MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2022-3011:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3011:01 advisory. QEMU: off-by-one error in modesensepage in hw/scsi/scsi-disk.c CVE-2021-3930 QEMU: net: e1000: infinite loop while processing transmit descriptors...

Microsoft hopes Windows PCs protection with Pluton security chip

By Deeba Ahmed The new Pluton security processor will amplify chip security and prevent hardware flaws like Spectre and Meltdown to steal data from processors. This is a post from HackRead.com Read the original post: Microsoft hopes Windows PCs protection with Pluton security chip...

Meltdown/Spectre: Intel Nixes Patches, Tech CEOs Questioned on Information Blackout

IT departments and tech vendors continued grappling with Spectre and Meltdown this week, as Intel pulled its glitchy patches and the U.S. Congress questioned the vulnerability disclosures' timing and scope. Spectre and Meltdown aren't typical vulnerabilities for a number of reasons, and as a...

Meltdown and Spectre Aren’t Business as Usual

The new year brought a new vulnerability type — the CPU-based Meltdown and Spectre bugs — that’s forcing vendors and IT departments to modify long-standing ways of identifying threats, prioritizing remediation, managing patches and evaluating risk. “Meltdown and Spectre are different...

[SECURITY] [DLA 602-1] gnupg security and hardening update

Package : gnupg Version : 1.4.12-7+deb7u8 CVE ID : CVE-2016-6313 Debian Bug : 834893 CVE-2016-6313 Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPGs random number generator. An attacker who obtains 4640 bits from the...