Lucene search

K

Snapdragon Mobile, Small Cell SoC Security Vulnerabilities

rapid7blog
rapid7blog

Metasploit Weekly Wrap-Up 06/21/2024

Argument Injection for PHP on Windows This week includes modules that target file traversal and arbitrary file read vulnerabilities for software such as Apache, SolarWinds and Check Point, with the highlight being a module for the recent PHP vulnerability submitted by sfewer-r7. This module...

9.8CVSS

8.9AI Score

0.96EPSS

2024-06-21 06:53 PM
2
nvd
nvd

CVE-2024-38623

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Use variable length array instead of fixed size Should fix smatch warning: ntfs_set_label() error: __builtin_memcpy() 'uni->name' too small (20 vs...

EPSS

2024-06-21 11:15 AM
1
cve
cve

CVE-2024-38623

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Use variable length array instead of fixed size Should fix smatch warning: ntfs_set_label() error: __builtin_memcpy() 'uni->name' too small (20 vs...

6.7AI Score

EPSS

2024-06-21 11:15 AM
2
thn
thn

How to Use Tines's SOC Automation Capability Matrix

Created by John Tuckner and the team at automation and AI-powered workflow platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents. A...

7AI Score

2024-06-21 11:00 AM
26
cvelist
cvelist

CVE-2024-38623 fs/ntfs3: Use variable length array instead of fixed size

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Use variable length array instead of fixed size Should fix smatch warning: ntfs_set_label() error: __builtin_memcpy() 'uni->name' too small (20 vs...

EPSS

2024-06-21 10:18 AM
1
cve
cve

CVE-2024-2003

Local privilege escalation vulnerability allowed an attacker to misuse ESET's file operations during a restore operation from...

7.3CVSS

7.4AI Score

0.0004EPSS

2024-06-21 08:15 AM
1
malwarebytes
malwarebytes

Was T-Mobile compromised by a zero-day in Jira?

A moderator of the notorious data breach trading platform BreachForums is offering data for sale they claim comes from a data breach at T-Mobile. The moderator, going by the name of IntelBroker, describes the data as containing source code, SQL files, images, Terraform data, t-mobile.com...

10CVSS

8.2AI Score

0.001EPSS

2024-06-21 07:34 AM
4
pentestpartners
pentestpartners

Dodgy disks. My 32TB SSD Adventure

TL;DR "Hard drive” had reflashed firmware to make it look larger Buyer beware: Cheap storage may not be the value you think it is Background Earlier this year I found myself in need of various cheap electronic components. So naturally I turned to AliExpress. I came across a listing for a cheap...

7.5AI Score

2024-06-21 05:11 AM
redhatcve
redhatcve

CVE-2024-38541

In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not NULL initially) will....

7.5AI Score

0.0004EPSS

2024-06-20 05:57 PM
2
redhatcve
redhatcve

CVE-2024-38586

In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently.....

7.2AI Score

0.0004EPSS

2024-06-20 03:29 PM
2
redhatcve
redhatcve

CVE-2024-38578

In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 bytes....

7.1AI Score

0.0004EPSS

2024-06-20 03:27 PM
2
github
github

Execute commands by sending JSON? Learn how unsafe deserialization vulnerabilities work in Ruby projects

Can an attacker execute arbitrary commands on a remote server just by sending JSON? Yes, if the running code contains unsafe deserialization vulnerabilities. But how is that possible? In this blog post, we’ll describe how unsafe deserialization vulnerabilities work and how you can detect them in...

8.5AI Score

2024-06-20 03:00 PM
2
redhatcve
redhatcve

CVE-2024-38601

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new page. Following th...

6.8AI Score

0.0004EPSS

2024-06-20 02:56 PM
2
redhatcve
redhatcve

CVE-2024-38592

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Init ddp_comp with devm_kcalloc() In the case where conn_routes is true we allocate an extra slot in the ddp_comp array but mtk_drm_crtc_create() never seemed to initialize it in the test case I ran. For me, this...

7.1AI Score

0.0004EPSS

2024-06-20 02:55 PM
1
thn
thn

Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs

Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 (CVSS score: 7.5), the "UEFIcanhazbufferoverflow" vulnerability has been...

7.5CVSS

7.9AI Score

0.0004EPSS

2024-06-20 02:22 PM
13
redhatcve
redhatcve

CVE-2024-38618

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it allows a very small size, e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead to...

6.9AI Score

0.0004EPSS

2024-06-20 02:01 PM
1
wordfence
wordfence

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 10, 2024 to June 16, 2024)

_ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...

10CVSS

9.3AI Score

EPSS

2024-06-20 01:40 PM
2
openbugbounty
openbugbounty

mobile.060608.it Cross Site Scripting vulnerability OBB-3936870

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-20 10:45 AM
thn
thn

Chinese Cyber Espionage Targets Telecom Operators in Asia Since 2021

Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located in a single Asian country at least since 2021. "The attackers placed backdoors on the networks of targeted companies and also attempted to steal...

9.1CVSS

7.4AI Score

0.975EPSS

2024-06-20 10:22 AM
7
ubuntucve
ubuntucve

CVE-2024-38601

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new page. Following th...

6.9AI Score

0.0004EPSS

2024-06-20 12:00 AM
ubuntucve
ubuntucve

CVE-2024-38592

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Init ddp_comp with devm_kcalloc() In the case where conn_routes is true we allocate an extra slot in the ddp_comp array but mtk_drm_crtc_create() never seemed to initialize it in the test case I ran. For me, this...

7.1AI Score

0.0004EPSS

2024-06-20 12:00 AM
ubuntucve
ubuntucve

CVE-2024-38586

In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently.....

