Wednesday , March 26 2025
Linux

126 Linux kernel Vulns Allow Attackers Exploit 78 Linux Sub-Systems

infosecbulletin Tuesday , January 21 2025 Uncategorized

Ubuntu 22.04 LTS users are advised to update their systems right away due to a crucial security patch from Canonical that fixes critical vulnerabilities in the Linux kernel for Xilinx ZynqMP processors.

The Linux kernel for Xilinx Zynq UltraScale+ MPSoC is customized to support the features and hardware of these processors.

Micropatches released for Windows zero-day leaking NTLM hashes

By infosecbulletin / Wednesday , March 26 2025
Unofficial patches are available for a new Windows zero-day vulnerability that allows remote attackers to steal NTLM credentials by deceiving...
Read More
Micropatches released for Windows zero-day leaking NTLM hashes

VMware Patches Authentication Bypass Flaw in Windows Tool

By infosecbulletin / Wednesday , March 26 2025
On Tuesday, VMware issued an urgent fix for a security flaw in its VMware Tools for Windows. CVE-2025-22230 allows a...
Read More
VMware Patches Authentication Bypass Flaw in Windows Tool

IngressNightmare
Over 40% of cloud environments are vulnerable to RCE

By infosecbulletin / Tuesday , March 25 2025
Kubernetes users of the Ingress NGINX Controller are advised to fix four newly found remote code execution ( RCE) vulnerabilities,...
Read More
IngressNightmare Over 40% of cloud environments are vulnerable to RCE

(CVE-2025-29927)
Urgently Patch Your Next.js for Authorization Bypass

By infosecbulletin / Tuesday , March 25 2025
Next.js, a widely used React framework for building full-stack web applications, has fixed a serious security vulnerability. Used by many...
Read More
(CVE-2025-29927) Urgently Patch Your Next.js for Authorization Bypass

Oracle refutes breach after hacker claims 6 million data theft

By infosecbulletin / Sunday , March 23 2025
A hacker known as “rose87168” claims to have stolen six million records from Oracle Cloud servers. The stolen data includes...
Read More
Oracle refutes breach after hacker claims 6 million data theft

Russian zero-day seller to offer up to $4 million for Telegram exploits

By infosecbulletin / Saturday , March 22 2025
Operation Zero, a Russian zero-day broker, is offering up to $4 million for Telegram exploits. They seek $500K for one-click...
Read More
Russian zero-day seller to offer up to $4 million for Telegram exploits

Cybercriminals Exploit Checkpoint’s Driver in a BYOVD Attack

By infosecbulletin / Friday , March 21 2025
Threat actors are exploiting a component of CheckPoint's ZoneAlarm antivirus to bypass Windows security measures. Nima Bagheri, a security researcher...
Read More
Cybercriminals Exploit Checkpoint’s Driver in a BYOVD Attack

IBM and Veeam Release Patches in AIX System and Backup

By infosecbulletin / Friday , March 21 2025
IBM has resolved two critical vulnerabilities in its AIX operating system that could allow command execution. The list of shortcomings,...
Read More
IBM and Veeam Release Patches in AIX System and Backup

WhatsApp patched zero-click flaw exploited in spyware attacks

By infosecbulletin / Wednesday , March 19 2025
WhatsApp has patched a zero-click, zero-day vulnerability used to install Paragon's Graphite spyware following reports from security researchers at the...
Read More
WhatsApp patched zero-click flaw exploited in spyware attacks

CVE-2025-24472
CISA Warns of Fortinet FortiOS Auth Bypass Vuln Exploited in Wild

By infosecbulletin / Wednesday , March 19 2025
CISA has issued a critical alert about a critical vulnerability in Fortinet’s FortiOS and FortiProxy systems. CVE-2025-24472, an authentication bypass...
Read More
CVE-2025-24472 CISA Warns of Fortinet FortiOS Auth Bypass Vuln Exploited in Wild

These processors feature a quad-core ARM Cortex-A53 (64-bit) application processor, a dual-core ARM Cortex-R5 (32-bit) real-time processor, an ARM Mali-400 GPU, and programmable logic (FPGA).

The Linux kernel is a strong foundation for embedded and general-purpose applications on devices. If unpatched, these flaws could let attackers gain unauthorized access or disrupt systems.

“Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system”.

The patch fixes hundreds of CVEs across various subsystems, architectures, drivers, and protocols. A full list of fixed CVEs can be found in the official security notice.

The new Linux kernel update brings important security fixes and performance enhancements across several subsystems:

Architectures: Updates for ARM32, x86, RISC-V, and S390.
File Systems: Enhanced security and performance for BTRFS, Ext4, GFS2, Ceph, NFS, JFS, and F2FS.
Drivers: Fixes for GPU, USB, Bluetooth, GPIO, Ethernet bonding, and InfiniBand drivers.
Networking: Improvements to TCP, SCTP, IPv4, IPv6, Netfilter, and more.
Security Frameworks: Updates for SELinux and access control modules.
Core Components: Optimizations for memory management and tracing infrastructure.

Source: Ubuntu

Ubuntu has released security updates for vulnerabilities in other systems, along with subsystem updates.

Source: Ubuntu
The vulnerabilities impact various subsystems in the Linux kernel, highlighting their complexity. For the complete list, refer to the Ubuntu Security Notice (USN-7166-4). Canonical has released a kernel update for the linux-xilinx-zynqmp package, version 5.15.0-1039.43. Users should check their current version and upgrade to enhance system security.

Check Also

NVIDIA

NVIDIA Issues Warning of Multiple Vulnerabilities

NVIDIA has released urgent security advisories for multiple vulnerabilities in its Hopper HGX 8-GPU High-Performance …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin