Lucene search
K

9771 matches found

The Hacker News
The Hacker News
added 2025/03/28 11:57 a.m.27 views

CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection

Cybersecurity researchers are calling attention to a new sophisticated malware called CoffeeLoader that's designed to download and execute secondary payloads. The malware, according to Zscaler ThreatLabz, shares behavioral similarities with another known malware loader known as SmokeLoader. "The...

7.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/28 12:0 a.m.23 views

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7383-1)

"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7383-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

7.8CVSS6.9AI score0.00875EPSS
Exploits2References108
Tenable Nessus
Tenable Nessus
added 2025/03/28 12:0 a.m.21 views

Ubuntu 22.04 LTS : Linux kernel (NVIDIA Tegra) vulnerabilities (USN-7389-1)

"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7389-1 advisory. Attila Szsz discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a...

8.1CVSS8AI score0.03558EPSS
Exploits5References356
Tenable Nessus
Tenable Nessus
added 2025/03/28 12:0 a.m.21 views

Ubuntu 24.10 : Linux kernel (Low Latency) vulnerabilities (USN-7380-1)

"The remote Ubuntu 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7380-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in th...

8.1CVSS7.1AI score0.00737EPSS
Exploits3References306
Tenable Nessus
Tenable Nessus
added 2025/03/28 12:0 a.m.26 views

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7388-1)

"The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7388-1 advisory. Attila Szsz discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker cou...

8.1CVSS8AI score0.03558EPSS
Exploits4References355
OSV
OSV
added 2025/03/27 9:47 p.m.14 views

USN-7387-1 linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

8.1CVSS6.5AI score0.03558EPSS
Exploits3References252
Ubuntu
Ubuntu
added 2025/03/27 9:47 p.m.112 views

USN-7387-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

8.1CVSS7.5AI score0.03558EPSS
Exploits3
OSV
OSV
added 2025/03/27 8:8 p.m.15 views

USN-7383-2 linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Drivers core; - Ublk userspace block driver; -...

7.8CVSS6.7AI score0.00875EPSS
Exploits2References109
OSV
OSV
added 2025/03/27 7:11 p.m.10 views

USN-7384-1 linux-azure vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 Attila Szász discovered that the HFS+ file system...

9.1CVSS7.3AI score0.03301EPSS
Exploits3References319
OSV
OSV
added 2025/03/27 6:40 p.m.7 views

USN-7383-1 linux, linux-aws, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oracle, linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Drivers core; - Ublk userspace block driver; -...

7.8CVSS6.8AI score0.00875EPSS
Exploits2References109
OSV
OSV
added 2025/03/27 5:21 p.m.14 views

USN-7382-1 linux-oem-6.11 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...

8.1CVSS6.5AI score0.00737EPSS
Exploits2References308
OSV
OSV
added 2025/03/27 5:15 p.m.3 views

UBUNTU-CVE-2023-53009

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add sync after creating vram bo There will be data corruption on vram allocated by svm if the initialization is not complete and application is writting on the memory. Adding sync to wait for the initialization...

5.5CVSS5.7AI score0.00159EPSS
Exploits0References5
OSV
OSV
added 2025/03/27 4:48 p.m.15 views

USN-7380-1 linux-lowlatency vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...

8.1CVSS6.4AI score0.00737EPSS
Exploits3References308
OSV
OSV
added 2025/03/27 4:18 p.m.27 views

USN-7379-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-6.11, linux-oracle, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...

8.1CVSS6.4AI score0.00737EPSS
Exploits2References309
CVE
CVE
added 2025/03/27 2:57 p.m.86 views

CVE-2025-21880

Linux kernel CVE-2025-21880 affects the DRM XE userptr flow (drm/xe/userptr), specifically xe_vm_userptr_pin and EFAULT handling from hmm_range_fault(). The issue arose when EFAULT was treated as non-fatal, which could leave the userptr VMA on the rebind list during preempt_rebind_work_func(), le...

5.5CVSS7AI score0.00187EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/03/27 2:57 p.m.6 views

CVE-2025-21880 drm/xe/userptr: fix EFAULT handling

In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix EFAULT handling Currently we treat EFAULT from hmmrangefault as a non-fatal error when called from xevmuserptrpin with the idea that we want to avoid killing the entire vm and chucking an error, under the...

5.5CVSS6AI score0.00187EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2025/03/26 3:44 p.m.3 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: CVE-2024-44192: Fixed unexpected process crash due to processing maliciously crafted web content bsc1239863 CVE-2024-54467: Fixed data exilfration cross-origin due to a cookie management issue via a malicious website bsc1239864 Other fixes: ...

7.1CVSS8.1AI score0.0424EPSS
Exploits4References12
RedhatCVE
RedhatCVE
added 2025/03/26 12:19 p.m.8 views

CVE-2025-0835

Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory...

7.8CVSS7.1AI score0.00153EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/26 12:18 p.m.5 views

CVE-2025-0478

Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kerne...

7.8CVSS6.9AI score0.00137EPSS
Exploits0References1
Citrix
Citrix
added 2025/03/25 12:0 a.m.22 views

Enabling WPF Rendering for Citrix HDX on Multi-Session VDAs

Overview Windows Presentation Foundation WPF applications can leverage GPU acceleration in Citrix Virtual Apps and Desktops CVAD environments running Windows Multi-session OS. By enabling WPF rendering on the server’s GPU, this reduces CPU load and improves graphics performance for WPF...

7AI score
Exploits0
Rows per page
Query Builder