Boosting Your Linux & Docker Security with CB LiveOps

Today we’re excited to announce Linux support for CB LiveOps, Carbon Black’s real-time endpoint query & remediation solution that helps security teams audit and change the state of their systems. This release expands the product’s footprint to cover all major operating systems, including Amazon...

Linux Missing Lockdown

Linux: missing locking between ELF coredump code and userfaultfd VMA modification Related CVE Numbers: CVE-2019-11599. elfcoredump has a comment back from something like 2.5.43-C3 that says: / We no longer stop all VM operations. This is because those proceses that could possibly change mapcount ...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

lzma/7z_fuzzer: Use-of-uninitialized-value in CrcUpdateT8

Detailed report: https://oss-fuzz.com/testcase?key=5695345578737664 Project: lzma Fuzzer: libFuzzerlzma7zfuzzer Fuzz target binary: 7zfuzzer Job Type: libfuzzermsanlzma Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: CrcUpdateT8 CrcCalc SzArExExtract Sanitize...

GLSA-201903-18 : GD: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201903-18 GD: Multiple vulnerabilities Multiple vulnerabilities have been discovered in GD. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to process a specially...

DLA-1715-1 linux-4.9 - security update

Bulletin has no description...

CVE-2019-5774

Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file...

Photon OS 1.0: Linux PHSA-2018-1.0-0135

An update of the linux package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-1.0-0135. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121841...

[ASA-201901-15] haproxy: denial of service

Arch Linux Security Advisory ASA-201901-15 ========================================== Severity: Medium Date : 2019-01-24 CVE-ID : CVE-2018-20102 CVE-2018-20103 Package : haproxy Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-836 Summary ======= The package haproxy...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.3 kernel was updated to 4.4.165-81.1 to receive various bugfixes. The following non-security bugs were fixed: - 9p locks: fix glock.clientid leak in dolock bnc1012382. - 9p: clear dangling pointers in p9statfree bnc1012382. - ACPI / LPSS: Add alternative ACPI HIDs for Cherry...

Important kernel security update: New kernel 2.6.32-042stab134.8 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab134.8 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 based on the RHEL 6.10 kernel 2.6.32-754.6.3.el6. The new kernel introduces a security and stability fix. Vulnerability id: CVE-2018-9568 Memory corruption due to incorrect socke...

Warning! Unprivileged Linux Users With UID > INT_MAX Can Execute Any Command

Hold tight, this may blow your mind… A low-privileged user account on most Linux operating systems with UID value anything greater than 2147483647 can execute any systemctl command unauthorizedly—thanks to a newly discovered vulnerability. The reported vulnerability actually resides in PolicyKit...

RHEL 7 : Red Hat OpenShift Container Platform (RHSA-2018:0475)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0475 advisory. - kubernetes: Volume security can be sidestepped with innocent emptyDir and subpath CVE-2017-1002101 - kubernetes: Malicious containers can...

Discovering Design Principles

Carbon Black recently published a report on the challenges of securing Linux-based operating systems and how Carbon Black is redesigning the approach. For more information about how the CB Predictive Security Cloud, Carbon Black's consolidated endpoint security platform, helps enterprises cut cos...

Building Better Evaluation Criteria for Linux Security

Carbon Black recently published a report on the challenges of securing Linux-based operating systems and how Carbon Black is redesigning the approach. For more information about how the Cb Predictive Security Cloud, Carbon Black's consolidated endpoint security platform, helps enterprises cut cos...

Flaws in Evaluating Security Tools for Linux

Carbon Black recently published a report on the challenges of securing Linux-based operating systems and how Carbon Black is redesigning the approach. For more information about how the Cb Predictive Security Cloud, Carbon Black's consolidated endpoint security platform, helps enterprises cut cos...

Re-designing Linux Security: Do No Harm – Introduction

Carbon Black recently published a report on the challenges of securing Linux-based operating systems and how Carbon Black is redesigning the approach. For more information about how the Cb Predictive Security Cloud, Carbon Black's consolidated endpoint security platform, helps enterprises cut cos...

Virtuozzo Linux Errata and Security Advisory 2018:3406 Critical

Upstream security update. Follow RHSA-2018:3406 for details...

GLSA-201810-10 : systemd: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201810-10 systemd: Multiple vulnerabilities Multiple vulnerabilities have been discovered in systemd. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly execute arbitrary code, caus...

Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)

Title: Linux/x86 - execve/bin/sh + MMX/ROT13/XOR Shellcode Encoder/Decoder 104 bytes Author: Kartik Durg Shellcode Length: 104 BYTES Student-ID: SLAE-1233 Write-up Link: https://iamroot.blog/2018/10/02/0x4-rot13xorencodermmxdecodershellcode-linux-x86/ Tested on: Ubuntu 16.0.4.1 i686...