Good & Bad Comments Security Vulnerabilities

Are Your SaaS Backups as Secure as Your Production Data?

Conversations about data security tend to diverge into three main threads: How can we protect the data we store on our on-premises or cloud infrastructure? What strategies and tools or platforms can reliably backup and restore data? What would losing all this data cost us, and how quickly could...

CVE-2023-52811

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool In practice the driver should never send more commands than are allocated to a queue's event pool. In the unlikely event that this happens, the code asserts a BUG_ON,.....

CVE-2023-52771

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix delete_endpoint() vs parent unregistration race The CXL subsystem, at cxl_mem ->probe() time, establishes a lineage of ports (struct cxl_port objects) between an endpoint and the root of a CXL topology. Each port.....

CVE-2021-47492

In the Linux kernel, the following vulnerability has been resolved: mm, thp: bail out early in collapse_file for writeback page Currently collapse_file does not explicitly check PG_writeback, instead, page_has_private and try_to_release_page are used to filter writeback pages. This does not work...

Personal AI Assistants and Privacy

Microsoft is trying to create a personal digital assistant: At a Build conference event on Monday, Microsoft revealed a new AI-powered feature called "Recall" for Copilot+ PCs that will allow Windows 11 users to search and retrieve their past activities on their PC. To make it work, Recall...

How AI will change your credit card behind the scenes

Many companies are starting to implement Artificial Intelligence (AI) within their services. Whenever there are large amounts of data involved, AI offers a way to turn that pile of data into actionable insights. And there's a big chance that our data are somewhere in that pile, whether they can be....

gstreamer1-plugins-bad-free security update

[1.16.1-4.0.1] - Update origin URL [Orabug: 36209826] [1.16.1-4] - Patch CVE-2023-40474: Integer overflow - Patch CVE-2023-40475: Integer overflow - Patch CVE-2023-40476: Integer overflow in H.265 video parser - Resolves: RHEL-19500, RHEL-19504, RHEL-19507 [1.16.1-3] - Bump to avoid conflict with.....

libssh security update

[0.9.6-14] - Fix CVE-2023-48795 Prefix truncation attack on Binary Packet Protocol (BPP) - Fix CVE-2023-6918 Missing checks for return values for digests - Fix CVE-2023-6004 ProxyCommand/ProxyJump features allow injection of malicious code through hostname - Note: version is bumped from 12 to 14...

RHEL 8 : gstreamer1-plugins-bad-free (RHSA-2024:3060)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3060 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package...

RHEL 8 : go-toolset:rhel8 (RHSA-2024:3259)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3259 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): * golang:...

RHEL 8 : container-tools:rhel8 (RHSA-2024:2988)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2988 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): *...

kernel security, bug fix, and enhancement update

[4.18.0-553.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with...

RHEL 8 : Red Hat OpenStack Platform 16.2 (etcd) (RHSA-2024:3352)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3352 advisory. A highly-available key value store for shared configuration Security Fix(es): * Incomplete fix for CVE-2023-39325/CVE-2023-44487 in...

Silverstripe admin XSS Vulnerability via WYSIWYG editor

It is possible for a bad actor with access to the CMS to make use of onmouseover or onmouseout attributes in the WYSIWYG editor to embed malicious...

Silverstripe admin XSS Vulnerability via WYSIWYG editor

It is possible for a bad actor with access to the CMS to make use of onmouseover or onmouseout attributes in the WYSIWYG editor to embed malicious...

CVE-2021-47337

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 ("scsi: core: Fix error handling of scsi_host_alloc()") changed the allocation logic to call put_device() to perform host cleanup with...

CVE-2021-47369

In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix NULL deref in qeth_clear_working_pool_list() When qeth_set_online() calls qeth_clear_working_pool_list() to roll back after an error exit from qeth_hardsetup_card(), we are at risk of accessing card->qdio.in_q...

(RHSA-2024:3259) Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288) golang: net/http/cookiejar: incorrect forwarding of sensitive headers...

CVE-2021-47393

In the Linux kernel, the following vulnerability has been resolved: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs Fan speed minimum can be enforced from sysfs. For example, setting current fan speed to 20 is used to enforce fan speed to be at 100% speed,...

CVE-2021-47492

In the Linux kernel, the following vulnerability has been resolved: mm, thp: bail out early in collapse_file for writeback page Currently collapse_file does not explicitly check PG_writeback, instead, page_has_private and try_to_release_page are used to filter writeback pages. This does not work...

CVE-2021-47492

In the Linux kernel, the following vulnerability has been resolved: mm, thp: bail out early in collapse_file for writeback page Currently collapse_file does not explicitly check PG_writeback, instead, page_has_private and try_to_release_page are used to filter writeback pages. This does not...

CVE-2021-47492

In the Linux kernel, the following vulnerability has been resolved: mm, thp: bail out early in collapse_file for writeback page Currently collapse_file does not explicitly check PG_writeback, instead, page_has_private and try_to_release_page are used to filter writeback pages. This does not work...

