Category: Linux
-
Bootkitty UEFI bootkit malware for Linux
Bootkitty is a type of advanced bootkit malware targeting Linux systems, specifically compromising the Unified Extensible Firmware Interface (UEFI) to achieve persistence and control over the boot process. Bootkitty exploits the Linux security vulnerability (CVE-2023-40238), known as LogoFAIL, to infect computers running on a vulnerable UEFI firmware. Key Features of Bootkitty on Linux: Detection and…
-
NVIDIA security vulnerability (CVE-2024-0126)
CVE-2024-0126 is a high-severity vulnerability affecting NVIDIA GPU Display Drivers for Windows and Linux. It stems from improper input validation (CWE-20) and could allow a privileged attacker to escalate permissions. Exploiting this vulnerability might lead to various outcomes, including arbitrary code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Affected versions…
-
Red Hat Linux security vulnerability (CVE-2024-10041)
CVE-2024-10041 is a vulnerability in the Pluggable Authentication Module (PAM) affecting Linux systems. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This…
-
NVIDIA security vulnerability (CVE-2024-0132)
CVE-2024-0132 is a critical vulnerability in NVIDIA Container Toolkit (versions 1.16.1 and earlier) and NVIDIA GPU Operator (versions 24.6.1 and earlier). It is classified as a Time-of-Check Time-of-Use (TOCTOU) issue, which could allow an attacker to exploit a flaw in how the container runtime accesses resources, potentially gaining access to the host file system through…