CVE-2023-52889 apparmor: Fix null pointer deref when receiving skb during sock creation

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix null pointer deref when receiving skb during sock creation The panic below is observed when receiving ICMP packets with secmark set while an ICMP raw socket is being created. SKCTXsk-label is updated in...

Russian Hackers Using Fake Brand Sites to Spread DanaBot and StealC Malware

Cybersecurity researchers have shed light on a sophisticated information stealer campaign that impersonates legitimate brands to distribute malware like DanaBot and StealC. The activity cluster, orchestrated by Russian-speaking cybercriminals and collectively codenamed Tusk, is said to encompass...

CVE-2024-42472

CVE-2024-42472 affects Flatpak before 1.14.0/1.15.10 and allows a malicious or compromised Flatpak app using persistent directories to access or write files outside the sandbox. The root cause is a symlink-following issue when mounting persistent (persist) directories, causing the bind mount to f...

CVE-2024-42472 Flatpak may allow access to files outside sandbox for certain apps

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...

CVE-2024-42472

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...

CVE-2024-24973

Improper input validation for some IntelR Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2024-23495

Incorrect default permissions in some IntelR Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-23495

Incorrect default permissions in some IntelR Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-23491

Uncontrolled search path in some IntelR Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-23495

Incorrect default permissions in some IntelR Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-24973

Improper input validation for some IntelR Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2024-24973

Improper input validation for some IntelR Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2024-23495

The CVE-2024-23495 entry concerns Intel(R) Distribution for GDB software with an on-disk permission issue: incorrect default permissions in versions before 2024.0.1 may permit an authenticated user to escalate privileges via local access. Affected component: Intel Distribution for GDB (intel-gdb)...

CVE-2024-24973

CVE-2024-24973 describes improper input validation in Intel® Distribution for GDB prior to 2024.0.1, which may permit an authenticated user to cause a local denial-of-service. The vulnerability affects Intel Distribution for GDB software before 2024.0.1 (and is echoed in related Intel advisories)...

CVE-2024-25562

Improper buffer restrictions in some IntelR Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2024-23491

Uncontrolled search path in some IntelR Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-25562

Intel Distribution for GDB software contains a vulnerability (CVE-2024-25562) due to improper buffer restrictions in versions before 2024.0.1. An authenticated user could potentially cause a denial of service via local access. The issue affects Intel Distribution for GDB prior to 2024.0.1, and In...

CVE-2024-25562

Improper buffer restrictions in some IntelR Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2024-23491

Uncontrolled search path in some IntelR Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-23491

CVE-2024-23491 refers to an uncontrolled search path in Intel® Distribution for GDB software prior to 2024.0.1, potentially allowing an authenticated user with local access to escalate privileges. Intel’s advisory (INTEL-SA-01075) and related Red Hat/NVD references confirm the affected product: I...