Flaw in Popular Transmission BitTorrent Client Lets Hackers Control Your PC Remotely

A critical vulnerability has been discovered in the widely used Transmission BitTorrent app that could allow hackers to remotely execute malicious code on BitTorrent users' computers and take control of them. The vulnerability has been uncovered by Google's Project Zero vulnerability reporting...

FreeBSD : transmission-daemon -- vulnerable to dns rebinding attacks (3e5b8bd3-0c32-452f-a60e-beab7b762351)

Google Project Zero reports : The transmission bittorrent client uses a client/server architecture, the user interface is the client which communicates to the worker daemon using JSON RPC requests. As with all HTTP RPC schemes like this, any website can send requests to the daemon listening on...

Oracle Linux 7 : qemu-kvm (ELSA-2018-0023)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-0023 advisory. - Fix CVE-2017-5715 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

RHEL 7 : Virtualization (RHSA-2018:0048) (Spectre)

An update for vdsm is now available for RHEV 3.X Hypervisor and Agents for Red Hat Enterprise Linux 7 ELS. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 6 / 7 : rhev-hypervisor7 (RHSA-2018:0046) (Meltdown) (Spectre)

An update for rhev-hypervisor7 is now available for RHEV 3.X Hypervisor and Agents for Red Hat Enterprise Linux 6 and RHEV 3.X Hypervisor and Agents for Red Hat Enterprise Linux 7 ELS. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

Meltdown and Spectre

Cisco Talos is aware of three new vulnerabilities impacting Intel, AMD, Qualcomm and ARM processors used by almost all computers. We are investigating these issues and although we have not observed exploitation of these vulnerabilities in the wild, that does not mean that it has not occurred. We...

RHEL 7 : linux-firmware (RHSA-2018:0053) (Spectre)

An update for linux-firmware is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a securi...

(RHSA-2018:0060) Important: qemu-kvm-rhev security update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fixes: An industry-wide issue was...

(RHSA-2018:0058) Important: qemu-kvm-rhev security update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fixes: An industry-wide issue was...

(RHSA-2018:0057) Important: qemu-kvm-rhev security update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fixes: An industry-wide issue was...

(RHSA-2018:0055) Important: qemu-kvm-rhev security and bug fix update

KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fixes: An industry-wide issue was...

(RHSA-2018:0054) Important: qemu-kvm-rhev security and bug fix update

KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fixes: An industry-wide issue was...

(RHSA-2018:0053) Important: linux-firmware security update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance...

(RHSA-2018:0051) Important: rhevm-setup-plugins security, bug fix, and enhancement update

The rhevm-setup-plugins package adds functionality exclusive only to Red Hat Virtualization Manager, and is not available for the upstream ovirt-engine. It includes the configuration of the Red Hat Support plugin, copying downstream-only artifacts to the ISO domain, and links to the knowledgebase...

(RHSA-2018:0050) Important: vdsm security update

The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host's storage, memory and networks as well as virtual machine creation, other host administration tasks, statistics gathering, and log collection. Security Fixes: An industry-wide...

(RHSA-2018:0049) Important: ovirt-guest-agent-docker security and bug fix update

The ovirt-guest-agent-docker package provides the guest agent for Red Hat Linux Atomic Host virtual machines. The guest agent allows the Red Hat Virtualization Manager to receive internal guest events and retrieve information such as the IP address and the list of installed applications from the...

(RHSA-2018:0047) Important: redhat-virtualization-host security update

The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts RHVH are installed using a special build of Red Hat Enterprise Linux with only the packages required to host...

(RHSA-2018:0046) Important: rhev-hypervisor7 security update

The rhev-hypervisor7 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine KVM hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Re...

(RHSA-2018:0045) Important: rhvm-appliance security update

The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Security Fixes: An industry-wide issue was found in the way many modern microprocessor designs have...

(RHSA-2018:0044) Important: redhat-virtualization-host security update

The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts RHVH are installed using a special build of Red Hat Enterprise Linux with only the packages required to host...