New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries
A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems
Red Hat develops enterprise Linux and related software, making its security advisories, patches, and vulnerabilities relevant to systems that rely on them.
Search across headline titles and summaries.
Background for this topic.
Red Hat is the publisher and maintainer of enterprise open-source platforms, chiefly Red Hat Enterprise Linux (RHEL), Red Hat OpenShift for containerized applications, and Red Hat Satellite for system management. RHEL commonly provides SELinux, a mandatory access-control system that restricts processes according to policy, while Red Hat’s signed packages, security errata, and defined support lifecycles help organizations maintain controlled software baselines.
Security teams track Red Hat security advisories and apply the relevant updates across RHEL hosts, virtual machines, and images; delayed patching can leave known flaws exploitable, while version and support status affect remediation options. Satellite can centralize repository and patch governance, but it must itself be secured. OpenShift adds Kubernetes-specific exposure: overly broad role permissions, exposed management interfaces, insecure container images, and misconfigured secrets can expand an application’s attack surface. SELinux and platform defaults reduce risk only when policies, access controls, image sources, and audit data are reviewed and maintained.
Weekly headline count for the current query.
A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems
A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal credentials and secrets from developer machines and deliver a self-propagating worm
A severe security flaw has been disclosed in the Red Hat OpenShift AI service that could allow attackers to escalate privileges and take control of the complete infrastructure under certain conditions
Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat Research Unit (TRU)