Good & Bad Comments Security Vulnerabilities

openSUSE: Security Advisory for postfix (SUSE-SU-2023:3394-1)

The remote host is missing an update for...

openSUSE: Security Advisory for gstreamer (SUSE-SU-2023:3220-1)

The remote host is missing an update for...

openSUSE: Security Advisory for frr (SUSE-SU-2023:3709-1)

The remote host is missing an update for...

CVE-2021-47100

In the Linux kernel, the following vulnerability has been resolved: ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module Hi, When testing install and uninstall of ipmi_si.ko and ipmi_msghandler.ko, the system crashed. The log as follows: [ 141.087026] BUG: unable to handle kernel paging....

openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:3840-1)

The remote host is missing an update for...

openSUSE: Security Advisory for nextcloud (openSUSE-SU-2023:0171-1)

The remote host is missing an update for...

openSUSE: Security Advisory for gstreamer (openSUSE-SU-2023:0379-1)

The remote host is missing an update for...

openSUSE: Security Advisory for bind (SUSE-SU-2024:0590-1)

The remote host is missing an update for...

openSUSE: Security Advisory for bind (SUSE-SU-2024:0574-1)

The remote host is missing an update for...

openSUSE: Security Advisory for nextcloud (openSUSE-SU-2023:0090-1)

The remote host is missing an update for...

Employee Management System 1.0-2024 SQL Injection

...

openSUSE: Security Advisory for yt (openSUSE-SU-2023:0374-1)

The remote host is missing an update for...

openSUSE: Security Advisory for gstreamer (SUSE-SU-2023:4875-1)

The remote host is missing an update for...

openSUSE: Security Advisory for gstreamer (SUSE-SU-2023:4594-1)

The remote host is missing an update for...

openSUSE: Security Advisory for exim (openSUSE-SU-2024:0007-1)

The remote host is missing an update for...

openSUSE: Security Advisory for dwarves and elfutils (SUSE-SU-2022:2614-2)

The remote host is missing an update for...

openSUSE: Security Advisory for modsecurity (openSUSE-SU-2023:0269-1)

The remote host is missing an update for...

openSUSE: Security Advisory for upx (openSUSE-SU-2023:0031-1)

The remote host is missing an update for...

openSUSE: Security Advisory for gstreamer (SUSE-SU-2023:4360-1)

The remote host is missing an update for...

openSUSE: Security Advisory for gstreamer (SUSE-SU-2023:4361-1)

The remote host is missing an update for...

Fedora 38 : bind / bind-dyndb-ldap (2024-fae88b73eb)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-fae88b73eb advisory. The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical...

openSUSE: Security Advisory for gstreamer (SUSE-SU-2023:4943-1)

The remote host is missing an update for...

openSUSE: Security Advisory for samba (SUSE-SU-2023:0160-1)

The remote host is missing an update for...

openSUSE: Security Advisory for samba (SUSE-SU-2023:0222-1)

The remote host is missing an update for...

openSUSE: Security Advisory for trivy (openSUSE-SU-2022:10081-1)

The remote host is missing an update for...

openSUSE: Security Advisory for lighttpd (openSUSE-SU-2022:10140-1)

The remote host is missing an update for...

openSUSE: Security Advisory for gstreamer (SUSE-SU-2023:4271-1)

The remote host is missing an update for...

openSUSE: Security Advisory for modsecurity (openSUSE-SU-2023:0257-1)

The remote host is missing an update for...

openSUSE: Security Advisory for gstreamer (openSUSE-SU-2023:0409-1)

The remote host is missing an update for...

openSUSE: Security Advisory for frr (SUSE-SU-2023:3762-1)

The remote host is missing an update for...

openSUSE: Security Advisory for gstreamer (SUSE-SU-2024:0005-1)

The remote host is missing an update for...

Kali Linux 2024.1 - Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2024.1. This release has various impressive updates. The summary of the changelog since the 2023.4 release from December is: Micro Mirror Free Software CDN - FCIX Software Mirror reached out offering to host our images, and we said yes 2024 Theme...

CVE-2023-52530

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is called by ieee80211_gtk_rekey_add() but returns 0 due to KRACK protection (identical key reinstall), ieee80211_gtk_rekey_add() will still return a...

CVE-2023-52530

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is called by ieee80211_gtk_rekey_add() but returns 0 due to KRACK protection (identical key reinstall), ieee80211_gtk_rekey_add() will still return a...

CVE-2023-52530

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is called by ieee80211_gtk_rekey_add() but returns 0 due to KRACK protection (identical key reinstall), ieee80211_gtk_rekey_add() will still return a...

CVE-2023-52499

In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476 FSP2 system: kernel tried to execute user page (b7ee2000) - exploit attempt? (uid: 0) BUG: Unable to handle kernel...

CVE-2023-52499

In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476 FSP2 system: kernel tried to execute user page (b7ee2000) - exploit attempt? (uid: 0) BUG: Unable to handle kernel...

CVE-2023-52499

In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476 FSP2 system: kernel tried to execute user page (b7ee2000) - exploit attempt? (uid: 0) BUG: Unable to handle...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476 FSP2 system: kernel tried to execute user page (b7ee2000) - exploit attempt? (uid: 0) BUG: Unable to handle kernel...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is called by ieee80211_gtk_rekey_add() but returns 0 due to KRACK protection (identical key reinstall), ieee80211_gtk_rekey_add() will still return a...

CVE-2023-52530 wifi: mac80211: fix potential key use-after-free

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is called by ieee80211_gtk_rekey_add() but returns 0 due to KRACK protection (identical key reinstall), ieee80211_gtk_rekey_add() will still return a...

CVE-2023-52530 wifi: mac80211: fix potential key use-after-free

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is called by ieee80211_gtk_rekey_add() but returns 0 due to KRACK protection (identical key reinstall), ieee80211_gtk_rekey_add() will still return a...

CVE-2023-52499 powerpc/47x: Fix 47x syscall return crash

In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476 FSP2 system: kernel tried to execute user page (b7ee2000) - exploit attempt? (uid: 0) BUG: Unable to handle kernel...

CVE-2023-52499 powerpc/47x: Fix 47x syscall return crash

In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476 FSP2 system: kernel tried to execute user page (b7ee2000) - exploit attempt? (uid: 0) BUG: Unable to handle kernel...

CVE-2023-52530

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is called by ieee80211_gtk_rekey_add() but returns 0 due to KRACK protection (identical key reinstall), ieee80211_gtk_rekey_add() will still return a...

Fedora: Security Advisory for gifsicle (FEDORA-2024-5e50570506)

The remote host is missing an update for...

Fedora: Security Advisory for gifsicle (FEDORA-2024-4672c1ff2d)

The remote host is missing an update for...

CVE-2023-52499

In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476 FSP2 system: kernel tried to execute user page (b7ee2000) - exploit attempt? (uid: 0) BUG: Unable to handle kernel...

4 Instructive Postmortems on Data Downtime and Loss

More than a decade ago, the concept of the 'blameless' postmortem changed how tech companies recognize failures at scale. John Allspaw, who coined the term during his tenure at Etsy, argued postmortems were all about controlling our natural reaction to an incident, which is to point fingers: "One.....

CVE-2021-47055

In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require write permission. Depending on the hardware MEMLOCK might even be write-once, e.g. for SPI-NOR...