perf: Revert to requiring CAP_SYS_ADMIN for uprobes

...

AMD uProf Connection Point Vulnerability

AMD uProf is a suite of performance analysis tools from AMD for analyzing the performance of x86 architecture applications on Windows, Linux and FreeBSD systems. AMD uProf suffers from a connection point vulnerability that can be exploited by attackers to cause arbitrary file deletion or disclosu...

bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog

...

iperf3: possible denial of service

A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a crash caused by stopping a filter in single-scope mode in the perf/x86/intel/pt module...

Database Integrity Vulnerabilities in Boeing’s Onboard Performance Tool

This post is released in a co-ordinated manner with Boeing. TL;DR: Security gaps in older, unprotected Windows desktop versions of Boeing’s Onboard Performance Tool OPT could make certain Electronic Flight Bags EFB more susceptible to attack. In particular, OPT’s use of plain text configuration...

Open STA Manager Arbitrary File Download Vulnerability

Open STA Manager is a free, open source web performance testing tool. An arbitrary file download vulnerability exists in Open STA Manager version 2.3, which can be exploited by an attacker to download arbitrary files...