Kazuar: Anatomy of a nation-state botnet

In this article 1. Delivery 2. Module types 3. Botnet operations 4. Who is Secret Blizzard? 5. Mitigation and protection guidance 6. Microsoft Defender detections Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for...

Kazuar: Anatomy of a nation-state botnet

In this article 1. Delivery 2. Module types 3. Botnet operations 4. Who is Secret Blizzard? 5. Mitigation and protection guidance 6. Microsoft Defender detections Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for...

CVE-2026-43100

A flaw was found in the Linux kernel's bridge module. A local user can trigger a null pointer dereference by creating a bridge with specific configuration options. This vulnerability can lead to a system crash, resulting in a Denial of Service DoS. Mitigation To mitigate this issue, prevent the...

CVE-2026-31752

A flaw was found in the Linux kernel's bridge module. A remote attacker could exploit this by sending a malformed Neighbor Discovery ND option. This could cause the brndsend function to improperly process option lengths, potentially leading to information disclosure or a denial of service DoS...

CVE-2026-31752

In the Linux kernel, the following vulnerability has been resolved: bridge: brndsend: validate ND option lengths brndsend walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLADDR option...

EUVD-2025-201647

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix use-after-free due to MST port state bypass syzbot reported1 a use-after-free when deleting an expired fdb. It is due to a race condition between learning still happening and a port being deleted, after all its...

EUVD-2009-0478

Malware in sbrugna...

CVE-2024-40921

CVE-2024-40921 impacts the Linux kernel’s networking stack, specifically the bridge/mst path: the change fixes passing a vlan group pointer to br_mst_vlan_set_state by using the already obtained group rather than dereferencing it again. Root cause is a non-functional dereference path related to a...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a reference counting error in the fpga:bridge module...

CVE-2021-47223

The CVE-2021-47223 issue is a Linux kernel vulnerability in the bridge/net subsystem: a tunnel_dst null pointer dereference during VLAN tunnel egress caused by a lockless access pattern when deleting a VLAN tunnel. The patch fixes this by using READ/WRITE_ONCE for tunnel_id, applying RCUs for tun...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a leak in the drm/bridge module...

DEBIAN-CVE-2023-52578

In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEVSTATSINC syzbot/KCSAN reported data-races in brhandleframefinish 1 This function can run from multiple cpus without mutual exclusion. Adopt SMP safe DEVSTATSINC to update dev-stats fields. Handles updates to...

Rockwell Automation ControlLogix Exposure of Sensitive Information to an Unauthorized Actor (CVE-2009-0474)

The web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to obtain internal web page information and internal information about the module via unspecified vectors. NOTE: this may overlap CVE-2002-1603. This plugin only works with...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 4472)

This kernel update fixes the following security problems : - It was possible for local user to become root by exploiting a bug in the IA32 system call emulation. This affects x8664 platforms with kernel 2.4.x and 2.6.x before 2.6.22.7 only. CVE-2007-4573 - An information disclosure vulnerability ...

CVE-2009-0474

The web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to obtain "internal web page information" and "internal information about the module" via unspecified vectors. NOTE: this may overlap CVE-2002-1603...

Design/Logic Flaw

The web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to obtain "internal web page information" and "internal information about the module" via unspecified vectors. NOTE: this may overlap CVE-2002-1603...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Open redirect

Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

CVE-2009-0473

Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

CVE-2009-0474

The CVE-2009-0474 entry affects the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module: its web interface can leak internal web page information and internal module information to remote attackers via unspecified vectors. This vulnerability is described across multiple sources...