Ubuntu 18.04 LTS : Linux kernel (Qualcomm Snapdragon) vulnerabilities (USN-5862-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5862-1 advisory. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-5854-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5854-1 advisory. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker...

Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Algorithm

The first-ever Linux variant of the Clop ransomware has been detected in the wild, but with a faulty encryption algorithm that has made it possible to reverse engineer the process. "The ELF executable contains a flawed encryption algorithm making it possible to decrypt locked files without paying...

Infection and Evolution of the GOOTLOADER Malware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary GOOTLOADER malware infects via malicious archive download, executing JavaScript and PowerShell, delivering FONELAUNCH, Cobalt Strike BEACON/SNOWCONE, with the latest variant writing JavaScript to disk an...

Multiple combinations of token0/token1 for a given liquidity exist to satisfies the custom variant of AMM pool. A naive LP or Power token holder can transfer more token0/token1 then necessary when minting & burning respectively

Lines of code Vulnerability details Impact LP's need to provide a combination of token0 / token 1 for a given liquidity that satisfied a custom variant that satisfies 2 conditions 1. scale1 = c + d where a, b, c, d are functions of token0/ token1 , liquidity and upper bound The relationship betwe...

Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices

Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems. "This PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Window...

Upgraded Q -> M from #598 [1674741121008]

Judge has assessed an item in Issue 598 as M risk. The relevant finding follows: Low: 1.deposit check wrong variant function deposituint256 assets, address receiver public virtual returns uint256 shares requireshares minDepositAmount, "VALUETOOSMALL"; requireassets minDepositAmount,...

New BOLDMOVE Backdoor uses FortiOS vulnerability for initial access

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A suspected China-nexus campaign has exploited a vulnerability in Fortinets FortiOS SSL-VPN, known as CVE-2022-42475. The exploitation was believed to have occurred as early as October 2022 and the targe...

New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild

Unidentified threat actors have deployed a new backdoor that borrows its features from the U.S. Central Intelligence Agency CIA's Hive multi-platform malware suite, the source code of which was released by WikiLeaks in November 2017. "This is the first time we caught a variant of the CIA Hive...

DEBIAN-CVE-2022-2196

A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM L0 advertising eIBRS support to L1. An attacker at L2 with code...

Dridex Returns, Targets MacOS Using New Entry Method

The Dridex variant we analyzed targets MacOS platforms with a new technique to deliver documents embedded with malicious macros to users...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2022:4616-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4616-1 advisory. - A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculati...

Agenda ransomware made its return with a Rust variant

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In addition to BlackCat, Hive, Luna, and RansomExx, Agenda is the latest ransomware strain to use the cross-platform programming language Rust. Ransomware-as-a-service RaaS group Agenda, attributed to an...

New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure

A Rust variant of a ransomware strain known as Agenda has been observed in the wild, making it the latest malware to adopt the cross-platform programming language after BlackCat, Hive, Luna, and RansomExx. Agenda, attributed to an operator named Qilin, is a ransomware-as-a-service RaaS group that...

Segfault in `CompositeTensorVariantToComponents` in Tensorflow

...

GHSA-RJX6-V474-2CH9 Segfault in `CompositeTensorVariantToComponents`

Impact An input encoded that is not a valid CompositeTensorVariant tensor will trigger a segfault in tf.rawops.CompositeTensorVariantToComponents. python import tensorflow as tf encode = tf.rawops.EmptyTensorListelementdtype=tf.int32, elementshape=10, 15, maxnumelements=2 meta= ""...

CVE-2022-30257

An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when an input encoded is not a valid CompositeTensorVariant tensor. This will trigger a segfault in tf.rawops.CompositeTensorVariantToComponents. Details Denial of Service DoS describes a family of attacks, all aim...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5728-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5728-2 advisory. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading t...

AZL-11543 CVE-2022-41909 affecting package tensorflow for versions less than 2.11.0-1

TensorFlow is an open source platform for machine learning. An input encoded that is not a valid CompositeTensorVariant tensor will trigger a segfault in tf.rawops.CompositeTensorVariantToComponents. We have patched the issue in GitHub commits bf594d08d377dc6a3354d9fdb494b32d45f91971 and...