Language Selection

English French German Italian Portuguese Spanish

Critical Linux Kernel Vulnerability Patched in Ubuntu 19.10 and 18.04.4 LTS

Filed under
Linux
Security
Ubuntu

Discovered by Manfred Paul, the security vulnerability (CVE-2020-8835) was found in Linux kernel’s BPF (Berkeley Packet Filter) verifier, which incorrectly calculated register bounds for certain operations.

This could allow a local attacker to either expose sensitive information (kernel memory) or gain administrative privileges and run programs as root user.

The security issue affects all Ubuntu 19.10 (Eoan Ermine) and Ubuntu 18.04.4 LTS (Bionic Beaver) releases running Linux kernel 5.3 on 64-bit, Raspberry Pi, KVM, as well as cloud environments like AWS, Azure, GCP, GKE, and Oracle Cloud.

Read more

More in Tux Machines

Android Leftovers

Python Programming

  • Add interactivity to your Python plots with Bokeh

    In this series of articles, I'm looking at the characteristics of different Python plotting libraries by making the same multi-bar plot in each one. This time I'm focusing on Bokeh (pronounced "BOE-kay"). Plotting in Bokeh is a little more complicated than in some of the other plotting libraries, but there's a payoff for the extra effort. Bokeh is designed both to allow you to create your own interactive plots on the web and to give you detailed control over how the interactivity works. I'll show this by adding a tooltip to the multi-bar plot I've been using in this series. It plots data from UK election results between 1966 and 2020.

  • Bruteforcing Emails Using a Simple Python Script

    Brute forcing is an essential part of hacking – it is the last resort, it offers hope and sometimes, it just works! Have you ever wanted to code a small script that would bruteforce email servers for you? It is imperative to remember that our brute forcing efforts are only as great as our password list, and as such, the list must be chosen with care. That said, first and foremost, we need to import the two modules we will need from Python.

  • Best Python Game Engines

    To write computer games (us oldies call them video games!), you may be wondering, “Where do I start?” To make a playable game in a decent timeframe while also learning how the program works, you will need a game framework. The framework creates many of the constructs that you will need for your games to function. You do not want to invent these yourself. These include how to draw anything to screen, how to detect a collision, and how to keep the score. Even making things move on the screen is complex without some underlying library. In this article, you will learn about which packages do what and how easy it is to get started on your game.

  • Week 1 Check-in

    During the community bonding period, i am working on the first step of my proposal. I have used shlex to split the shell script into tokens, and then find the seperator(&&|;) to concatenate the commands. After the review from my mentor, we find that we can improve the code. We do not need to split into tokens at first. Instead, we can directly find the seperator(&&|;) to seperate the commands. This will save a lot of time, since we are not going through every word in the shell script.

  • Backing up and restoring Zato Single Sign-On data

    This article presents a procedure for backing up all of Zato Single Sign-On (SSO) data and restoring it later on. A single Zato server with SQLite is used for simplicity reasons but the same principles hold regardless of the size of one's environment or the SQL database used.

  • Attrs, Dataclasses and Pydantic

    Attrs also adds a nice string representation, comparison methods, optional validation and lots of other stuff to your classes, if you want to. You can also opt out of everything; attrs is very flexible. Attrs became so popular, that since Python 3.7 we also have the dataclasses module in the standard library. It is predominantly inspired by attrs (the attrs team was involved in the design of data classes) but has a smaller feature set and will evolve a lot slower. But you can use it out-of-the box without adding a new requirement to your package.

Latest BlackArch Linux ISO Adds More Than 150 New Hacking Tools, Linux 5.6

Coming five months after the previous release, the BlackArch Linux 2020.06.01 ISOs are here packed with more than 150 new tools for all your penetration testing and ethical hacking needs. According to the team, this latest BlackArch Linux ISO a high-quality release, which means that all the included packages have been quality tested and numerous bugs were fixed, including missing dependencies. This is also the first BlackArch Linux release to ship with a newer kernel, namely Linux 5.6. The Linux kernel 5.6.14 is included in the ISO images for better hardware support. Read more

today's howtos