Researchers have uncovered a root privilege-escalation flaw that has been lurking in the Linux file system for at least seven years.
Researchers from Qualys uncovered a major vulnerability in an application that allows administrators to delegate limited root access to regular users. While most major Linux distributions have released fixed versions of sudo, administrators still have to verify their systems are protected.
A buffer overflow (CVE-2020-10713) in the GRUB 2 boot loader can allow an attacker to gain code execution on many Linux systems and possibly some Windows computers.
The WireGuard VPN is now a default part of the Linux 5.6 kernel.
A flaw in the sudo utility could allow a local user to gain root privileges if the pwfeedback option is enabled.