Tag Archives: Linux

July Linux Patch Wednesday

1 Reply

July Linux Patch Wednesday

July Linux Patch Wednesday. This time, there are 470 vulnerabilities, slightly fewer than in June. Of these, 291 are in the Linux Kernel. One vulnerability shows signs of being exploited in the wild (CISA KEV):

🔻 SFB – Chromium (CVE-2025-6554)

There are also 36 (❗️) vulnerabilities for which public exploits are available or suspected to exist. Notable among them:

🔸 RCE – Redis (CVE-2025-32023), pgAdmin (CVE-2024-3116), Git (CVE-2025-48384)
🔸 EoP – Sudo (CVE-2025-32462, CVE-2025-32463)
🔸 PathTrav – Tar (CVE-2025-45582)
🔸 XSS – jQuery (CVE-2012-6708)
🔸 SFB – PHP (CVE-2025-1220)
🔸 DoS – LuaJIT (CVE-2024-25177), Linux Kernel (CVE-2025-38089)
🔸 MemCor – DjVuLibre (CVE-2025-53367)

🗒 Full Vulristics report

На русском

June Linux Patch Wednesday

2 Replies

June Linux Patch Wednesday

June Linux Patch Wednesday. This time, there are 598 vulnerabilities, almost half as many as in May. Of these, 355 are in the Linux Kernel. There are signs of exploitation in the wild for 3 vulnerabilities (CISA KEV).

🔻 SFB – Chromium (CVE-2025-2783)
🔻 MemCor – Chromium (CVE-2025-5419)
🔻 CodeInj – Hibernate Validator (CVE-2025-35036). This vulnerability is exploited in attacks on Ivanti EPMM (CVE-2025-4428).

Additionally, for 40 (❗️) vulnerabilities public exploits are available or there are signs of their existence. Notable among them are:

🔸 RCE – Roundcube (CVE-2025-49113)
🔸 EoP – libblockdev (CVE-2025-6019)
🔸 DoS – Apache Tomcat (CVE-2025-48988), Apache Commons FileUpload (CVE-2025-48976)
🔸 InfDisc – HotelDruid (CVE-2025-44203)
🔸 DoS – ModSecurity (CVE-2025-47947)

🗒 Full Vulristics report

На русском

May

1 Reply

May

May Linux Patch Wednesday. This time: 1091 vulnerabilities. Of those, 716 are in the Linux Kernel. 🤯 5 vulnerabilities are exploited in the wild:

🔻 RCE – PHP CSS Parser (CVE-2020-13756). In AttackerKB, an exploit exists.
🔻 DoS – Apache ActiveMQ (CVE-2025-27533). In AttackerKB, an exploit exists.
🔻 SFB – Chromium (CVE-2025-4664). In CISA KEV.
🔻 PathTrav – buildkit (CVE-2024-23652) and MemCor – buildkit (CVE-2024-23651). In BDU FSTEC.

For 52 (❗️) more, there are signs of existing public exploits. Two trending vulnerabilities I’ve mentioned before::

🔸 RCE – Kubernetes “IngressNightmare” (CVE-2025-1974 and 4 others)
🔸 RCE – Erlang/OTP (CVE-2025-32433)

Exploits for these are also notable:

🔸 EoP – Linux Kernel (CVE-2023-53033)
🔸 XSS – Horde IMP (CVE-2025-30349)
🔸 PathTrav – tar-fs (CVE-2024-12905)
🔸 SFB – kitty (CVE-2025-43929)
🔸 DoS – libxml2 (CVE-2025-32414)

🗒 Full Vulristics report

На русском

April Linux Patch Wednesday

Leave a reply

April Linux Patch Wednesday

April Linux Patch Wednesday. Total vulnerabilities: 251. 👌 164 in the Linux Kernel. No vulnerabilities show signs of being exploited in the wild. There are 7 vulnerabilities that appear to have publicly available exploits.

