CVE-2022-50820

In the Linux kernel, the following vulnerability has been resolved: perf/armdmc620: Fix hotplug callback leak in dmc620pmuinit dmc620pmuinit won't remove the callback added by cpuhpsetupstatemulti when platformdriverregister failed. Remove the callback by cpuhpremovemultistate in fail path. Simil...

CVE-2022-50820

In the Linux kernel, the following vulnerability has been resolved: perf/armdmc620: Fix hotplug callback leak in dmc620pmuinit dmc620pmuinit won't remove the callback added by cpuhpsetupstatemulti when platformdriverregister failed. Remove the callback by cpuhpremovemultistate in fail path. Simil...

SUSE CVE-2022-50632

In the Linux kernel, the following vulnerability has been resolved: drivers: perf: marvellcn10k: Fix hotplug callback leak in tadpmuinit tadpmuinit won't remove the callback added by cpuhpsetupstatemulti when platformdriverregister failed. Remove the callback by cpuhpremovemultistate in fail path...

DEBIAN-CVE-2022-50632

In the Linux kernel, the following vulnerability has been resolved: drivers: perf: marvellcn10k: Fix hotplug callback leak in tadpmuinit tadpmuinit won't remove the callback added by cpuhpsetupstatemulti when platformdriverregister failed. Remove the callback by cpuhpremovemultistate in fail path...

PT-2025-49612

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to hotplug callback handling within the marvell cn10k driver. Specifically, the tad pmu init function does not remove a callback added by cpuhp...

CVE-2022-50510

CVE-2022-50510 affects the Linux kernel’s perf/smmuv3 component. The issue is a hotplug callback leak in arm_smmu_pmu_init(): when platform_driver_register() fails, the callback added by cpuhp_setup_state_multi() is not removed, potentially leaking a hotplug callback. The fix removes the callback...

DEBIAN-CVE-2022-50319

In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: remove cpuhp instance node before remove cpuhp state cpuhpstateaddinstance and cpuhpstateremoveinstance should be used in pairs. Or there will lead to the warn on cpuhpremovemultistate since the cpuhpstep list is...

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control ADC and Gateway appliances to obtain initial access to target environments. The joint advisory comes from the U.S...

CISA and Partners Update the #StopRansomware Guide, Developed through the Joint Ransomware Task Force (JRTF)

Today, CISA, the Federal Bureau of Investigation FBI, the National Security Agency NSA, and the Multi-State Information Sharing and Analysis Center MS-ISAC published an updated version of the StopRansomware Guide, as ransomware actors have accelerated their tactics and techniques since its initia...

Compromise of U.S. Water Treatment Facility

Summary On February 5, 2021, unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition SCADA system at a U.S. drinking water treatment facility. The unidentified actors used the SCADA system’s software to increase the amount of sodium hydroxide, also...

CIS Releases Newsletter on Cleaning Up Data and Devices

The Center for Internet Security CIS July Newsletter reminds users to properly dispose of old or unused data and devices. Without careful management of online accounts, cloud storage, physical storage, and electronic devices, users could inadvertently disclose sensitive information that can be...

Oracle Releases Security Alert

Oracle has released a security alert to address a vulnerability in multiple versions of Oracle Database. A remote attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and administrators to review the Oracle Security Alert and the Multi-State...

Florida Man Arrested in SIM Swap Conspiracy

Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims. On July 18, 2018, Pasco County...

CIS Releases 2017 Year in Review

The Center for Internet Security CIS has released its 2017 Year in Review. CIS is home to the Multi-State Information Sharing and Analysis Center MS-ISAC, an NCCIC partner focused on cyber threat prevention, protection, response, and recovery for U.S. state, local, tribal, and territorial...

Nine strokes breakthrough IDS-vulnerability warning-the black bar safety net

Intrusion detectionsystem, The English abbreviation for the IDS, as the name implies, it is used in real time to detect attacks and report the attack. If the firewall than for guarding the network the door the doorman, then theintrusion detectionsystem IDS is proactively looking for criminals in...