Canonical

The CIFSwitch vulnerability in the Linux kernel allows an unprivileged user to forge CIFS authentication key descriptions, abuse the kernel's key request mechanism, and gain root privileges by loading a malicious NSS module.

This brief outlines how Linux cgroups, a kernel feature for resource management, can be repurposed to provide valuable telemetry for detecting malicious processes, particularly in systemd, Docker, and Kubernetes environments, aiding in investigations of server compromises.

Ubuntu released security notices between May 4 and 10, 2026, addressing vulnerabilities in the Linux kernel affecting Ubuntu 20.04 LTS, 22.04 LTS, 24.04 LTS, and 25.10, requiring timely updates.

The Dirty Frag vulnerability (CVE-2026-43284 and CVE-2026-43500) is a Linux kernel local privilege escalation that allows an unprivileged local user to gain root privileges by exploiting flaws in the networking subsystem to overwrite protected file contents in the page cache.

authd 0.6.0 contains a bug that leads to an incorrect primary group ID being set to the user's UID, potentially leading to local privilege escalation and incorrect file ownership, fixed in authd >= 0.6.4.