Network World

Google discloses serious Linux stack-buffer overflow bug in widely used C library

A Google security engineer studying an SSH connection to a host unexpectedly discovered a deeper, darker secret in the GNU C Library (glibc). Google later proved that a bug in this library could be ...
Ars Technica

Serious flaw that lurked in sudo for 9 years hands over root privileges

Sudo, a utility found in dozens of Unix-like operating systems, has received a patch for a potentially serious bug that allows unprivileged users to easily obtain unfettered root privileges on ...
ZDNet

Android SDK suffers from buffer overflow and lack of hardening

A classic buffer overflow exploit has been discovered in the Android software development kit (SDK) that impacts all versions of the Android Debug Bridge on Linux x86_64. The exploit scenario involved ...
Threat Post

Patched Code Execution Bug Affects Most Android Users

Researchers at IBM disclosed a serious buffer overflow vulnerability in Android 4.3 and earlier that could lead to code execution. The bug is patched in KitKat, but most users are on older versions. A ...
Network World

Kernel space: Details of the vmsplice() exploit

A recent Linux security hole allows local users to seize the power of root. We show the Linux bugs that came together to let it happen. Once all this has happened, control returns to vmsplice_to_pipe( ...
CSOonline

New Snort overflow exploit

Snort can be buffer overflowed. About once a year, Snort gets a buffer overflow vulnerability. Any piece of additional software in a defense strategy has to be carefully considered (e.g. Snort, ...