libseccomp < 2.4.0 - Incorrect Compilation of Arithmetic Comparisons Exploit

When libseccomp compiles filters for 64-bit systems, it needs to split 64-bit comparisons into 32-bit comparisons because classic BPF can't operate on 64-bit values directly. libseccomp offers both bitwise comparisons NE, EQ, MASKEDEQ and arithmetic comparisons LT, LE, GE, GT. Bitwise comparisons...

libseccomp &lt; 2.4.0 - Incorrect Compilation of Arithmetic Comparisons

When libseccomp compiles filters for 64-bit systems, it needs to split 64-bit comparisons into 32-bit comparisons because classic BPF can't operate on 64-bit values directly. libseccomp offers both bitwise comparisons NE, EQ, MASKEDEQ and arithmetic comparisons LT, LE, GE, GT. Bitwise comparisons...

libseccomp Incorrect Compilation Of Arithmetic Comparisons

libseccomp: incorrect compilation of arithmetic comparisons When libseccomp compiles filters for 64-bit systems, it needs to split 64-bit comparisons into 32-bit comparisons because classic BPF can't operate on 64-bit values directly. libseccomp offers both bitwise comparisons NE, EQ, MASKEDEQ an...

The vulnerability of the component for implementing remote access to the desktop based on the VNC protocol in the Astra Linux operating system, related to the incorrect use of flags during compilation, allows a hacker to trigger a service failure.

The vulnerability of the component for implementing remote access to the desktop based on the VNC protocol in the Astra Linux operating system is related to the incorrect use of flags during compilation. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...

[SECURITY] Fedora 29 Update: distcc-3.2rc1-22.fc29

distcc is a program to distribute compilation of C or C++ code across several machines on a network. distcc should always generate the same results as a local compile, is simple to install and use, and is often two or more times faster than a local compile...

[SECURITY] Fedora 28 Update: distcc-3.2rc1-22.fc28

distcc is a program to distribute compilation of C or C++ code across several machines on a network. distcc should always generate the same results as a local compile, is simple to install and use, and is often two or more times faster than a local compile...

tcpdump < 4.9.3 - Multiple Heap-Based Out-of-Bounds Reads Exploit

tcpdump 4.9.3 - Multiple Heap-Based Out-of-Bounds Reads Exploit Through fuzzing of network capture .pcap files, we have identified 16 crashes with unique stack traces in tcpdump. These crashes are caused by heap-based out-of-bounds memory reads, and can be reproduced with the latest tcpdump sourc...

jenkins-plugin-pipeline-model-definition: Sandbox Bypass in Pipeline: Declarative

A flaw was found in Jenkins Pipeline. Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code elements. This allows users with Overall/Read permission, or able to control Jenkinsfile or...

jenkins-plugin-workflow-cps: Sandbox Bypass in Pipeline: Groovy Plugin

A flaw was found in Jenkins Pipeline. In the Declarative plugin, the script sandbox protection could be circumvented during the script compilation phase by applying AST. Both the pipeline validation REST APIs and the actual script/pipeline execution are affected. This allows users with Overall/Re...

FaceTime - Texture Processing Memory Corruption

FaceTime - Texture Processing Memory Corruption There is a memory corruption issue that occurs when processing a malformed RTP video stream in FaceTime. It appears to be related to processing textures. thread 7, stop reason = EXCBADACCESS code=EXCI386GPFLT frame 0: 0x00007fff56baaa92...

Microsoft Chakra JavaScript Loop Type Confusion Vulnerability

This vulnerability allows remote attackers to produce abnormal program execution on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

qemu security update

15:3.0.0-4.el7 - usb-mtp: use ONOFOLLOW and OCLOEXEC. Gerd Hoffmann Orabug: 29056673 CVE-2018-16872 - pvrdma: add uarread routine Prasad J Pandit CVE-2018-20191 - pvrdma: release ring object in case of an error Prasad J Pandit Orabug: 29171822 CVE-2018-20126 - pvrdma: check number of pages when...

Microsoft Visual Studio asm Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on executables compiled using vulnerable installations of Microsoft Visual Studio. Attack vectors will vary depending on the nature of the executable in question. The specific flaw exists within the compilation of asm blocks in Visual...

SUSE SLES12 Security Update : nodejs4, nodejs6 (SUSE-SU-2017:2168-1)

This update for nodejs4 and nodejs6 fixes the following issues: Security issues fixed : - CVE-2017-1000381: The c-ares function aresparsenaptrreply could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. bsc1044946 ...

SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2018:3920-1)

java-170-ibm is updated to Java 7.0 Service Refresh 10 Fix Pack 35 bsc1116574 : Class Libraries - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTION FROM...

Digital Forensics Distro: CAINE

Caine an acronym for Computer Aided Investigative Environment’ is an Ubuntu-based GNU/Linux live distribution live oriented to Computer Forensics computer forensics historically conceived by Giancarlo Giustini, within a project of Digital Forensics Interdepartmental Research Center for Security...

CVE-2018-11804

Spark's Apache Maven-based build includes a convenience script, 'build/mvn', that downloads and runs a zinc server to speed up compilation. It has been included in release branches since 1.3.x, up to and including master. This server will accept connections from external hosts by default. A...

CVE-2018-11804

Spark's Apache Maven-based build includes a convenience script, 'build/mvn', that downloads and runs a zinc server to speed up compilation. It has been included in release branches since 1.3.x, up to and including master. This server will accept connections from external hosts by default. A...

GPlayed Trojan - .Net playing with Google Market

This blog post is authored by Vitor Ventura. Introduction In a world where everything is always connected, and mobile devices are involved in individuals' day-to-day lives more and more often, malicious actors are seeing increased opportunities to attack these devices. Cisco Talos has identified...

Vulnerability in the Intel Unified Shader compiler for the Intel Graphics Accelerator

Vulnerabilities discovered by Piotr Bania of Cisco Talos Talos is disclosing a pointer corruption vulnerability in the Intel Unified Shader compiler for the Intel Graphics Accelerator. Overview In order for the graphics to be produced, the graphics accelerators need to process the OpenGL scripts...