Overview It’s the end of the year for official duties for the Ubuntu Security team so wetake a look back on the security highlights of 2024 for Ubuntu and predict what is coming in 2025. 2024 Year in Review for Ubuntu Security (00:55) full-disclosure necromancy with zombie CVEs full-disclosure spammed with zombie CVEs from Episode 217 Development o…

Overview This week we dive into the details of a number of local privilege escalationvulnerablities discovered by Qualys in the needrestart package, covering topicsfrom confused deputies to the inner workings of the /proc filesystem andresponsible disclosure as well. Deep dive into needrestart local privilege escalation vulnerabilities https://blog…

Overview This week we take a deep dive into the latest Linux malware, GoblinRAT to lookat how malware is evolving to stay stealthy and evade detection and how malwareauthors are learning from modern software development along the way. GoblinRAT Linux Malware teardown https://rt-solar.ru/solar-4rays/blog/4861/ Solar 4RAYS team (Cyber Threat Research…

Overview For the third and final part in our series for Cybersecurity Awareness Month,Alex is again joined by Luci as well as Diogo Sousa to discuss future trends incybersecurity and the likely threats of the future. Get in contact [email protected] #ubuntu-security on the Libera.Chat IRC network ubuntu-hardened mailing list Security section on d…

Overview In the second part of our series for Cybersecurity Awareness Month, Luci is backwith Alex, along with Eduardo Barretto to discuss our top cybersecurity bestpractices. Get in contact [email protected] #ubuntu-security on the Libera.Chat IRC network ubuntu-hardened mailing list Security section on discourse.ubuntu.com @ubuntusecurity@fosst…

Overview For the first in a 3-part series for Cybersecurity Awareness month, LuciStanescu joins Alex to discuss the recent CUPS vulnerabilities as well as theevolution of cybersecurity since the origin of the internet. Get in contact [email protected] #ubuntu-security on the Libera.Chat IRC network ubuntu-hardened mailing list Security section on…

Overview John and Maximé have been talking about Ubuntu’s AppArmor user namespacerestrictions at the the Linux Security Summit in Europe this past week, plus wecover some more details from the official announcement of permission promptingin Ubuntu 24.10, a new release of Intel TDX for Ubuntu 24.04 LTS and more. This week in Ubuntu Security Updates …

Overview The long awaited preview of snapd-based AppArmor file prompting is finallyseeing the light of day, plus we cover the recent 24.04.1 LTS release and thepodcast officially moves to a fortnightly cycle. This week in Ubuntu Security Updates 45 unique CVEs addressed [USN-6972-4] Linux kernel (Oracle) vulnerabilities 18 CVEs addressed in Xenial …

Overview A recent Microsoft Windows update breaks Linux dual-boot - or does it? This weekwe look into reports of the recent Windows patch-Tuesday update breakingdual-boot, including a deep-dive into the technical details of Secure Boot,SBAT, grub, shim and more, plus we look at a vulnerability in GNOME Shell andthe handling of captive portals as we…

Overview This week we take a deep dive behind-the-scenes look into how the team handled arecent report from Snyk’s Security Lab of a local privilege escalationvulnerability in wpa_supplicant plus we cover security updates in PrometheusAlertmanager, OpenSSL, Exim, snapd, Gross, curl and more. This week in Ubuntu Security Updates 185 unique CVEs addr…

Overview This week we take a look at the recent Crowdstrike outage and what we can learnfrom it compared to the testing and release process for security updates inUbuntu, plus we cover details of vulnerabilities in poppler, phpCAS, EDK II,Python, OpenJDK and one package with over 300 CVE fixes in a single update. This week in Ubuntu Security Update…

Overview This week we deep-dive into one of the best vulnerabilities we’ve seen in a longtime regreSSHion - an unauthenticated, remote, root code-execution vulnerabilityin OpenSSH. Plus we cover updates for Plasma Workspace, Ruby, Netplan,FontForge, OpenVPN and a whole lot more. This week in Ubuntu Security Updates 39 unique CVEs addressed [USN-684…

Overview A look into CISA’s Known Exploited Vulnerability Catalogue is on our minds thisweek, plus we look at vulnerability updates for gdb, Ansible, CUPS, libheif,Roundcube, the Linux kernel and more. This week in Ubuntu Security Updates 175 unique CVEs addressed [USN-6842-1] gdb vulnerabilities (01:10) 6 CVEs addressed in Xenial ESM (16.04 ESM), …

