Avast Community

Security Warnings for Linux

Avast Business Avast Business for Linux

Asyn January 6, 2017, 12:21pm 21

KillDisk now targeting Linux: Demands $250K ransom, but can’t decrypt
http://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/

Asyn February 24, 2017, 6:53am 22

Linux kernel: CVE-2017-6074: DCCP double-free vulnerability (local root)
http://seclists.org/oss-sec/2017/q1/471

Asyn March 18, 2017, 5:42am 23

Positive Technologies discovers and fixes a dangerous 7-year old Linux Kernel vulnerability
https://www.ptsecurity.com/ww-en/about/news/199636/
http://seclists.org/oss-sec/2017/q1/569
http://seclists.org/oss-sec/2017/q1/572

Asyn April 19, 2017, 6:31am 24

Statement concerning the arrest of Dmitry Bogatov
https://www.debian.org/News/2017/20170417

Statement regarding Dmitry Bogatov
https://blog.torproject.org/blog/statement-regarding-dmitry-bogatov

Asyn June 13, 2017, 9:19am 25

SambaCry is coming
https://securelist.com/sambacry-is-coming/78674/

Asyn June 20, 2017, 1:12pm 26

The Stack Clash
https://blog.qualys.com/securitylabs/2017/06/19/the-stack-clash
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1be7107fbe18eed3e319a6c3e83c78254b693acb

Asyn July 20, 2017, 8:36am 27

Linux Users Urged to Update as a New Threat Exploits SambaCry
http://blog.trendmicro.com/trendlabs-security-intelligence/linux-users-urged-update-new-threat-exploits-sambacry/

Asyn August 16, 2017, 8:50am 28

GitLab 9.4.4, 9.3.10, 9.2.10, 9.1.10, 9.0.13, and 8.17.8 Critical Security Release
https://about.gitlab.com/2017/08/10/gitlab-9-dot-4-dot-4-released/

Asyn August 19, 2017, 2:55pm 29

ShadowPad in corporate networks
https://securelist.com/shadowpad-in-corporate-networks/81432/
https://cdn.securelist.com/files/2017/08/ShadowPad_technical_description_PDF.pdf

Asyn September 14, 2017, 8:59am 30

BlueBorne
The dangers of Bluetooth implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth stacks
http://go.armis.com/hubfs/BlueBorne%20Technical%20White%20Paper.pdf

Asyn October 8, 2017, 8:06am 31

Behind the Masq: Yet more DNS, and DHCP, vulnerabilities
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
https://github.com/google/security-research-pocs/tree/master/vulnerabilities/dnsmasq

Asyn October 18, 2017, 6:28am 32

Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2
https://www.krackattacks.com/
https://papers.mathyvanhoef.com/ccs2017.pdf
https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/
https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4

Asyn November 5, 2017, 5:41am 33

The TorMoil Bug – Tor Browser Critical Security Vulnerability
https://www.wearesegment.com/news/the-tormoil-bug-torbrowser-critical-security-vulnerability/
https://www.wearesegment.com/research/tormoil-torbrowser-unspecified-critical-security-vulnerability/
https://blog.torproject.org/tor-browser-709-released

Asyn December 6, 2017, 5:01am 34

CVE-2017-1000405: Linux kernel - “Dirty COW” variant on transparent huge pages
http://www.openwall.com/lists/oss-security/2017/11/30/1

Announcements