Live Webinar: Dive Deep into Crypto Agility and Certificate Management

In the fast-paced digital world, trust is everything—but what happens when that trust is disrupted? Certificate revocations, though rare, can send shockwaves through your operations, impacting security, customer confidence, and business continuity. Are you prepared to act swiftly when the...

Restarting a run with revoked script approval allowed by Jenkins Pipeline: Declarative Plugin

Jenkins Pipeline: Declarative Plugin 2.2214.vbb34b2ea9b83 and earlier does not check whether the main Jenkinsfile script used to restart a build from a specific stage is approved, allowing attackers with Item/Build permission to restart a previous build whose Jenkinsfile script is no longer...

CVE-2024-49504

grub2 allowed attackers with access to the grub shell to access files on the encrypted disks...

FreeBSD : FreeBSD -- Certificate revocation list fetch(1) option fails (ce0f52e1-a174-11ef-9a62-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ce0f52e1-a174-11ef-9a62-002590c1f29c advisory. The fetch3 library uses environment variables for passing certain information, including the revocation...

CVE-2024-45289

The fetch3 library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch1 to pass the filename to the library was incorrect, in effect ignoring the option. Fetch would still connect to a host presenting a...

CVE-2024-45289 Unbounded allocation in ctl(4) CAM Target Layer

The fetch3 library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch1 to pass the filename to the library was incorrect, in effect ignoring the option. Fetch would still connect to a host presenting a...

CVE-2024-45289

CVE-2024-45289 affects FreeBSD: the fetch(3) library uses environment variables to pass info, including the revocation file pathname, but the fetch(1) option name was incorrect and effectively ignored the option. As a result, FreeBSD could connect to a host presenting a certificate listed in the ...

CVE-2024-45289 Unbounded allocation in ctl(4) CAM Target Layer

The fetch3 library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch1 to pass the filename to the library was incorrect, in effect ignoring the option. Fetch would still connect to a host presenting a...

kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers

A use-after-free was found in drivers/gpu/drm/i915/gt/intelggttfencing.c in the Linux kernel. This issue can be caused by a race among revocation of fence registers on one side and sequential execution of signal callbacks invoked on completion of a request that was using them on the other,...

BEC-ware the Phish (part 2): Respond and Remediate Incidents in M365

TL;DR Ensure you can reliably take initial containment actions such as disabling accounts, resetting passwords, and revoking tokens. Token binding ensures that a token only works on the specific device the token was issued and is currently the best protection against token theft. As a minimum...

UBUNTU-CVE-2024-50106

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and freestateid There is a race between laundromat handling of revoked delegations and a client sending freestateid operation. Laundromat thread finds that delegation has expired and needs to be...

CVE-2024-50106 nfsd: fix race between laundromat and free_stateid

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and freestateid There is a race between laundromat handling of revoked delegations and a client sending freestateid operation. Laundromat thread finds that delegation has expired and needs to be...

CVE-2024-50106

The CVE-2024-50106 entry concerns the Linux kernel (nfsd) and describes a race between laundromat handling revoked delegations and a client issuing free_stateid, which can lead to a use-after-free of a delegation stateid if a new open finds a non-empty lease list and dereferences a freed stateid....

CVE-2024-50106 nfsd: fix race between laundromat and free_stateid

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and freestateid There is a race between laundromat handling of revoked delegations and a client sending freestateid operation. Laundromat thread finds that delegation has expired and needs to be...

kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers

A use-after-free was found in drivers/gpu/drm/i915/gt/intelggttfencing.c in the Linux kernel. This issue can be caused by a race among revocation of fence registers on one side and sequential execution of signal callbacks invoked on completion of a request that was using them on the other,...

kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers

A use-after-free was found in drivers/gpu/drm/i915/gt/intelggttfencing.c in the Linux kernel. This issue can be caused by a race among revocation of fence registers on one side and sequential execution of signal callbacks invoked on completion of a request that was using them on the other,...

RHEL 5 : Red Hat Certificate System 8 (RHSA-2017:2560)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:2560 advisory. Red Hat Certificate System is a complete implementation of an enterprise software system designed to manage enterprise public key infrastructure PKI...

The vulnerability of the X509_V_FLAG_CRL_CHECK component in the OpenSSL cryptographic library allows a attacker to trigger a service failure.

The vulnerability of the X509VFLAGCRLCHECK component in the OpenSSL cryptographic library is related to reading data beyond the memory boundaries. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

PT-2024-31541 · Fetch +1 · Fetch +1

Name of the Vulnerable Software and Affected Versions: fetch versions affected versions not specified Description: The issue arises from the fetch3 library's use of environment variables to pass information, including the revocation file pathname. However, the environment variable name used by...

FreeBSD -- Certificate revocation list fetch(1) option fails

Problem Description: The fetch3 library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch1 to pass the filename to the library was incorrect, in effect ignoring the option. Impact: Fetch would still...