Overview This week we bring you a special edition of the podcast, featuring an interviewbetween Ijlal Loutfi and Karen Horovitz who deep-dive into ConfidentialComputing. Ranging from a high-level discussion of the need for and the featuresprovided by confidential computing, through to the specifics of how this isimplemented in Ubuntu and a look at …

Overview As the podcast winds down for a break over the next month, this week we talkabout RSA timing side-channel attacks and the recently announced DNSBombvulnerability as we cover security updates in VLC, OpenSSL, Netatalk, WebKitGTK,amavisd-new, Unbound, Intel Microcode and more. This week in Ubuntu Security Updates 152 unique CVEs addressed [U…

Overview The team is back from Madrid and this week we bring you some of our plans forthe upcoming Ubuntu 24.10 release, plus we talk about Google’s kernelCTF projectand Mozilla’s PDF.js sandbox when covering security updates for the Linuxkernel, Firefox, Spreadsheet::ParseExcel, idna and more. This week in Ubuntu Security Updates 121 unique CVEs a…

Overview Ubuntu 24.04 LTS is finally released and we cover all the new security featuresit brings, plus we look at security vulnerabilities in, and updates for,FreeRDP, Zabbix, CryptoJS, cpio, less, JSON5 and a heap more. This week in Ubuntu Security Updates 61 unique CVEs addressed [USN-6749-1] FreeRDP vulnerabilities (00:45) 7 CVEs addressed in F…

Overview John and Georgia are at the Linux Security Summit presenting on some longawaited developments in AppArmor and we give you all the details in a sneak peekpreview as well as some of the other talks to look out for, plus we coversecurity updates for NSS, Squid, Apache, libvirt and more and we put out a callfor testing of a pending AppArmor se…

Overview This week we cover the recent reports of a new local privilege escalationexploit against the Linux kernel, follow-up on the xz-utils backdoor from lastweek and it’s the beta release of Ubuntu 24.04 LTS - plus we talk securityvulnerabilities in the X Server, Django, util-linux and more. This week in Ubuntu Security Updates 76 unique CVEs ad…

Overview It’s been an absolutely manic week in the Linux security community as the newsand reaction to the recent announcement of a backdoor in the xz-utils projectwas announced late last week, so we dive deep into this issue and discuss how itimpacts Ubuntu and give some insights for what this means for the open sourceand Linux communities in the …

Overview This week we bring you a sneak peak of how Ubuntu 23.10 fared at Pwn2OwnVancouver 2024, plus news of malicious themes in the KDE Store and we coversecurity updates for the Linux kernel, X.Org X Server, TeX Live, Expat, Bash andmore. This week in Ubuntu Security Updates 61 unique CVEs addressed [USN-6681-3] Linux kernel vulnerabilities (00:…

Overview We cover recent Linux malware from the Magnet Goblin threat actor, plus the newsof Ubuntu 23.10 as a target in Pwn2Own Vancouver 2024 and we detailvulnerabilities in Puma, AccountsService, Open vSwitch, OVN, and more. This week in Ubuntu Security Updates 102 unique CVEs addressed [USN-6679-1] FRR vulnerability (01:11) 1 CVEs addressed in J…

Overview Andrei is back to discuss recent academic research into malware within thePython/PyPI ecosystem and whether it is possible to effectively combat it withopen source tooling, plus we cover security updates for Unbound, libuv, node.js,the Linux kernel, libgit2 and more. This week in Ubuntu Security Updates 56 unique CVEs addressed [USN-6665-1…

Overview The Linux kernel.org CNA has assigned their first CVEs so we revisit this topicto assess the initial impact on Ubuntu and the CVE ecosystem, plus we coversecurity updates for Roundcube Webmail, less, GNU binutils and the Linux kernelitself. This week in Ubuntu Security Updates 64 unique CVEs addressed [USN-6647-1] Linux kernel vulnerabilit…

Overview This week the Linux kernel project announced they will be assigning their ownCVEs so we discuss the possible implications and fallout from such a shift, pluswe cover vulnerabilities in the kernel, Glance_store, WebKitGTK, Bind and more. This week in Ubuntu Security Updates 64 unique CVEs addressed [LSN-0100-1] Linux kernel vulnerability (0…

