GNU/Linux CVEs
-
Android, Debian & Ubuntu Top List Of CVE Vulnerabilities In 2016[Ed: while Microsoft lies]
On a CVE basis for the number of distinct vulnerabilities, Android is ranked as having the most vulnerability of any piece of software for 2016 followed by Debian and Ubuntu Linux while coming in behind them is the Adobe Flash Player.
The CVEDetails.com tracking service has compiled a list of software with the most active CVEs. The list isn't limited to just operating systems but all software with Common Vulnerabilities and Exposures.
-
Using systemd for more secure services in Fedora
The AF_PACKET local privilege escalation (also known as CVE-2016-8655) has been fixed by most distributions at this point; stable kernels addressing the problem were released on December 10. But, as a discussion on the fedora-devel mailing list shows, systemd now provides options that could help mitigate CVE-2016-8655 and, more importantly, other vulnerabilities that remain undiscovered or have yet to be introduced. The genesis for the discussion was a blog post from Lennart Poettering about the RestrictAddressFamilies directive, but recent systemd versions have other sandboxing features that could be used to head off the next vulnerability.
Fedora project leader Matthew Miller noted the blog post and wondered if the RestrictAddressFamilies directive could be more widely applied in Fedora. That directive allows administrators to restrict access to the network address families a service can use. For example, most services do not require the raw packet access that AF_PACKET provides, so turning off access to that will harden those services to some extent. But Miller was also curious if there were other systemd security features that the distribution should be taking advantage of.
- Login or register to post comments
- Printer-friendly version
- 1897 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago