9771 matches found
CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection
Cybersecurity researchers are calling attention to a new sophisticated malware called CoffeeLoader that's designed to download and execute secondary payloads. The malware, according to Zscaler ThreatLabz, shares behavioral similarities with another known malware loader known as SmokeLoader. "The...
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7383-1)
"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7383-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Ubuntu 22.04 LTS : Linux kernel (NVIDIA Tegra) vulnerabilities (USN-7389-1)
"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7389-1 advisory. Attila Szsz discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a...
Ubuntu 24.10 : Linux kernel (Low Latency) vulnerabilities (USN-7380-1)
"The remote Ubuntu 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7380-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in th...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7388-1)
"The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7388-1 advisory. Attila Szsz discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker cou...
USN-7387-1 linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...
USN-7387-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...
USN-7383-2 linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Drivers core; - Ublk userspace block driver; -...
USN-7384-1 linux-azure vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 Attila Szász discovered that the HFS+ file system...
USN-7383-1 linux, linux-aws, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oracle, linux-oracle-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Drivers core; - Ublk userspace block driver; -...
USN-7382-1 linux-oem-6.11 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...
UBUNTU-CVE-2023-53009
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add sync after creating vram bo There will be data corruption on vram allocated by svm if the initialization is not complete and application is writting on the memory. Adding sync to wait for the initialization...
USN-7380-1 linux-lowlatency vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...
USN-7379-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-6.11, linux-oracle, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...
CVE-2025-21880
Linux kernel CVE-2025-21880 affects the DRM XE userptr flow (drm/xe/userptr), specifically xe_vm_userptr_pin and EFAULT handling from hmm_range_fault(). The issue arose when EFAULT was treated as non-fatal, which could leave the userptr VMA on the rebind list during preempt_rebind_work_func(), le...
CVE-2025-21880 drm/xe/userptr: fix EFAULT handling
In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix EFAULT handling Currently we treat EFAULT from hmmrangefault as a non-fatal error when called from xevmuserptrpin with the idea that we want to avoid killing the entire vm and chucking an error, under the...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: CVE-2024-44192: Fixed unexpected process crash due to processing maliciously crafted web content bsc1239863 CVE-2024-54467: Fixed data exilfration cross-origin due to a cookie management issue via a malicious website bsc1239864 Other fixes: ...
CVE-2025-0835
Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory...
CVE-2025-0478
Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kerne...
Enabling WPF Rendering for Citrix HDX on Multi-Session VDAs
Overview Windows Presentation Foundation WPF applications can leverage GPU acceleration in Citrix Virtual Apps and Desktops CVAD environments running Windows Multi-session OS. By enabling WPF rendering on the server’s GPU, this reduces CPU load and improves graphics performance for WPF...