Skip to main content
Tag

Linux

||

Most Linux Builds Need an Immediate Patch

By News, Patch ManagementNo Comments
[vc_single_image image=”25413″ img_size=”full”]

An Attacker Could Take Over Impacted Systems With 3 Commands or Less

A security researcher has discovered a highly critical flaw in X.Org Server package that impacts OpenBSD and most Linux distributions, including Debian, Ubuntu, CentOS, Red Hat, and Fedora.

The flaw, tracked as CVE-2018-14665, was introduced in X.Org server 1.19.0 package that remained undetected for almost two years and could have been exploited by a local attacker on the terminal or via SSH to elevate their privileges on a target system.

The X.Org foundation has now released X.Org Server version 1.20.3 with security patches to address the issue. While, popular distributions like OpenBSD, Debian, Ubuntu, CentOS, Red Hat, and Fedora have published their advisories to confirm the issue and working on the patch updates.

All Linux vendors are recommending all customers update their operating systems as quickly as possible, all patches are available from OS vendors to address the vulnerability and are now available in Syxsense for immediate deployment.

Our discovery scan will identify every device with an IP address connected to your networks, including Linux devices.

Then, thanks to a comprehensive collection of inventory information, you can easily filter the device view and see which Linux devices need the required updates.

Within minutes you will have identified vulnerable devices and started a strategic remediation. Start a free trial of Syxsense and patch your Linux devices.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
|

Red Hat Vulnerabilities Exposed

By NewsNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Red Hat Linux DHCP Client Vulnerability

Red Hat has been made aware of a couple of flaws in the way the Linux kernel handles exceptions triggered after the POP SS and MOV to SS instructions, these are identified as CVE-2018-8897 & CVE-2018-1087.

These issues could lead to a denial of service (DoS) for unpatched systems.

The second is a DHCP vulnerability, identified as CVE-2018-1111, could allow attackers to execute arbitrary commands with root privileges on targeted systems. CVE-2018-1111 is rated as a Critical vulnerability and we would recommend our clients to deploy this update as quickly as possible.

The following Red Hat product versions are impacted:

  • Red Hat Enterprise Linux 5
  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux Atomic Host
  • Red Hat Enterprise MRG 2
  • Red Hat Virtualization Hypervisor 4
  • Red Hat Enterprise Virtualization Hypervisor 3

Patch Everything

All of the above are available to be patched using Syxsense. It’s critical to take action immediately to protect against these critical vulnerabilities.

Software vulnerabilities for Linux systems are among the top 20 most critical vulnerabilities by the FBI and the SANS Institute. Syxsense provides true network security, including Linux OS patching. Manage every threat with the click of a button.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]