The Linode Security Team

This week, we summarize a security vulnerability in the lelastic tool and recently discovered Panchan malware.

This week, we summarize Verizon’s Data Breach Investigation report for 2022 and a critical severity vulnerability in Confluence.

This week, we discuss issues and vulnerabilities discovered in open source projects including one within the Linux kernel netfilter subsystem.

This week, we discus a race condition in the Linux Perf subsystem, denial of service in BIND, and a Risk Assessment Calculator.

This week, we discuss high-severity vulnerabilities in Rubygems and Rsyslogs as well as the importance of defining secure coding practices.

This week, we discuss a Linux privilege escalation issue and vulnerabilities related to Rancher and Redis.

This week, we cover a Jira Security Advisory and other high-severity vulnerabilities in Java and Kubernetes’ ingress-nginx module. 

We discuss a vulnerability in GNU gzip's zgrep utility, new GitHub functionality that expands visibility into supply chain bugs, and more.

This week, we discuss Linux kernel and LDAP server vulnerabilities and a zero-day in a popular Java framework.

This week, we discuss a few high-severity vulnerabilities in Linux kernel, Apache, and openssl.

This week, we discuss high-severity vulnerabilities in the Linux kernel including the Dirty Pipe vulnerability.

This week, we discuss critical vulnerabilities in multiple products and services including Apache Cassandra, Redis, and more.