has announced its implementation of a file system snapshot in Kali Linux, a feature designed to add VM-like snapshotting to bare-metal installs. [...]
Latest episode - listen now!
Even read-only files can be written to, leading to a dangerously general purpose elevation-of-privilege attack.
A missing check allows unprivileged attackers to escape containers and execute arbitrary commands in the kernel.
New discovery could give attackers full control over a targeted system
Linux distributions are in the process of issuing patches to address a newly disclosed security vulnerability in the kernel that could allow an attacker to overwrite arbitrary data into any read-only files and allow for a complete takeover of affected systems
Plus: Adafruit customer data leak fallout, infosec burnout, and more A Linux local privilege escalation flaw dubbed Dirty Pipe has been discovered and disclosed along with proof-of-concept exploit code.…
A new Linux vulnerability known as 'Dirty Pipe' allows local users to gain root privileges through publicly available exploits. [...]