CVE-2024-6126

Consolidated details show CVE-2024-6126 affects the cockpit package across multiple Linux distributions. The issue arises when pam_env's user_readenv option is enabled, allowing an authenticated user to terminate any process, causing a DoS. Public advisories reference fixes in cockpit updates (e....

CVE-2024-6126

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pamenv's userreadenv option, which leads to a denial of service DoS attack...

CVE-2024-6126

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pamenv's userreadenv option, which leads to a denial of service DoS attack. Mitigation Disable pamenv's userreadenv option in PAM config...

SUSE CVE-2022-48760

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix hang in usbkillurb by adding memory barriers The syzbot fuzzer has identified a bug in which processes hang waiting for usbkillurb to return. It turns out the issue is not unlinking the URB; that works just fine...

Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC

Summary An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. Details The OpenTelemetry Collector handles compressed HTTP requests by recognizing the Content-Encoding header, rewriting the HTTP request body, and allowing...

Reaper - Proof Of Concept On BYOVD Attack

Reaper is a proof-of-concept designed to exploit BYOVD Bring Your Own Vulnerable Driver driver vulnerability. This malicious technique involves inserting a legitimate, vulnerable driver into a target system, which allows attackers to exploit the driver to perform malicious actions. Reaper was...

Oracle Linux 8 : openssh (ELSA-2024-3166)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3166 advisory. - Providing a kill switch for scp to deal with CVE-2020-15778 Resolves: RHEL-22870 Tenable has extracted the preceding description block directly from the Oracl...

SUSE CVE-2023-52704

In the Linux kernel, the following vulnerability has been resolved: freezer,umh: Fix callusermodehelperexec vs SIGKILL Tetsuo-San noted that commit f5d39b020809 "freezer,sched: Rewrite core freezer logic" broke callusermodehelperexec for the KILLABLE case. Specifically it was missed that the...

openssh security update

8.0p1-24.0.1 - Update upstream references Orabug: 36587718 8.0p1-24 - Providing a kill switch for scp to deal with CVE-2020-15778 Resolves: RHEL-22870 8.0p1-23 - Fix Terrapin attack Resolves: RHEL-19308 8.0p1-22 - Fix Terrapin attack Resolves: RHEL-19308 - Forbid shell metasymbols in...

DEBIAN-CVE-2023-52704

In the Linux kernel, the following vulnerability has been resolved: freezer,umh: Fix callusermodehelperexec vs SIGKILL Tetsuo-San noted that commit f5d39b020809 "freezer,sched: Rewrite core freezer logic" broke callusermodehelperexec for the KILLABLE case. Specifically it was missed that the...

UBUNTU-CVE-2023-52704

In the Linux kernel, the following vulnerability has been resolved: freezer,umh: Fix callusermodehelperexec vs SIGKILL Tetsuo-San noted that commit f5d39b020809 "freezer,sched: Rewrite core freezer logic" broke callusermodehelperexec for the KILLABLE case. Specifically it was missed that the...

SUSE CVE-2024-36009

In the Linux kernel, the following vulnerability has been resolved: ax25: Fix netdev refcount issue The devtracker is added to ax25cb in ax25bind. When the ax25 device is detaching, the devtracker of ax25cb should be deallocated in ax25killbydevice instead of the devtracker of ax25dev. The log...

RHEL 8 / 9 : OpenShift Container Platform 4.14.4 (RHSA-2023:7473)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7473 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

New details on TinyTurla’s post-compromise activity reveal full kill chain

Cisco Talos is providing an update on its two recent reports on a new and ongoing campaign where Turla, a Russian espionage group, deployed their TinyTurla-NG TTNG implant. We now have new information on the entire kill chain this actor uses, including the tactics, techniques and procedures TTPs...

UBUNTU-CVE-2021-47119

In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4fillsuper Buffer head references must be released before calling killbdev; otherwise the buffer head and its page referenced by bdata will not be freed by killbdev, and subsequently that bh will be...

CVE-2021-47128

In the Linux kernel, the following vulnerability has been resolved: bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks Commit 59438b46471a "security,lockdown,selinux: implement SELinux lockdown" added an implementation of the lockeddown LSM hook to SELinux, with the aim to restric...

PT-2024-29764

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue in the Linux kernel has been resolved by handling SIGKILL by flushing work and exiting. This is achieved by marking the worker as killed, setting the virtqueue to worker mappin...

CVE-2023-52572 cifs: Fix UAF in cifs_demultiplex_thread()

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifsdemultiplexthread There is a UAF when xfstests on cifs: BUG: KASAN: use-after-free in smb2isnetworknamedeleted+0x27/0x160 Read of size 4 at addr ffff88810103fc08 by task cifsd/923 CPU: 1 PID: 923 Comm: cifsd...

DEBIAN-CVE-2023-52475

In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermateconfigcomplete syzbot has found a use-after-free bug 1 in the powermate driver. This happens when the device is disconnected, which leads to a memory free from the powermatedevice...

UBUNTU-CVE-2023-52475

In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermateconfigcomplete syzbot has found a use-after-free bug 1 in the powermate driver. This happens when the device is disconnected, which leads to a memory free from the powermatedevice...