Linux botnet exploits Log4j flaw to pwn Arm, x86 systems
On a plus side, their code's not very good A new Linux botnet is using the infamous Log4j vulnerability to install rootkits and steal data.…
Linux is an open-source operating system used across servers and devices, so kernel, distribution, and software vulnerabilities can affect deployed systems.
Search across headline titles and summaries.
Background for this topic.
Linux is an open-source operating-system kernel: privileged software that manages hardware, memory, processes, filesystems, and networking. Most deployments use it through a distribution that adds user-space tools, package managers, libraries, and an update policy. This distinction matters in security reporting: a kernel flaw, a distribution-package flaw, and a flaw in an application running on Linux may have different affected versions and fixes.
Material attack surfaces include kernel code, loadable modules and device drivers, network services, local privilege boundaries, and third-party packages. Vulnerabilities can enable denial of service, information disclosure, or escalation from an unprivileged account to root, depending on configuration and exploitability. Administrators should track upstream and distribution advisories, apply security updates, and reboot when a running kernel remains vulnerable. Mandatory access-control systems such as SELinux or AppArmor can restrict compromised processes; signed repositories, audit logs, and tested configuration baselines support package integrity and investigation. Open source does not itself guarantee security: exposure depends on code, configuration, maintenance, and the surrounding software stack.
On a plus side, their code's not very good A new Linux botnet is using the infamous Log4j vulnerability to install rootkits and steal data.…
QNAP's disclosure this week is the latest reminder of the potentially wide impact of privilege escalation flaw in the Linux kernel.
A recently discovered botnet under active development targets Linux systems, attempting to ensnare them into an army of bots ready to steal sensitive info, installing rootkits, creating reverse shells, and acting as web traffic proxies. [...]
A previously undocumented backdoor has been observed targeting Linux systems with the goal of corralling the machines into a botnet and acting as a conduit for downloading and installing rootkits
The “Dirty Pipe” Linux kernel flaw – a high-severity vulnerability in all major distros that grants root access to unprivileged users who have local access – affects most of QNAP’s network-attached storage (NAS) appliances, the Taiwanese manufacturer warned on Monday. Dirty Pipe, a recently reported local privilege escalation vulnerability, affects the Linux kernel on QNAP […]
Taiwanese hardware vendor QNAP warns most of its Network Attached Storage (NAS) devices are impacted by a high severity Linux vulnerability dubbed 'Dirty Pipe' that allows attackers with local access to gain root privileges. [...]
Network-attached storage (NAS) appliance maker QNAP on Monday warned of a recently disclosed Linux vulnerability affecting its devices that could be abused to elevate privileges and gain control of affected systems
A newly disclosed security flaw in the Linux kernel could be leveraged by a local adversary to gain elevated privileges on vulnerable systems to execute arbitrary code, escape containers, or induce a kernel panic