[SECURITY] Fedora 38 Update: rear-2.7-8.fc38

Relax-and-Recover is the leading Open Source disaster recovery and system migration solution. It comprises of a modular frame-work and ready-to-go workflows for many common situations to produce a bootable image and restore from backup using this image. As a benefit, it allows to restore to...

[SECURITY] Fedora 39 Update: rear-2.7-8.fc39

Relax-and-Recover is the leading Open Source disaster recovery and system migration solution. It comprises of a modular frame-work and ready-to-go workflows for many common situations to produce a bootable image and restore from backup using this image. As a benefit, it allows to restore to...

Anonymous leaks more EPIK host data; ‘larger than previous leak’

By Waqas According to Anonymous, the EPIK data leak involves bootable disk images, API tokens, over 500,000 private keys, etc. all in plain-text format. This is a post from HackRead.com Read the original post: Anonymous leaks more EPIK host data; larger than previous leak...

Ventoy - A New Bootable USB Solution

Ventoy is an open source tool to create bootable USB drive for ISO/WIM/IMG/VHDx/EFI files. With ventoy, you don't need to format the disk over and over, you just need to copy the image files to the USB drive and boot it. You can copy many image files at a time and ventoy will give you a boot menu...

Security Bulletin: IBM Bootable Media Creator (BoMC) is affected by vulnerabilities in libxml2

Summary BM Bootable Media Creator BoMC has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2020-7595 DESCRIPTION: The Gnome Project Libxml2 is vulnerable to a denial of service, caused by an error in xmlStringLenDecodeEntities in parser.c. An attacker could exploit this...

Security Bulletin: IBM Bootable Media Creator (BoMC) is affected by vulnerabilities in libexpat

Summary IBM Bootable Media Creator BoMC has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-20843 DESCRIPTION: libexpat is vulnerable to a denial of service, caused by an error in the XML parser. By persuading a victim to open a specially-crafted file, a remote...

Security Bulletin: IBM Bootable Media Creator (BoMC) is affected by vulnerabilities in the kernel

Summary IBM Bootable Media Creator BoMC has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2015-2922 DESCRIPTION: Linux Kernel, built with the IPv6 networking supportCONFIGIPV6, is vulnerable to a denial of service, caused by the improper handling of Router...

Security Bulletin: IBM Bootable Media Creator (BoMC) is affected by a vulnerability in GNU cpio (CVE-2019-14866)

Summary IBM Bootable Media Creator BoMC has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-14866 DESCRIPTION: GNU cpio could allow a local authenticated attacker to gain elevated privileges on the system, caused by the failure to properly validate input files when...

Security Bulletin: IBM Bootable Media Creator (BoMC) is affected by a vulnerability in cyrus-sasl (CVE-2019-19906)

Summary IBM Bootable Media Creator BoMC has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-19906 DESCRIPTION: cyrus-sasl is vulnerable to a denial of service, caused by an off-by-one error in sasladdstring in common.c. By sending a malformed LDAP packet, a remote...

Security Bulletin: IBM Bootable Media Creator (BoMC) is affected by vulnerabilities in OpenSSL (CVE-2019-1547 and CVE-2019-1563)

Summary IBM Bootable Media Creator BoMC has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2019-1547 DESCRIPTION: OpenSSL could allow a local authenticated attacker to obtain sensitive information, caused by the ability to construct an EC group missing the cofactor usin...

Security Bulletin: IBM Bootable Media Creator (BoMC) is affected by a vulnerability in cURL (CVE-2019-5482)

Summary IBM Bootable Media Creator BoMC has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-5482 DESCRIPTION: cURL libcurl is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the tftpreceivepacket function. By sending specially-crafted...

Oracle Linux 8 : grub2 (ELSA-2020-0335)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0335 advisory. 2.02-78.0.3.el81.1 - honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS Orabug: 30643497 - set EFIDIR as redhat for additional grub2 tools Orabug: 298755...

RHEL 8 : grub2 (RHSA-2020:0335)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0335 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...

CVE-2019-14865

A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure for example by setting RLIMIT, causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots...

Lenovo Bootable Generator Code Issue Vulnerability

Lenovo Bootable Generator is a tool from Lenovo China for creating Linux diagnostics on a bootable USB. A security vulnerability exists in Lenovo Bootable Generator. A local attacker could exploit the vulnerability to execute code on the system...

CVE-2019-6154

A DLL search path vulnerability was reported in Lenovo Bootable Generator, prior to version Mar-2019, that could allow a malicious user with local access to execute code on the system...

CVE-2019-6154

A DLL search path vulnerability was reported in Lenovo Bootable Generator, prior to version Mar-2019, that could allow a malicious user with local access to execute code on the system...

Path traversal

A DLL search path vulnerability was reported in Lenovo Bootable Generator, prior to version Mar-2019, that could allow a malicious user with local access to execute code on the system...

CVE-2019-6154

A DLL search path vulnerability was reported in Lenovo Bootable Generator, prior to version Mar-2019, that could allow a malicious user with local access to execute code on the system...

CVE-2019-6154

CVE-2019-6154 describes a DLL search path vulnerability in Lenovo Bootable Generator (prior to Mar-2019) that could allow a local attacker to execute code. Affected software: Lenovo Bootable Generator (used to create Linux diagnostics on bootable USB). Root cause: DLL search path flaw. Impact: lo...