19 matches found
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/v3d: Stop the active perfmon before being destroyed When running kmscube with one or more performance monitors enabled via GALLIUMHUD, the following kernel panic can occur: 55.008324 Unable to handle kernel paging request ...
SUSE CVE-2024-50031
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon before being destroyed When running kmscube with one or more performance monitors enabled via GALLIUMHUD, the following kernel panic can occur: 55.008324 Unable to handle kernel paging request at...
AZL-51351 CVE-2024-50031 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon before being destroyed When running kmscube with one or more performance monitors enabled via GALLIUMHUD, the following kernel panic can occur: 55.008324 Unable to handle kernel paging request at...
DEBIAN-CVE-2024-50031
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon before being destroyed When running kmscube with one or more performance monitors enabled via GALLIUMHUD, the following kernel panic can occur: 55.008324 Unable to handle kernel paging request at...
AZL-51551 CVE-2024-50031 affecting package kernel for versions less than 6.6.57.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon before being destroyed When running kmscube with one or more performance monitors enabled via GALLIUMHUD, the following kernel panic can occur: 55.008324 Unable to handle kernel paging request at...
UBUNTU-CVE-2024-50031
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon before being destroyed When running kmscube with one or more performance monitors enabled via GALLIUMHUD, the following kernel panic can occur: 55.008324 Unable to handle kernel paging request at...
Daggerfly Cyberattack Campaign Hits African Telecom Services Providers
Telecommunication services providers in Africa are the target of a new campaign orchestrated by a China-linked threat actor at least since November 2022. The intrusions have been pinned on a hacking crew tracked by Symantec as Daggerfly, and which is also monitored by the broader cybersecurity...
Actors, Threats and Vulnerabilities 27 March to 2 April 2023
For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, they identified a total of Nine attacks that were executed...
Chinese Cyber Espionage Targets Middle Eastern Telecoms
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Chinese cyber espionage actors, Gallium and APT41, linked to Operation Soft Cell campaign, are targeting Middle Eastern telecommunications sector. To receive real-time threat advisories, please follow...
Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers
Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023. The intrusion set has been attributed to a Chinese cyber espionage actor associated with a long-running campaign dubbed Operation Soft Cell based on tooling overlaps...
Detecting and preventing LSASS credential dumping attacks
Obtaining user operating system OS credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve in their target organization’s environment, such as lateral movement. One techniqu...
Vulnerabilities & Threats that Matter 13 June – 19 June 2022
Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 798 53 1 109 4 13 For a detailed threat digest, download the pdf file here Summary The first week of June 2022 witnessed the discovery of 798 vulnerabilities out of which ...
GALLIUM targets Telecommunications sector using new PingPull tool
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary A new, difficult-to-detect remote access trojan known as PingPull has been discovered and is used by GALLIUM also known as Softcell, an APT group. They have expanded by targeting telecommunications, finance and...
Chinese 'Gallium' Hackers Using New PingPull Malware in Cyberespionage Attacks
A Chinese advanced persistent threat APT known as Gallium has been observed using a previously undocumented remote access trojan in its espionage attacks targeting companies operating in Southeast Asia, Europe, and Africa. Called PingPull, the "difficult-to-detect" backdoor is notable for its use...
Chinese Hackers Target Major Southeast Asian Telecom Companies
Three distinct clusters of malicious activities operating on behalf of Chinese state interests have staged a series of attacks to target networks belonging to at least five major telecommunications companies located in Southeast Asian countries since 2017. "The goal of the attackers behind these...
CVE-2017-6209
Stack-based buffer overflow in the parseidentifier function in tgsitext.c in the TGSI auxiliary module in the Gallium driver in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service out-of-bounds array access and QEMU process crash via vectors related to parsing...
CVE-2017-6209
Stack-based buffer overflow in the parseidentifier function in tgsitext.c in the TGSI auxiliary module in the Gallium driver in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service out-of-bounds array access and QEMU process crash via vectors related to parsing...
CVE-2017-6209
CVE-2017-6209 affects virglrenderer (Gallium driver) before 0.6.0. The vulnerability is a stack-based buffer overflow in the parse_identifier function in tgsi_text.c within the TGSI auxiliary module, exploitable by local guest OS users to cause a denial of service via out-of-bounds access, potent...
CVE-2017-6209
Stack-based buffer overflow in the parseidentifier function in tgsitext.c in the TGSI auxiliary module in the Gallium driver in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service out-of-bounds array access and QEMU process crash via vectors related to parsing...