7.3AI Score

0.0004EPSS

2024-06-20 12:00 AM
ubuntucve
ubuntucve

CVE-2024-38578

In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 bytes....

7.2AI Score

0.0004EPSS

2024-06-20 12:00 AM
ubuntucve
ubuntucve

CVE-2024-38618

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it allows a very small size, e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead to...

7AI Score

0.0004EPSS

2024-06-20 12:00 AM
ubuntucve
ubuntucve

CVE-2024-38541

In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not NULL initially) will....

7.5AI Score

0.0004EPSS

2024-06-20 12:00 AM
thn
thn

Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw

Crypto exchange Kraken revealed that an unnamed security researcher exploited an "extremely critical" zero-day flaw in its platform to steal $3 million in digital assets and refused to return them. Details of the incident were shared by Kraken's Chief Security Officer, Nick Percoco, on X (formerly....

7.1AI Score

2024-06-19 04:40 PM
10
cve
cve

CVE-2024-38618

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it allows a very small size, e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead to...

6.5AI Score

0.0004EPSS

2024-06-19 02:15 PM
8
nvd
nvd

CVE-2024-38618

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it allows a very small size, e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead to...

0.0004EPSS

2024-06-19 02:15 PM
debiancve
debiancve

CVE-2024-38618

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it allows a very small size, e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead...

7AI Score

0.0004EPSS

2024-06-19 02:15 PM
1
nvd
nvd

CVE-2024-38601

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new page. Following th...

0.0004EPSS

2024-06-19 02:15 PM
cve
cve

CVE-2024-38601

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new page. Following th...

6.4AI Score

0.0004EPSS

2024-06-19 02:15 PM
8
debiancve
debiancve

CVE-2024-38601

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new page. Following th...

6.9AI Score

0.0004EPSS

2024-06-19 02:15 PM
debiancve
debiancve

CVE-2024-38592

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Init ddp_comp with devm_kcalloc() In the case where conn_routes is true we allocate an extra slot in the ddp_comp array but mtk_drm_crtc_create() never seemed to initialize it in the test case I ran. For me, this...

7.2AI Score

0.0004EPSS

2024-06-19 02:15 PM
nvd
nvd

CVE-2024-38592

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Init ddp_comp with devm_kcalloc() In the case where conn_routes is true we allocate an extra slot in the ddp_comp array but mtk_drm_crtc_create() never seemed to initialize it in the test case I ran. For me, this...

0.0004EPSS

2024-06-19 02:15 PM
cve
cve

CVE-2024-38592

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Init ddp_comp with devm_kcalloc() In the case where conn_routes is true we allocate an extra slot in the ddp_comp array but mtk_drm_crtc_create() never seemed to initialize it in the test case I ran. For me, this...

6.7AI Score

0.0004EPSS

2024-06-19 02:15 PM
9
nvd
nvd

CVE-2024-38586

In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently.....

0.0004EPSS

2024-06-19 02:15 PM
cve
cve

CVE-2024-38586

In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently.....

6.8AI Score

0.0004EPSS

2024-06-19 02:15 PM
7
debiancve
debiancve

CVE-2024-38586

In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer,...

7.3AI Score

0.0004EPSS

2024-06-19 02:15 PM
debiancve
debiancve

CVE-2024-38578

In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3...

7.2AI Score

0.0004EPSS

2024-06-19 02:15 PM
cve
cve

CVE-2024-38578

In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 bytes....

6.7AI Score

0.0004EPSS

2024-06-19 02:15 PM
7
nvd
nvd

CVE-2024-38578

In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 bytes....

0.0004EPSS

2024-06-19 02:15 PM
nvd
nvd

CVE-2024-38541

In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not NULL initially) will....

0.0004EPSS

2024-06-19 02:15 PM
2
debiancve
debiancve

CVE-2024-38541

In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not NULL initially)...

7.5AI Score

0.0004EPSS

2024-06-19 02:15 PM
cve
cve

CVE-2024-38541

In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not NULL initially) will....

7AI Score

0.0004EPSS

2024-06-19 02:15 PM
9
cvelist
cvelist

CVE-2024-38618 ALSA: timer: Set lower bound of start tick time

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it allows a very small size, e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead to...

0.0004EPSS

2024-06-19 01:56 PM
1
vulnrichment
vulnrichment

CVE-2024-38618 ALSA: timer: Set lower bound of start tick time

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it allows a very small size, e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead to...

6.8AI Score

0.0004EPSS

2024-06-19 01:56 PM
cvelist
cvelist

CVE-2024-38601 ring-buffer: Fix a race between readers and resize checks

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new page. Following th...

0.0004EPSS

2024-06-19 01:48 PM
2
vulnrichment
vulnrichment

CVE-2024-38592 drm/mediatek: Init `ddp_comp` with devm_kcalloc()

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Init ddp_comp with devm_kcalloc() In the case where conn_routes is true we allocate an extra slot in the ddp_comp array but mtk_drm_crtc_create() never seemed to initialize it in the test case I ran. For me, this...

7AI Score

0.0004EPSS

2024-06-19 01:45 PM
cvelist
cvelist

CVE-2024-38592 drm/mediatek: Init `ddp_comp` with devm_kcalloc()

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Init ddp_comp with devm_kcalloc() In the case where conn_routes is true we allocate an extra slot in the ddp_comp array but mtk_drm_crtc_create() never seemed to initialize it in the test case I ran. For me, this...

0.0004EPSS

2024-06-19 01:45 PM
1
cvelist
cvelist

CVE-2024-38586 r8169: Fix possible ring buffer corruption on fragmented Tx packets.

In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently.....

0.0004EPSS

2024-06-19 01:37 PM
Total number of security vulnerabilities64201