9 matches found
UBUNTU-CVE-2026-23554
The Intel EPT paging code uses an optimization to defer flushing of any cached EPT state until the p2m lock is dropped, so that multiple modifications done under the same locked region only issue a single flush. Freeing of paging structures however is not deferred until the flushing is done, and...
LAPRAD: LLM-Assisted PRotocol Attack Discovery
With the goal of improving the security of Internet protocols, we seek faster, semi-automatic methods to discover new vulnerabilities in protocols such as DNS, BGP, and others. To this end, we introduce the LLM-Assisted Protocol Attack Discovery LAPRAD methodology, enabling security researchers...
CVE-2024-40918
In the Linux kernel, the following vulnerability has been resolved: parisc: Try to fix random segmentation faults in package builds PA-RISC systems with PA8800 and PA8900 processors have had problems with random segmentation faults for many years. Systems with earlier processors are much more...
CVE-2024-40918 parisc: Try to fix random segmentation faults in package builds
In the Linux kernel, the following vulnerability has been resolved: parisc: Try to fix random segmentation faults in package builds PA-RISC systems with PA8800 and PA8900 processors have had problems with random segmentation faults for many years. Systems with earlier processors are much more...
GSD-2022-1002093 dax: make sure inodes are flushed before destroy cache
dax: make sure inodes are flushed before destroy cache This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.110 by commit...
Inside the Response to the New York Times Attack
Late Tuesday morning, one of the engineers in CloudFlare’s San Francisco office saw a message on Twitter saying that the New York Times Web site was down. Minutes later, more messages appeared, as security researchers and others began looking into the situation and realized that someone may have...
Fedora 16 : xen-4.1.3-1.fc16 (2012-11785)
update to 4.1.3 - fixes untrusted HVM guest can cause the dom0 to hang or crash XSA-11, CVE-2012-3433 843582 remove some unnecessary cache flushing that slow things down 841330 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...
kernel security and bug fix update
2.6.18-164.11.1.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina yang orabug...
Lots and lots of fun with rpc.statd
Last week was a little quiet, so I thought I'd throw some kindling on the fire. Here's another prime example of a format string bug: our old friend rpc.statd. Attached is an exploit. The offsets are for Linux/PowerPC, Debian 2.2. It isn't functional, though - and it's more than just kiddy-proofed...