All news with #red hat tag

🔒 Fragnesia (CVE-2026-46300) is a local Linux kernel privilege escalation that exploits the XFRM ESP-in-TCP subsystem to obtain a memory write primitive, enabling in-memory modification of security-sensitive files while bypassing standard filesystem permissions. A public PoC exists, but remote exploitation is not possible; an attacker needs local access and control of socket operations. Vendors including Red Hat and Ubuntu are issuing patches and workarounds, and administrators should update kernels, consider disabling esp4/esp6 or avoiding kernels built with CONFIG_INET_ESPINTCP, and increase monitoring until systems are patched.

🔒 On day one of Pwn2Own Berlin 2026 researchers earned $523,000 exploiting 24 unique zero-days, led by Orange Tsai, who collected $175,000 after chaining four logic flaws to escape the Microsoft Edge sandbox. Windows 11 was rooted three times for new privilege-escalation bugs, and Valentina Palmiotti secured payouts for Red Hat Workstations and an NVIDIA Container Toolkit flaw. The event focuses on enterprise and AI-targeted technologies.

🛡️A proposal from Linux kernel co-maintainer Sasha Levin would add a configurable kill switch allowing privileged operators to disable specific kernel functions as an emergency mitigation until a patch can be built and deployed. Levin and colleagues provided a suggested implementation and argue it reduces exposure when fleets cannot be rebooted immediately. The suggestion has split experts and admins, with some warning of operational risk and others, including Red Hat, supporting non-disruptive mitigations.

🔷 At Red Hat Summit 2026, Microsoft and Red Hat highlighted how Azure Red Hat OpenShift supports modernization and production AI by delivering consistent governance, security, and scale. Microsoft was named Platform Modernization Partner of the Year, underscoring joint customer outcomes. Banco Bradesco and Topicus illustrate production AI and regulated lending workloads running on the jointly managed platform. Key advances include OpenShift Virtualization, confidential containers, managed identities, expanded NVIDIA GPU support, and broader regional availability.

🔔 Google Cloud announced integrations and product updates to simplify running Red Hat OpenShift on its platform, including Google Cloud Cluster Services for OpenShift, a guided console cluster-creation experience, and the general availability of OpenShift Virtualization on OpenShift Dedicated. The updates emphasize cost optimization via custom machine types, Hyperdisk, and Axion processors, joint engineering with Red Hat, and configuration validation through Workload Manager to help migrate and modernize clusters. Supported integrations and middleware plugins aim to preserve OpenShift-native architecture while enabling selective adoption of managed Google services.

🔓 Nissan has disclosed that a third-party breach at Red Hat in September led to the exposure of about 21,000 customer records tied to its Fukuoka sales unit. The carmaker said it was notified by Red Hat on October 3 and has informed the Personal Information Protection Commission while contacting affected individuals. Exposed fields include names, addresses, phone numbers and partial email addresses, but not payment card data. Nissan warned customers to be vigilant for suspicious calls or mail while investigations continue.

🔓 Nissan confirmed that personal data for about 21,000 customers who purchased vehicles or received services at Nissan Fukuoka was exposed after a September breach of Red Hat's development environment. Leaked fields include full names, physical addresses, phone numbers, email addresses and sales-related customer data; no financial or credit card data were affected. Nissan says it has no evidence the data have been misused.

🚀 Over the past decade Microsoft and Red Hat have built a strategic partnership centered on open source and enterprise cloud innovation. Together they delivered offerings such as Red Hat Enterprise Linux on Azure and Azure Red Hat OpenShift, combining managed services, integrated support, and Marketplace availability. At Ignite 2025 the collaboration brought GA of OpenShift Virtualization and Confidential Containers, enabling VMs and hardware-isolated containers to run side-by-side for modernization and secure workloads.

🔓 A cybercrime collective known as ShinyHunters has launched a public extortion blog threatening to publish data stolen from dozens of major companies if ransoms are not paid. The group claims to have harvested Salesforce customer records via a May voice-phishing campaign, and also says it exfiltrated terabytes of files from a Red Hat GitLab server and Discord user data tied to a third-party provider. Security firms and affected vendors including Salesforce, Red Hat and Discord are investigating, while Google and other investigators link the activity to several related UNC clusters and warn of additional token thefts tied to Salesloft. Victim shaming, published exploit scripts for an Oracle E-Business Suite zero-day, and malware-laced threats have amplified the incident’s severity.

🔐 Red Hat is facing renewed extortion after a breach of its GitLab instance used by Red Hat Consulting was claimed to have exposed nearly 570GB of compressed data across thousands of repositories, including about 800 Customer Engagement Reports (CERs). The Crimson Collective initially claimed the theft and says it received no ransom response. The group announced a collaboration with Scattered Lapsus$ Hunters and has used the newly launched ShinyHunters leak site to press extortion demands, publishing CER samples and setting an October 10 deadline. Red Hat did not respond to inquiries.

⚠ Red Hat has patched a design flaw in OpenShift AI (CVE-2025-10725) with a CVSS score of 9.9 that can let an authenticated low-privilege user escalate to full cluster administrator and fully compromise clusters and hosted applications. The vulnerability stems from an overly permissive ClusterRole binding that grants broad permissions to system:authenticated. Red Hat advises removing the kueue-batch-user-role ClusterRoleBinding, tightening job-creation permissions to follow least privilege, and upgrading to fixed RHOAI images (2.19 and 2.21). Administrators should audit affected environments and apply the recommended fixes promptly.

🔒 An extortion group calling itself Crimson Collective claims to have exfiltrated nearly 570GB of compressed data from about 28,000 private GitHub repositories, including roughly 800 Customer Engagement Reports (CERs). Red Hat confirmed a security incident tied to its consulting business but would not validate the attackers’ specific claims, saying it has initiated remediation and sees no indication the issue affects its products or software supply chain. The group published directory listings and alleges finding authentication tokens and full database URIs that could be used to access downstream customer infrastructure.

🔒 Red Hat confirmed a security incident after an extortion group calling itself the Crimson Collective claimed to have stolen nearly 570GB of compressed data from roughly 28,000 internal repositories in a GitLab instance used solely for consulting engagements. The group alleges the haul includes about 800 Customer Engagement Reports (CERs) that may contain infrastructure details, authentication tokens, and database URIs. Red Hat says it is remediating the issue, has not verified the attackers' specific claims, and believes its software supply chain and other services remain unaffected.

🔒 Red Hat has disclosed a severe privilege escalation vulnerability in OpenShift AI (CVE-2025-10725) that can allow an authenticated, low-privileged user to escalate to full cluster administrator and fully compromise a deployment. The issue carries a CVSS score of 9.9 but is rated Important by Red Hat because exploitation requires an authenticated account. Affected releases include OpenShift AI 2.19, 2.21 and RHOAI. Administrators are advised to avoid broad ClusterRoleBindings such as binding kueue-batch-user-role to system:authenticated, and to grant job creation permissions only on a granular, need-to-know basis while applying vendor guidance.

🔧 Kali Linux 2025.3 delivers ten new tools and expanded Wi-Fi and NetHunter capabilities. Notable additions include Caido (client and server), Detect It Easy, Gemini CLI, krbrelayx, ligolo-mp, and vwifi-dkms for dummy Wi‑Fi networks. Nexmon support is restored for Broadcom/Cypress chips and Raspberry Pi devices, while NetHunter gains Samsung S10 support and CARsenal updates. Users can upgrade via the Kali rolling repository or download the new ISOs.