SUSE CVE-2021-3979

A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks...

SUSE CVE-2021-4093

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...

SUSE CVE-2021-26342

In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer TLB following a particular sequence of operations that includes creation of a new virtual machine control block VMCB. The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for...

SUSE CVE-2021-31615

Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 may permit an adjacent device to inject a crafted packet during the receive window of the listening device before the transmitting device initiates its packet transmission to achieve full MITM status...

SUSE CVE-2021-38084

An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the-middle attackers can pipeline commands after the POP3 STLS command, injecting plaintext commands into an encrypted user session...

SUSE CVE-2021-43332

In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack...

SUSE CVE-2021-46744

An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time...

SUSE CVE-2022-0171

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV...

SUSE CVE-2022-1520

When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status. After opening and viewing the attached message B, when returning to the display of message A, the message A...

USN-5866-1: Nova vulnerabilities

It was discovered that Nova did not properly manage data logged into the log file. An attacker with read access to the service's logs could exploit this issue and may obtain sensitive information. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. CVE-2015-9543 It was discovered that...

A week in security (February 6 - 12)

Last week on Malwarebytes Labs: Two year old vulnerability used in ransomware attack against VMware ESXi On the 20th Safer Internet Day, what was security like back in 2004? Florida hospital takes entire IT systems offline after 'ransomware attack' Introducing Malwarebytes Mobile Security for...

Input validation

Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a recoverable format. If an attacker obtains a configuration file of Driver Distributor, the encrypted administrator's credentials may be decrypted...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Nova vulnerabilities (USN-5866-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5866-1 advisory. It was discovered that Nova did not properly manage data logged into the log file. An attacker with read access to the service's...

The vulnerability of the Telnet service of the TOTOLINK N200RE V5 router’s microprogramming system allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Telnet service provided by the TOTOLINK N200RE V5 microprogramming router lies in the use of strictly encrypted login credentials, with the SESSIONID file stored in a cookie. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected...

GnuTLS 安全漏洞

GnuTLS is a free secure communications library for implementing the SSL, TLS and DTLS protocols. GnuTLS suffers from a security vulnerability that originates from the ability to recover keys encrypted with RSA ciphertext over a network. An attacker exploiting this vulnerability could decrypt...

Encrypted messaging service eavesdropped on by police, users arrested

After eavesdropping on yet another encrypted messaging service for five months, law enforcement agencies decided to shut down the service that was popular among members of organized crime groups. The service called Exclu claims to use the "most secure encryption protocols", as well as end-to-end...

Encrypted Messaging App Exclu Used by Criminal Groups Cracked by Joint Law Enforcement

A joint law enforcement operation conducted by Germany, the Netherlands, and Poland has cracked yet another encrypted messaging application named Exclu used by organized crime groups. Eurojust, in a press statement, said the February 3 exercise resulted in the arrests of 45 individuals across...

Encrypted Messaging App Exclu Used by Criminal Groups Cracked by Joint Law Enforcement

A joint law enforcement operation conducted by Germany, the Netherlands, and Poland has cracked yet another encrypted messaging application named Exclu used by organized crime groups. Eurojust, in a press statement, said the February 3 exercise resulted in the arrests of 45 individuals across...

Brocade Product Security Incident Response Team Contact Information

Brocade Communications Systems Brocade is committed to resolving vulnerabilities to meet the needs of its customers and the broader technology community. Brocade Product Security Incident Response Team Brocade PSIRT is a global team that manages the receipt, investigation and internal coordinatio...

The vulnerability of D-Link DAP-2020 and DAP-1360 wireless access points, due to the use of rigidly encrypted login credentials, allows attackers to circumvent security restrictions.

The vulnerability of D-Link DAP-2020 and DAP-1360 wireless access points lies in the use of strictly encrypted login credentials. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...