Security Issues in Cisco and Jenkins Passed Off as "Linux" Problems

posted by Roy Schestowitz on Oct 18, 2025

Fear, Uncertainty, Doubt (FUD) tactics

There has been some FUD lately in several slopfarms that we mentioned in Slopwatch. The one we mentioned 2 days ago painted a Cisco issue as "Linux" [1-3] and last night we showed how eBPF was painted as GNU and Linux, even if the underlying issue was in Jenkins [4]. Evidence found in AWS, which is proprietary, just like Cisco.

The corporate media is generally bad, but those sites claim to be tech sites. How can they get their reporting this wrong? They repeat and recycle the same lies/spin. █

Related/contextual items from the news:

Intrusions with Cisco SNMP bug facilitate Linux rootkit deployment [Ed: It's a Cisco issue, which they try to twist as "Linux"]

Older Linux systems have been compromised with rootkits in attacks involving the exploitation of a high-severity Cisco IOS and IOS XE Simple Network Management Protocol vulnerability, tracked as CVE-2025-20352, part of the Operation Zero Disco campaign, reports Security Affairs.
Operation Zero Disco: Threat actors targets Cisco SNMP flaw to drop Linux rootkits

Hackers exploit Cisco SNMP flaw CVE-2025-20352 in “Zero Disco” attacks to deploy Linux rootkits on outdated systems, researchers report.
Threat Actors Exploit Cisco SNMP Vulnerability To Install Linux Rootkits

Security researchers from Trend Micro have revealed the details of a sophisticated new cyber campaign dubbed Operation Zero Disco, which leverages a recently disclosed vulnerability in Cisco IOS and IOS XE Software to compromise aging network infrastructure. The attackers have reportedly been exploiting this flaw to implant Linux-based rootkits on unprotected or end-of-life devices, giving them long-term, stealthy access within enterprise environments.
LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets [Ed: This issue is in Jenkins]

The infection, per the French cybersecurity company, involved the attackers exploiting an exposed Jenkins server vulnerable to CVE-2024-23897 (CVSS score: 9.8) as the starting point, following which a malicious Docker Hub image named "kvlnt/vv" (now removed) was deployed on several Kubernetes clusters.

