Researchers from Qualys uncovered a major vulnerability in an application that allows administrators to delegate limited root access to regular users. While most major Linux distributions have released fixed versions of sudo, administrators still have to verify their systems are protected.
A buffer overflow (CVE-2020-10713) in the GRUB 2 boot loader can allow an attacker to gain code execution on many Linux systems and possibly some Windows computers.
The WireGuard VPN is now a default part of the Linux 5.6 kernel.
A flaw in the sudo utility could allow a local user to gain root privileges if the pwfeedback option is enabled.
A vulnerability in many Linux distributions, as well as Android and iOS, can allow an attacker to hijack VPN connections in some cases.