mdadm bug fix update

An update is available for mdadm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The mdadm packages contain a utility for creating, managing, and monitoring Lin...

New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking

Details have emerged about a vulnerability impacting the "wall" command of the util-linux package that could be potentially exploited by a bad actor to leak a user's password or alter the clipboard on certain Linux distributions. The bug, tracked as CVE-2024-28085, has been codenamed WallEscape b...

SUSE CVE-2022-47022

An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 108 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 108.0.5359.71 Mac/linux and 108.0.5359.71/72 Windows contains a number of fixes and improvements -- a list of changes is...

Low: Red Hat Bug Fix Advisory: samba bug fix and enhancement update

An update for samba is now available for Red Hat Enterprise Linux 8. For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section...

Moderate: Red Hat Bug Fix Advisory: microcode_ctl bug fix and enhancement update

An update for microcodectl is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. The microcodectl packages provide microcode updates for Intel and AMD processors. Bug Fixes and Enhancements: rhel-7.7.z HPEMC 7.9 REGRESSION Microcodectl microcodectl BZ1907920...

Moderate: Red Hat Enhancement Advisory: libpq bug fix and enhancement update

An update for libpq is now available for Red Hat Enterprise Linux 8. For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section...

samba:fuzz_ndr_spoolss_TYPE_STRUCT: Heap-buffer-overflow in ndr_string_length

Project: https://gitlab.com/samba-team/samba.git Detailed Report: https://oss-fuzz.com/testcase?key=6250151639515136 Project: samba Fuzzing Engine: libFuzzer Fuzz Target: fuzzndrspoolssTYPESTRUCT Job Type: libfuzzerasansamba Platform Id: linux Crash Type: Heap-buffer-overflow READ 2 Crash Address...

Four-Year-Old Critical Linux Wi-Fi Bug Allows System Compromise

A critical Linux bug has been discovered that could allow attackers to fully compromise vulnerable machines. A fix has been proposed but has not yet been incorporated into the Linux kernel. The flaw CVE-2019-17666, which was classified as critical in severity, exists in the “rtlwifi” driver, whic...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Moderate: Red Hat Bug Fix Advisory: cloud-init bug fix and enhancement update

An update for cloud-init is now available for Red Hat Enterprise Linux 8. The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Users o...

envoy/h1_capture_fuzz_test: NULL

Project: https://github.com/envoyproxy/envoy.git Detailed report: https://oss-fuzz.com/testcase?key=6306973401219072 Project: envoy Fuzzer: libFuzzerenvoyh1capturefuzztest Fuzz target binary: h1capturefuzztest Job Type: libfuzzerubsanenvoy Platform Id: linux Crash Type: UNKNOWN READ Crash Address...

Quantum storage devices may have a known Linux bug

Challenge To identify if a known linux bug is the cause for errors on a backup repository. Cause You will see a job fail with "unable to mkdir /var/log/sudo-io : File exists", this is caused by a bug in some versions of the sudo application. Solution Some quantum storage device's operating system...

Low: Red Hat Bug Fix Advisory: libtirpc bug fix update

An update for libtirpc is now available for Red Hat Enterprise Linux 7. The libtirpc packages contain SunLib's implementation of transport-independent remote procedure call TI-RPC documentation, which includes a library required by programs in the nfs-utils and rpcbind packages. For detailed...

On Backdoors in Sony's IP Cameras, a Linux Bug, and More

Mike Mimoso and Chris Brook discuss the news of the week, including the latest Linux bug, Sony closing backdoors in cameras, and Google’s new open source fuzzer. Show notes: Sony Closes Backdoors in IP-Enabled Cameras Old Linux Kernel Code Execution Bug Patched Google Debuts Continuous Fuzzer for...

On the Dangers of Skyping and Typing, Fingerprint Warrants, and More

Mike Mimoso and Chris Brook briefly talk about the Dyn DDoS attack and the Linux bug Dirty Cow before discussing the dangers of Skyping and typing, the fingerprint warrant story, hiding credit card numbers in images, and more. Show notes: Dyn Confirms DDoS Attack Affecting Twitter, Github, Many...

Moderate: Red Hat Bug Fix Advisory: systemd bug fix and enhancement update

Updated systemd packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 7. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelization...

Low: Red Hat Bug Fix Advisory: openldap bug fix and enhancement update

Updated openldap packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 6. OpenLDAP is an open-source suite of Lightweight Directory Access Protocol LDAP applications and development tools. LDAP is a set of protocols used to access and maintain...

Moderate: Red Hat Bug Fix Advisory: cups bug fix and enhancement update

Updated cups packages that fix several bugs and add one enhancement are now available for Red Hat Enterprise Linux 7. CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. This update fixes the following bugs: When using the cupsEnumDests API call, the libcups...

CenterIM <= 4.22.3 Remote Command Execution Vulnerability

Exploit for linux platform in category remote exploits ========================================================= CenterIM = 4.22.3 Remote Command Execution Vulnerability ========================================================= Application: CenterIM http://www.centerim.org/index.php/MainPage...