Microsoft AI “Recall” feature records everything, secures far less

Developing an AI-powered threat to security, privacy, and identity is certainly a choice, but it's one that Microsoft was willing to make this week at its “Build” developer conference. On Monday, the computing giant unveiled a new line of PCs that integrate Artificial Intelligence (AI) technology.....

CVE-2021-47492 mm, thp: bail out early in collapse_file for writeback page

In the Linux kernel, the following vulnerability has been resolved: mm, thp: bail out early in collapse_file for writeback page Currently collapse_file does not explicitly check PG_writeback, instead, page_has_private and try_to_release_page are used to filter writeback pages. This does not work...

CVE-2021-47492 mm, thp: bail out early in collapse_file for writeback page

In the Linux kernel, the following vulnerability has been resolved: mm, thp: bail out early in collapse_file for writeback page Currently collapse_file does not explicitly check PG_writeback, instead, page_has_private and try_to_release_page are used to filter writeback pages. This does not work...

CVE-2021-47441

In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/class/thermal/thermal_zone2/cdev0/type mlxsw_fan # cat...

CVE-2021-47441

In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/class/thermal/thermal_zone2/cdev0/type mlxsw_fan # cat...

CVE-2021-47441

In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/class/thermal/thermal_zone2/cdev0/type mlxsw_fan # cat...

(RHSA-2024:3060) Moderate: gstreamer1-plugins-bad-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with...

(RHSA-2024:2988) Moderate: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): urllib3: urllib3 does not remove the authorization HTTP header when following a cross-origin redirect (CVE-2018-25091) golang: math/big.Rat: may cause a panic or...

CVE-2021-47441 mlxsw: thermal: Fix out-of-bounds memory accesses

In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/class/thermal/thermal_zone2/cdev0/type mlxsw_fan # cat...

CVE-2021-47441 mlxsw: thermal: Fix out-of-bounds memory accesses

In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/class/thermal/thermal_zone2/cdev0/type mlxsw_fan # cat...

CVE-2021-47492

In the Linux kernel, the following vulnerability has been resolved: mm, thp: bail out early in collapse_file for writeback page Currently collapse_file does not explicitly check PG_writeback, instead, page_has_private and try_to_release_page are used to filter writeback pages. This does not work...

Moderate: gstreamer1-plugins-bad-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with...

Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288) golang: net/http/cookiejar: incorrect forwarding of sensitive headers and...

Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288) golang: net/http/cookiejar: incorrect forwarding of sensitive headers and...

CVE-2021-47441

In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/class/thermal/thermal_zone2/cdev0/type mlxsw_fan # cat...

Moderate: gstreamer1-plugins-bad-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with...

CentOS 8 : gstreamer1-plugins-bad-free (CESA-2024:3060)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3060 advisory. GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary...

Fedora 40 : kernel (2024-92664ae6fe)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-92664ae6fe advisory. Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may...

How to remove a user from a shared Android device

Some of our loyal readers may remember my little mishap when I was able to track my wife by accident after inadvertently adding myself to her phone as a user. For exactly that reason we want to warn against sharing devices and at least show you how to remove other people’s accounts from your...

CVE-2023-52811

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool In practice the driver should never send more commands than are allocated to a queue's event pool. In the unlikely event that this happens, the code asserts a BUG_ON,.....

CVE-2023-52811

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool In practice the driver should never send more commands than are allocated to a queue's event pool. In the unlikely event that this happens, the code asserts a...

CVE-2023-52811

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool In practice the driver should never send more commands than are allocated to a queue's event pool. In the unlikely event that this happens, the code asserts a BUG_ON,.....

CVE-2023-52793

In the Linux kernel, the following vulnerability has been resolved: samples/bpf: syscall_tp_user: Fix array out-of-bound access Commit 06744f24696e ("samples/bpf: Add openat2() enter/exit tracepoint to syscall_tp sample") added two more eBPF programs to support the openat2() syscall. However, it...

CVE-2023-52771

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix delete_endpoint() vs parent unregistration race The CXL subsystem, at cxl_mem ->probe() time, establishes a lineage of ports (struct cxl_port objects) between an endpoint and the root of a CXL topology. Each port.....

CVE-2023-52771

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix delete_endpoint() vs parent unregistration race The CXL subsystem, at cxl_mem ->probe() time, establishes a lineage of ports (struct cxl_port objects) between an endpoint and the root of a CXL topology. Each port.....

CVE-2023-52771

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix delete_endpoint() vs parent unregistration race The CXL subsystem, at cxl_mem ->probe() time, establishes a lineage of ports (struct cxl_port objects) between an endpoint and the root of a CXL topology. Each port.....

CVE-2023-52739

In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in __free_pages When we upgraded our kernel, we started seeing some page corruption like the following consistently: BUG: Bad page state in process ganesha.nfsd pfn:1304ca ...

CVE-2023-52739

In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in __free_pages When we upgraded our kernel, we started seeing some page corruption like the following consistently: BUG: Bad page state in process ganesha.nfsd pfn:1304ca ...