4th Gen AMD EPYC™ Processors Security Vulnerabilities

linux-oem-6.1 vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash)....

Unbreakable Enterprise kernel security update

[5.15.0-204.147.6.2] - smb3: Replace smb2pdu 1-element arrays with flex-arrays (Kees Cook) [Orabug: 36353543] - hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (Shradha Gupta) [Orabug: 36358874] - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6688-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6688-1 advisory. Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them...

Linux kernel (OEM) vulnerabilities

Releases Ubuntu 22.04 LTS Packages linux-oem-6.1 - Linux kernel for OEM systems Details Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker...

Linux kernel vulnerabilities

Releases Ubuntu 20.04 LTS Ubuntu 18.04 ESM Packages linux-bluefield - Linux kernel for NVIDIA BlueField platforms linux-raspi-5.4 - Linux kernel for Raspberry Pi systems linux-xilinx-zynqmp - Linux kernel for Xilinx ZynqMP processors Details Wenqing Liu discovered that the f2fs file system...

Update now! JetBrains TeamCity vulnerability abused at scale

JetBrains issued a warning on March 4, 2024 about two serious vulnerabilities in TeamCity server. The flaws can be used by a remote, unauthenticated attacker with HTTP(S) access to a TeamCity on-premises server to bypass authentication checks and gain administrative control of the TeamCity server.....

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition for IBM Content Collector for SAP Applications

Summary Multiple Vulnerabilities were disclosed as part of the Oracle Jan 2024 Critical Patch Update. Vulnerability Details ** CVEID: CVE-2024-20918 DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause high confidentiality...

openSUSE: Security Advisory for the Linux (SUSE-SU-2023:0488-1)

The remote host is missing an update for...

Security Bulletin: IBM SDK, Java Technology Edition, Security Update February 2024

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8* that is used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates up to February 2024. IBM 8 SR8 FP20 (1.8.0_401). Vulnerability Details ** CVEID: CVE-2023-22067 ...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM Java SDK and Runtime Environment updates in the Oracle July 2023...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Installation Manager and IBM Packaging Utility

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2024-20952 ...

Security Bulletin: IBM® Db2® is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions. (CVE-2023-47152)

Summary IBM® Db2® is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions. Vulnerability Details ** CVEID: CVE-2023-47152 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to an...

CVE-2023-52585

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c:1183...

A New Way To Manage Your Web Exposure: The Reflectiz Product Explained

An in-depth look into a proactive website security solution that continuously detects, prioritizes, and validates web threats, helping to mitigate security, privacy, and compliance risks. [Reflectiz shields websites from client-side attacks, supply chain risks, data breaches, privacy violations,...

CVE-2023-52585

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c:1183...

CVE-2023-52585

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c:1183...

CVE-2023-52585

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c:1183...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c:1183...

CVE-2023-52585 drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c:1183...

CVE-2023-52585 drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c:1183...

CVE-2023-52585

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c:1183...

Linux kernel vulnerabilities

Releases Ubuntu 23.10 Ubuntu 22.04 LTS Packages linux - Linux kernel linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems linux-gcp-6.5 - Linux kernel for Google Cloud Platform (GCP) systems linux-laptop - Linux kernel for Lenovo X13s ARM laptops linux-lowlatency - Linux low...

The Dark Side of Innovation: Cybercriminals and Their Adoption of GenAI

The Dark Side of Innovation: Cybercriminals and Their Adoption of GenAI By Jambul Tologonov and John Fokker · March 06, 2024 In the ever-evolving threat landscape, the Trellix Advanced Research Center has been at the forefront of understanding and combating the dual-edged sword of Generative...

Badgerboard: A PLC backplane network visibility module

Analysis of the traffic between networked devices has always been of interest since devices could even communicate with one another. As the complexity of networks grew, the more useful dedicated traffic analysis tools became. Major advancements have been made over the years with tools like Snort...

Internet Bug Bounty: CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words()

TL;DR CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words() Details: django.utils.text.Truncator.words() method (with html=True) and truncatewords_html template filter were subject to a potential regular expression denial-of-service attack using a...

(RHSA-2024:1112) Important: linux-firmware security update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): hw: intel: Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi (CVE-2022-46329) hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine...

Apple Security Update: iOS 15.8.2 and iPadOS 15.8.2

Apple recommends to install security update iOS 15.8.2 and iPadOS 15.8.2 on devices iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th...

Stable Channel Update for ChromeOS / ChromeOS Flex

The Stable channel is being updated to 122.0.6045.214 (Platform version: 15753.38.0) for most ChromeOS devices and will be rolled out over the coming days. This build contains a number of bug fixes and security updates. If you find new issues, please let us know one of the following ways: File a...

CentOS: Security Advisory for iwl1000-firmware (CESA-2023:7513)

The remote host is missing an update for...

RHEL 8 : linux-firmware (RHSA-2024:1112)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1112 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): * hw:...

CVE-2023-6241

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

CVE-2023-6241

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

Race condition

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

CVE-2023-6241 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

Security Bulletin: IBM Cloud Pak for Network Automation 2.7 fixes multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.7 fixes multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2023-24998 DESCRIPTION: **Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number of request...

CVE-2023-6143

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

CVE-2023-6143

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

Race condition

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

CVE-2023-6143 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3683-2)

The remote host is missing an update for...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:0774-1)

The remote host is missing an update for...

openSUSE: Security Advisory for xen (SUSE-SU-2023:4475-1)

The remote host is missing an update for...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3704-2)

The remote host is missing an update for...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3704-1)

The remote host is missing an update for...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:2871-1)

The remote host is missing an update for...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3182-1)

The remote host is missing an update for...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2022:2424-2)

The remote host is missing an update for...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3680-1)

The remote host is missing an update for...

openSUSE: Security Advisory for kernel (SUSE-SU-2023:3298-1)

The remote host is missing an update for...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:4057-1)

The remote host is missing an update for...