Ubuntu: Security Advisory (USN-3655-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ZipSlip Symlink variant allows to read any file within OctoPrint Box

Using the ZipSlip symlink variant, it is possible to steal any file from the OctoPrint remote server via an upload of a maliciously crafted archive as a language pack and download the stolen files within a backup archive. To set up the Octoprint web application, we used the dockerized version bas...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-019)

The version of kernel installed on the remote host is prior to 5.10.135-122.509. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-019 advisory. - Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-006)

The version of kernel installed on the remote host is prior to 5.15.57-29.131. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2022-006 advisory. A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9710)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9710 advisory. - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34480880 CVE-2022-2588 - arm64: proton-pack: provide...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9709)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9709 advisory. - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34480880 CVE-2022-2588 - arm64: proton-pack: provide...

Ubuntu 22.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-5564-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5564-1 advisory. Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5565-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5565-1 advisory. Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a rout...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.58 and fixes at least the following security issues: Kernel lockdown bypass when UEFI secure boot is disabled / unavailable and IMA appraisal is enabled CVE-2022-21505. Aliases in the branch predictor may cause some AMD processors to predict the...

SolidBit Ransomware Enters the RaaS Scene and Takes Aim at Gamers and Social Media Users With New Variant

This blog entry offers a technical analysis of a new SolidBit variant that is posing as different applications to lure gamers and social media users. The SolidBit ransomware group appears to be planning to expand its operations through these fraudulent apps and its recruitment of...

F5 Networks BIG-IP : RetBleed CPU vulnerability (K83713003)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K83713003 advisory. - Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2022:2549-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2549-1 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in...

LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities

In June 2022, LockBit revealed version 3.0 of its ransomware. In this blog entry, we discuss the findings from our own technical analysis of this variant and its behaviors, many of which are similar to those of the BlackMatter ransomware...

SUSE SLES12 Security Update : kernel (SUSE-SU-2022:2478-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2478-1 advisory. - The usbserialconsoledisconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denia...

SUSE SLES15 Security Update : kernel (SUSE-SU-2022:2423-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2423-1 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage...

SUSE SLES15 Security Update : kernel (SUSE-SU-2022:2411-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2411-1 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage...

SUSE SLES15 Security Update : kernel (SUSE-SU-2022:2424-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2424-1 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. CVE-2021-26341 - An...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2022:2422-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2422-1 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in...

Several New Play Store Apps Spotted Distributing Joker, Facestealer and Coper Malware — The Hacker News

Google has taken steps to ax dozens of fraudulent apps from the official Play Store that were spotted propagating Joker, Facestealer, and Coper malware families through the virtual marketplace. While the Android storefront is considered to be a trusted source for discovering and installing apps,...

Arbitrary Code Execution

xen is vulnerable to Arbitrary Code Execution. The vulnerability exists in Spectre variant under certain microarchitecture-dependent conditions which allows an attacker to inject and execute arbitrary speculative codes...