How is Livepatch safeguarded against bad actors?
What safeguards the Livepatch security patching solution against bad actors and malicious code masquerading as an update? Learn about Secure Boot and module signing.
Categoría: Security
Fixes available for local privilege escalation vulnerability in libblockdev using udisks
Qualys discovered two vulnerabilities in various Linux distributions which allow local attackers to escalate privileges. The first vulnerability (CVE-2025-6018) was found in the PAM configuration. This CVE does not impact default Ubuntu installations because of how the pam_systemd.so and pam_env.so modules are invoked. The second vulnerability (CVE-2025-6019) affects both libblockdev and udisks2 source packages available […]
What if your container images were security-maintained at the source?
Software supply chain security has become a top concern for developers, DevOps engineers, and IT leaders. High-profile breaches and dependency compromises have shown that open source components can introduce risk if not properly vetted and maintained. Although containerization has become commonplace in contemporary development and deployment, it can have drawbacks in terms of reproducibility and […]
Apport local information disclosure vulnerability fixes available
Qualys discovered two vulnerabilities in various Linux distributions which allow a local attacker with permission to create user namespaces to leak core dumps for processes of suid executables. These affect both apport, the Ubuntu default core dump handler (CVE-2025-5054), and systemd-coredump, the default core dump handler in Red Hat Enterprise Linux, Fedora and other Linux […]
SONiC: The open source network operating system for modern data centers
Software for Open Networking in the Cloud (SONiC) is an open-source network operating system that has revolutionized data center networking. Originating as a Microsoft-led initiative in the Open Compute Project (OCP) in 2016, SONiC has rapidly gained traction among hyperscalers and switch hardware vendors, including Broadcom, Cisco, and NVIDIA. By building its services using containerized […]
What is Application Security (AppSec)?
Application security (or AppSec, for short) is a broad term that refers to all of the tools, actions, and processes that an organization uses to protect its applications against vulnerabilities across the entirety of its life cycle. Application security has one objective: to find weaknesses in your applications and systems that could be abused by malicious actors to gain unauthorized access, misuse the application, or make harmful modifications, and fix them before they become a problem
What is System Hardening? Essential Checklists from OS to Applications
Hardening a system aims to decrease its exposure to make it difficult to hack, and to lessen the potential collateral damage in the event of a compromise.