Other Recent Techrights' Posts

Before Freenode Collapsed Its Staff (the People Who Now Run Libera.Chat) Were Censoring/Silencing Some Free Software Supporters: We still have this issue in the Free software community
All We Want to See is Any Form of Accountability in Europe's Largest Institutions: Because people at the top of institutions should never be above the law!
Misinformation/Disinformation Disguised as Information About GNU General Public Licenses (GNU GPL) Usage: GPL-type licences (reciprocal obligations) remain dominant
Gemini Links 08/11/2025: KeePassRX and Pluribus: Links for the day
IBM Layoffs Not Done, Terminations of Staff in India, Brazil, and Mexico Reported: This hopefully answers questions such as, "do the layoffs only impact US and Canada?"
Slopwatch: Brian Fagioli Targets "Linux" With LLMs, Google News Helps Blame "Linux" for Amazon WorkSpaces Flaws: Tonight's slopfest
Gemini Links 07/11/2025: Switzerland, k3s, and Privacy: Links for the day
Links 07/11/2025: Software Patents Squashed, Stock Markets Wobble Over Slop Uncertainties: Links for the day
A 19th Anniversary and High-Impact Exclusives: The end of 2025 will be very difficult for EPO management
The Register MS, Payroll First: GNU/Linux is a growing platform
Links 07/11/2025: US Government Shutdown Imperils Critical Functions, Slop in "AI" Clothing Debunked Some More, Bubble's Implosion Ongoing/Imminent According to Experts: Links for the day
Gemini Links 07/11/2025: No Goodbyes, Homelab, Mouse Keys / Pointer Keys: Links for the day
12 Years for Justice is Far Too Slow (and More People, Especially Women, Are Hurt): Why do police departments and legal systems fail to protect women?
Freenode and irc.com Are Still Around: It emulates retro terminals
We Don't Compete, We Analyse and Report: Principles are so much better than money and they're something money can never acquire
Red Hat is Also Laying Off Staff in India: Red Hat is a dishonest company
Finding Recent Talks of Richard Stallman: We already have many pages, documents, and media files. Organising them and helping people find them is the next Big Task.
Richard Stallman First Speaker at Ethereum Cypherpunk Congress the Weekend After This Coming Weekend: He'll be speaking over the Net
Diversity at Red Hat: Remember to judge corporations by their actions, not some Web pages with words in them
First the Python Software Foundation (PSF) Attacked Its Most Productive Volunteers. Now It Attacks Its Funding Sources.: The U.S. National Science Foundation (NSF) rejected by PSF
News of Substance About the EPO's Substance Abuse (Cocaine): EPO Cocaine Chronicles - link to archived BILD article and photos
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, November 06, 2025: IRC logs for Thursday, November 06, 2025
On Midlife Crises: Focus on the sabotage, not politics
Hallmark of Fake News: "Single-digit" (Percentage) and 1% Isn't the Same Thing: apparently "rebalancing" is the new layoffs euphemism
Links 07/11/2025: Patent Trolls Target Germany, Celebrities Visit Ukraine: Links for the day
Slopwatch: LinuxSecurity, Brian Fagioli, and Google News Boosting WebProNews (All Slopfarms): Those slopfarms just saturate the Web with misinformation and mindless chaff
Techrights and Tux Machines at Over 40: 19 years of Techrights and 21+ years of Tux Machines
IBM Mass Layoffs This Week Not Limited to North America, Red Hat Staff Terminated: Do not relocate for a company that sees you as nothing but a number or a "human resource"
Coming Soon: More Proof of Cocaine Use at Europe's Second-Largest Institution: Stay tuned
Entering Our 20th Year: ...and still looking for answers
Mailing lists vs Discourse forums: open source communities or commodities?: Reprinted with permission from Daniel Pocock
Links 06/11/2025: "Component Abuse Challenge", Google Play Store Deemed Too Monopolistic: Links for the day
Microsoft and Microsoft GitHub (and Rust @ Microsoft GitHub) the Future of Ubuntu, They Want the Same for Debian: Ubuntu is not the place to find freedom
Richard Stallman Was Right About LLM-based Chatbots: the passing fad, LLM-based chatbots
IBM Has Not Been Good for IBM's Red Hat (Which Microsoft Also Attempted to Buy): GAFAM or GIAFAM are not a force for good
Taking Back Control Over Technology We Purchase (Study, Modify, Enhance, and More): "The war on general-purpose computing continues
Links 06/11/2025: EFF Wants New Executive Director, Microsoft's Azure Falls Over Again: Links for the day
All Set for Tomorrow: Techrights waves
The Corporate Media Carries on With Patently Phony and Misleading Narrative About IBM's Mass Layoffs: Instead of rightly alleging business failure or commercial (leadership's) weakness it is offloading blame to some mindless buzzwords
IBM Isn't Hiring Based on Age Groups. It Still Hires Based on Salary Expectations.: It is not about the skills available, it's about the expected cost of labour
Estimating the Scale of IBM's Mass Layoffs This Week: there is no denying that the IBM layoffs are vast
Telling Our Story as Victims of Online Abuse: This post will not mention any names
Claim That EPO Quotas Brought Corruption and Mischief to Europe's Second-Largest Institution: Nowadays corruption is the norm at the EPO and there is even rampant substance abuse among the people who run the Office
Rust's "Memory Safety" Talking Point Ought to be Discarded in Light of Fil-C: new memory-safe C/C++ compiler
Claim That IBM Has Another 8 Days to Lay Off 'Expensive' Staff: The consensus in comments we see is, IBM is a terrible place to work in, treatment of its workers is appalling, it's utterly foolish to relocate in an effort to retain a job at IBM, and it's foolish to join the company in the first place
Science Demands Facts, Not Dogma: Saying that restricted hardware is not secure hardware should be common sense
Site Anniversary is Tomorrow: The celebrations might delay our EPO series somewhat
Launching Techrights Search: New search interface and locally hosted back end
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 05, 2025: IRC logs for Wednesday, November 05, 2025