HTTP Fetch, Reverse TCP Stager

Fetch and execute an AARCH64 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/linux/http/aarch64/meterpreter/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and set...

UBUNTU-CVE-2024-57885

In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: fix sleeping function called from invalid context at print message Address a bug in the kernel that triggers a "sleeping function called from invalid context" warning when /sys/kernel/debug/kmemleak is printed under...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An incorrect memory address protection vulnerability exists in the Huawei HarmonyOS HUKS module, which can be exploited by an attacker to cause availability ...

USN-7159-5 linux-raspi-5.4 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...

Ubuntu 18.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-7159-5)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7159-5 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

USN-7159-4 linux-iot vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...

Ubuntu 20.04 LTS : Linux kernel (IoT) vulnerabilities (USN-7159-4)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7159-4 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

USN-7159-3 linux-bluefield, linux-oracle, linux-oracle-5.4 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...

USN-7159-2: Linux kernel (AWS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (AWS) vulnerabilities (USN-7159-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7159-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

USN-7159-1 linux, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-raspi, linux-xilinx-zynqmp vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7159-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7159-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

CVE-2024-50341

CVE-2024-50341 affects Symfony’s security-bundle. The custom user_checker on a firewall wasn’t invoked when logging in programmatically via Security::login, enabling unwanted logins. The issue is addressed in Symfony/security-bundle upgrades: versions 6.4.10, 7.0.10 and 7.1.3 now call the configu...

SUSE CVE-2024-47703

In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to fileallocsecurity hook makes kernel panic. This happens because file system can not filter out the positive number returned by the LS...

UBUNTU-CVE-2024-47740

In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODEWRITE for atomic write ioctls The F2FS ioctls for starting and committing atomic writes check for inodeownerorcapable, but this does not give LSMs like SELinux or Landlock an opportunity to deny the write acces...

DEBIAN-CVE-2024-47703

In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to fileallocsecurity hook makes kernel panic. This happens because file system can not filter out the positive number returned by the LS...

UBUNTU-CVE-2024-47703

In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to fileallocsecurity hook makes kernel panic. This happens because file system can not filter out the positive number returned by the LS...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a bpf, lsm subsystem BPF LSM return value checking issue...

CVE-2024-47659

In the Linux kernel, the following vulnerability has been resolved: smack: tcp: ipv4, fix incorrect labeling Currently, Smack mirrors the label of incoming tcp/ipv4 connections: when a label 'foo' connects to a label 'bar' with tcp/ipv4, 'foo' always gets 'foo' in returned ipv4 packets. So, 1...

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7029-1)

"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7029-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cau...