Overview AppArmor unprivileged user namespace restrictions are back on the agenda thisweek as we survey the latest improvements to this hardening feature in theupcoming Ubuntu 24.04 LTS, plus we discuss SMTP smuggling in Postfix, runCcontainer escapes and Qualys’ recent disclosure of a privilege escalationexploit for GNU libc and more. This week in…

Overview For the first episode of 2024 we take a look at the case of a raft of bogus FOSSCVEs reported on full-disclosure as well as AppSec tools in Ubuntu and the EOLannouncement for 23.04, plus we cover vulnerabilities in the Linux kernel, Puma,Paramiko and more. This week in Ubuntu Security Updates 81 unique CVEs addressed [USN-6601-1] Linux ker…

Overview For the final episode of 2023 we discuss creating PoCs for vulns in tar and thelooming EOL for Ubuntu 23.04, plus we look into security updates for curl,BlueZ, Netatalk, GNOME Settings and a heap more. This week in Ubuntu Security Updates 57 unique CVEs addressed [USN-6535-1] curl vulnerabilities (00:54) 2 CVEs addressed in Focal (20.04 LT…

Overview Mark Esler is our special guest on the podcast this week to discuss theOpenSSF’s Compiler Options Hardening Guide for C/C++ plus we covervulnerabilities and updates for GIMP, FreeRDP, GStreamer, HAProxy and more. This week in Ubuntu Security Updates 65 unique CVEs addressed [USN-6521-1] GIMP vulnerabilities (00:50) 6 CVEs addressed in Foca…

Overview This week we take a deep dive into the Reptar vuln in Intel processors plus welook into some relic vulnerabilities in Squid and OpenZFS and finally we detailnew hardening measures in tracker-miners to keep your desktop safer. This week in Ubuntu Security Updates 115 unique CVEs addressed [USN-6481-1] FRR vulnerabilities (01:21) 2 CVEs addr…

Overview As we ease back into regular programming, we cover the various activities theteam got up to over the past few weeks whilst away in Riga for the Ubuntu Summitand Ubuntu Engineering Sprint. Goings on in Ubuntu Security Community Ubuntu Security team at the Ubuntu Summit (00:48) Preparation for Riga Product Roadmap Sprint, Ubuntu Summit and E…

Overview With the Ubuntu Summit just around the corner, we preview a couple talks by theUbuntu Security team, plus we look at security updates for OpenSSL, Sofia-SIP,AOM, ncurses, the Linux kernel and more. This week in Ubuntu Security Updates 91 unique CVEs addressed [USN-6437-1] VIPS vulnerabilities (00:35) 5 CVEs addressed in Xenial ESM (16.04 E…

Overview After a well-deserved break, we’re is back looking at the recent Ubuntu 23.10release and the significant security technologies it introduces along with acall for testing of unprivileged user namespace restrictions, plus the detailsof security updates for curl, Samba, iperf3, CUE and more. This week in Ubuntu Security Updates 26 unique CVEs…

Overview It’s the Linux Security Summit in Bilbao this week and we bring you somehighlights from our favourite talks, plus we cover the 25 most stubborn softwareweaknesses, and we look at security updates for Open VM Tools, libwebp, Django,binutils, Indent, the Linux kernel and more. This week in Ubuntu Security Updates 88 unique CVEs addressed [US…

Overview Andrei is back this week with a deep dive into recent research around CVSSscoring inconsistencies, plus we look at a recent Ubuntu blog post on theinternals of package updates and the repositories, and we cover security updatesin Apache Shiro, GRUB2, CUPS, RedCloth, curl and more. This week in Ubuntu Security Updates 77 unique CVEs address…

Overview This week we detail the recently announced and long-awaited feature ofTPM-backed full-disk encryption for the upcoming Ubuntu 23.10 release, plus wecover security updates for elfutils, GitPython, atftp, BusyBox, Docker Registryand more. This week in Ubuntu Security Updates 93 unique CVEs addressed [USN-6322-1] elfutils vulnerabilities (00:…

Overview This week we cover reports of “fake” CVEs and their impact on the FOSS securityecosystem, plus we look at security updates for PHP, Fast DDS, JOSE for C/C++,the Linux kernel, AMD Microcode and more. This week in Ubuntu Security Updates 83 unique CVEs addressed [USN-6305-1] PHP vulnerabilities (00:53) 2 CVEs addressed in Jammy (22.04 LTS), …

