openSUSE Security Update : the Linux Kernel (openSUSE-2020-1698)

The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2020-12351: Fixed a type confusion while processing AMP packets aka 'BleedingTooth' aka 'BadKarma' bsc1177724. - CVE-2020-24490: Fixed a heap buffer overflow when...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2020:1698-1 Rating: important References: 1065600 1065729 1155798 1165692 1168468 1171675 1171688 1174003 1174098 1175599 1175621 1175718 1175807 1176019 1176381 1176400 1176588 1176907 1176979 1177090...

CVE-2007-4849

JFFS2, as used on One Laptop Per Child OLPC build 542 and possibly other Linux systems, when POSIX ACL support is enabled, does not properly store permissions during 1 inode creation or 2 ACL setting, which might allow local users to access restricted files or directories after a remount of a...

Illiterate Ethiopian kids hack Motorola Xoom

About five months ago, OLPC Project started a little experiment. They chose a village in Ethiopia where the literacy rate was nearly 0% and decided to drop off a bunch of Motorola Xooms there. The One Laptop Per Child project started as a way of delivering technology and resources to schools in...

Apple Snags former Mozilla Security Chief

Apple has hired former Microsoft and Mozilla security specialist Window Snyder to help secure its Mac ecosystem. Snyder, who last worked as Mozilla’s security chief, confirmed she is joining Apple as senior product manager for security. At Mozilla, Snyder introduced the concept of threat modeling...

Apple hires ex-OLPC security architect

Former director of security architecture at One Laptop per Child OLPC Ivan Krstic has joined Apple to help thwart hacker attacks against the Mac operating system. Krstic, a well-respected innovator who designed the Bitfrost security specification for the OLPC initiative, joined Cupertino this wee...

CVE-2007-4849

JFFS2, as used on One Laptop Per Child OLPC build 542 and possibly other Linux systems, when POSIX ACL support is enabled, does not properly store permissions during 1 inode creation or 2 ACL setting, which might allow local users to access restricted files or directories after a remount of a...

Design/Logic Flaw

JFFS2, as used on One Laptop Per Child OLPC build 542 and possibly other Linux systems, when POSIX ACL support is enabled, does not properly store permissions during 1 inode creation or 2 ACL setting, which might allow local users to access restricted files or directories after a remount of a...

CVE-2007-4849

The CVE-2007-4849 entry concerns JFFS2 on OLPC build 542 (and possibly other Linux systems) when POSIX ACL support is enabled. It describes a flaw where permissions may not be stored correctly during inode creation or ACL setting, caused by an inconsistency between dentry permissions and inode pe...

CVE-2007-4849

JFFS2, as used on One Laptop Per Child OLPC build 542 and possibly other Linux systems, when POSIX ACL support is enabled, does not properly store permissions during 1 inode creation or 2 ACL setting, which might allow local users to access restricted files or directories after a remount of a...