[SECURITY] Fedora 39 Update: radare2-5.9.4-1.fc39

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

BIT-VALKEY-2021-32672 Vulnerability in Lua Debugger in Redis

Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support 3.2 or newer...

BIT-KEYDB-2021-32672 Vulnerability in Lua Debugger in Redis

Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support 3.2 or newer...

USN-6979-1: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux UML; - x86 architecture; - Accessibility subsystem; -...

Ubuntu 18.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-6979-1)

"The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6979-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

Ubuntu 20.04 LTS : Linux kernel (BlueField) vulnerabilities (USN-6951-4)

"The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6951-4 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

Ubuntu 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6951-3)

"The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6951-3 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

USN-6951-2 linux-azure vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux UML; - x86 architecture; - Accessibility subsystem; -...

CVE-2024-25562

Improper buffer restrictions in some IntelR Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access...

Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6951-2)

"The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6951-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

Adobe Acrobat Reader AV3DVirtAnnot Object Format Event Use-After-Free Vulnerability

Talos Vulnerability Report TALOS-2024-2009 Adobe Acrobat Reader AV3DVirtAnnot Object Format Event Use-After-Free Vulnerability August 13, 2024 CVE Number CVE-2024-41830 SUMMARY A use-after-free vulnerability exists in the AV3DVirtAnnot functionality of Adobe Acrobat Reader 2024.002.20759. A...

PT-2024-8899 · Intel · Intel Distribution For Gdb

Name of the Vulnerable Software and Affected Versions: IntelR Distribution for GDB versions prior to 2024.0.1 Description: The issue is related to incorrect default permissions in the IntelR Distribution for GDB software. This may allow an authenticated user to potentially enable escalation of...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6953-1)

"The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6953-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

USN-6951-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux UML; - x86 architecture; - Accessibility subsystem; -...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6951-1)

"The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6951-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

Important: python-werkzeug

Issue Overview: Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain...

Amazon Linux 2023 : python3-werkzeug (ALAS2023-2024-662)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-662 advisory. Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This...

How to Enable Special Pool Tagging for a Driver

If the stack of a process is overrun by another process, analysis of the dump is not possible because the crash occurs when the original process writes to the kernel space which is already occupied by the other, misbehaving component. Enabling Special Pool Tagging causes the driver to crash as so...

UBUNTU-CVE-2024-39480

In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy to insert the completed symbol into the command buffer. Unfortunately it passes the size of t...

CBL Mariner 2.0 Security Update: python-werkzeug (CVE-2024-34069)

The version of python-werkzeug installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-34069 advisory. - Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of...