For 2 vulnerabilities, exploit code with detailed explanation is available on GitHub. Both were first patched in RedOS packages:

🔸 SQL injection – Exim (CVE-2025-26794)
🔸 Code Injection – MariaDB (CVE-2023-39593)

For the Memory Corruption – Mozilla Firefox (CVE-2025-3028), the NVD states the exploit code is in Mozilla’s bug tracker, but access is restricted. 🤷‍♂️

BDU FSTEC reports public exploits for 4 vulnerabilities:

🔸 Information Disclosure – GLPI (CVE-2025-21626)
🔸 Security Feature Bypass – GLPI (CVE-2025-23024)
🔸 Denial of Service / Remote Code Execution – Perl (CVE-2024-56406)
🔸 Memory Corruption – Libsoup (CVE-2025-32050)

🗒 Full Vulristics report

На русском

March episode “In the Trend of VM” (#13): vulnerabilities of Microsoft, PAN-OS, СommuniGate and who should patch hosts with deployed application

Leave a reply

March episode “In the Trend of VM” (#13): vulnerabilities of Microsoft, PAN-OS, СommuniGate and who should patch hosts with deployed application. I’m posting the translated video with a big delay, but it’s better than never. 😉

📹 Video on YouTube and LinkedIn
🗞 Post on Habr (rus)
🗒 Digest on the PT website

Content:

🔻 00:00 Greetings
🔻 00:31 Elevation of Privilege – Windows Ancillary Function Driver for WinSock (CVE-2025-21418)
🔻 01:12 Elevation of Privilege – Windows Storage (CVE-2025-21391)
🔻 01:53 Authentication Bypass – PAN-OS (CVE-2025-0108)
🔻 03:09 Remote Code Execution – CommuniGate Pro (BDU:2025-01331)
🔻 04:27 The VM riddle: who should patch hosts with a deployed application?
🔻 07:11 About the digest of trending vulnerabilities

На русском

March Linux Patch Wednesday

Leave a reply

March Linux Patch Wednesday

March Linux Patch Wednesday. Total vulnerabilities: 1083. 😱 879 in the Linux Kernel. 🤦‍♂️ Two vulnerabilities show signs of exploitation in the wild:

🔻 Code Injection – GLPI (CVE-2022-35914). An old vulnerability from CISA KEV, but first patched on March 3 in RedOS Linux.
🔻 Memory Corruption – Safari (CVE-2025-24201). Fixed in WebKitGTK packages in Linux repositories.

There are 19 vulnerabilities with publicly available exploits. Notable ones:

🔸 Remote Code Execution – Apache Tomcat (CVE-2025-24813)
🔸 Command InjectionSPIP (CVE-2024-8517)
🔸 Memory CorruptionAssimp (CVE-2025-2152)
🔸 Memory Corruption – libxml2 (CVE-2025-27113)

The Elevation of Privilege vulnerability in the Linux Kernel (CVE-2022-49264) has no public exploit yet. However, it resembles well-known PwnKit (CVE-2021-4034).

🗒 Full Vulristics report

На русском

February Linux Patch Wednesday

Leave a reply

February Linux Patch Wednesday

February Linux Patch Wednesday. There are 561 vulnerabilities in total. 338 in Linux Kernel. Formally, there is one vulnerability with a sign of exploitation in the wild: RCE – 7-Zip (CVE-2025-0411). But it is about Windows MoTW and, naturally, is not exploitable on Linux.

There are public exploits for 21 vulnerabilities.

Among them there are 5 Cacti vulnerabilities:

🔸 RCE – Cacti (CVE-2025-24367)
🔸 Command Injection – Cacti (CVE-2025-22604)
🔸 SQLi – Cacti (CVE-2024-54145, CVE-2025-24368)
🔸 Path Traversal – Cacti (CVE-2024-45598)

2 OpenSSH vulnerabilities discovered by Qualys:

🔸 DoS – OpenSSH (CVE-2025-26466)
🔸 Spoofing/MiTM – OpenSSH (CVE-2025-26465)

Of the rest, the most interesting are:

🔸 RCE – Langchain (CVE-2023-39631), Snapcast (CVE-2023-36177), Checkmk (CVE-2024-13723),
🔸 EoP – Linux Kernel (CVE-2024-50066)
🔸 SQLi – PostgreSQL (CVE-2025-1094)
🔸 XSS – Checkmk (CVE-2024-13722), Thunderbird (CVE-2025-1015)

🗒 Full Vulristics report

На русском