Overview This week we talk about HTTP Content-Length handling, intricacies of groupmanagement in container environments and making sure you check your return codeswhile covering vulns in HAProxy, Podman, Inetutils and more, plus we put a callout for input on using open source tools to secure your SDLC. This week in Ubuntu Security Updates 69 unique…

Overview We’re back after unexpectedly going AWOL last week to bring you the latest inUbuntu Security including the recently announced Downfall and GameOver(lay)vulnerabilities, plus we look at security updates for OpenSSH and GStreamer andwe detail plans for using AppArmor to restrict the use of unprivileged usernamespaces as an attack vector in f…

Overview This week we look at the recent Zenbleed vulnerability affecting some AMDprocessors, plus we cover security updates for the Linux kernel, a highprofile OpenSSH vulnerability and finally Andrei is back with a deep dive intorecent academic research around how to safeguard machine learning systems whenused across distributed deployments. This…

Overview This week we talk about the dual use purposes of eBPF - both for security andfor exploitation, and how you can keep your systems safe, plus we cover securityupdates for the Linux kernel, Ruby, SciPy, YAJL, ConnMan, curl and more. This week in Ubuntu Security Updates 80 unique CVEs addressed [USN-6220-1] Linux kernel vulnerabilities (00:50)…

Overview We take a sneak peek at the upcoming AppArmor 4.0 release, plus we covervulnerabilities in AccountsService, the Linux Kernel, ReportLab, GNU Screen,containerd and more. This week in Ubuntu Security Updates 50 unique CVEs addressed [USN-6190-1] AccountsService vulnerability (00:47) 1 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS), K…

Overview This week we look at the top 25 most dangerous vulnerability types, as well asthe announcement of the program for LSS EU, and we cover security updates forBind, the Linux kernel, CUPS, etcd and more. This week in Ubuntu Security Updates 36 unique CVEs addressed [USN-6183-1] Bind vulnerabilities (00:53) 2 CVEs addressed in Focal (20.04 LTS)…

Overview For our 200th episode, we discuss the impact of Red Hat’s decision to stoppublicly releasing the RHEL source code, plus we cover security updates forlibX11, GNU SASL, QEMU, VLC, pngcheck, the Linux kernel and a whole lot more. This week in Ubuntu Security Updates 73 unique CVEs addressed [USN-6163-1] pano13 vulnerabilities (01:08) 2 CVEs a…

Overview For our 199th episode Andrei looks at Fuzzing Configurations of Program Optionsplus we discuss Google’s findings on the io_uring kernel subsystem and we lookat vulnerability fixes for Netatalk, Jupyter Core, Vim, SSSD, GNU binutils, GLiband more. This week in Ubuntu Security Updates 53 unique CVEs addressed [USN-6145-1] Sysstat vulnerabili…

Overview This week we investigate the mystery of failing GPG signatures for the 16.04 ISOimages, plus we look at security updates for CUPS, Avahi, the Linux kernel, FRR,Go and more. This week in Ubuntu Security Updates 58 unique CVEs addressed [USN-6128-1, USN-6128-2] CUPS vulnerability (00:56) 1 CVEs addressed in Xenial ESM (16.04 ESM), Bionic ESM…

Overview The venerable Ubuntu 18.04 LTS release has transitioned into ESM, plus we lookat Till Kamppeter’s excellent guide on how to set up your GitHub projects toreceive private vulnerability reports, and we cover the week in security updatesincluding PostgreSQL, Jhead, the Linux kernel, Linux PTP, snapd and a whole lotmore. This week in Ubuntu Se…

Overview This week we look at some recent security developments from PyPI, the LinuxSecurity Summit North America and the pending transition of Ubuntu 18.04 to ESM,plus we cover security updates for cups-filter, the Linux kernel, Git, runC,ncurses, cloud-init and more. This week in Ubuntu Security Updates 83 unique CVEs addressed [USN-6083-1] cups-…

Overview Alex and Camila discuss security update management strategies after a recentoutage at Datadog was attributed to a security update for systemd on Ubuntu,plus we look at security vulnerabilities in the Linux kernel, OpenStack,Synapse, OpenJDK and more. This week in Ubuntu Security Updates 66 unique CVEs addressed [USN-6069-1] Linux kernel (R…

Overview The team are back from Prague and bring with them a new segment, drilling intorecent academic research in the cybersecurity space - for this inaugural segmentnew team member Andrei looks at modelling of attacks against network intrusiondetections systems, plus we cover the week in security updates looking atvulnerabilities in Django, Ruby,…