SUSE

Dream Security flags critical RCE vulnerability in GNU Inetutils telnetd, exposing ICS and OT systems

by

Dream Security Labs published a vulnerability advisory detailing a pre-authentication remote code execution flaw caused by a buffer overflow in the telnetd LINEMODE SLC handler. The research uncovered a critical buffer overflow vulnerability, CVE-2026-32746, in the GNU Inetutils telnetd daemon, specifically within the LINEMODE SLC option negotiation handler. An unauthenticated remote attacker can exploit the … Read more

CrackArmour flaws in AppArmour risk Linux root access

by

Qualys researchers have identified nine vulnerabilities in AppArmour that, they say, could let an unprivileged local Linux user gain root access and weaken container isolation on affected systems. Dubbed CrackArmour, the issues relate to how the Linux kernel handles AppArmour security profiles. Qualys characterised the underlying pattern as a “confused deputy” problem, in which a … Read more