kernel: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()

A flaw was discovered in the Linux kernel's IPv6 implementation, specifically within the inet6rtmgetaddr function. The issue arises when user space provides a valid IFATARGETNETNSID value but omits the IFAADDRESS and IFALOCAL attributes. In such cases, the function returns an -EINVAL error while...

SUSE CVE-2024-36946

In the Linux kernel, the following vulnerability has been resolved: phonet: fix rtmphonetnotify skb allocation fillroute stores three components in the skb: - struct rtmsg - RTADST u8 - RTAOIF u32 Therefore, rtmphonetnotify should use NLMSGALIGNsizeofstruct rtmsg + nlatotalsize1 + nlatotalsize4...

SUSE CVE-2024-27417

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential "struct net" leak in inet6rtmgetaddr It seems that if userspace provides a correct IFATARGETNETNSID value but no IFAADDRESS and IFALOCAL attributes, inet6rtmgetaddr returns -EINVAL with an elevated "struct net...

UBUNTU-CVE-2024-27417

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential "struct net" leak in inet6rtmgetaddr It seems that if userspace provides a correct IFATARGETNETNSID value but no IFAADDRESS and IFALOCAL attributes, inet6rtmgetaddr returns -EINVAL with an elevated "struct net...

CVE-2021-47213

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Free Decryptor Released for Black Basta and Babuk's Tortilla Ransomware Victims

A decryptor for the Tortilla variant of the Babuk ransomware has been released by Cisco Talos, allowing victims targeted by the malware to regain access to their files. The cybersecurity firm said the threat intelligence it shared with Dutch law enforcement authorities made it possible to arrest...

RTM Locker's First Linux Ransomware Strain Targeting NAS and ESXi Hosts

The threat actors behind RTM Locker have developed a ransomware strain that's capable of targeting Linux machines, marking the group's first foray into the open source operating system. "Its locker ransomware infects Linux, NAS, and ESXi hosts and appears to be inspired by Babuk ransomware's leak...

RTM Locker's First Linux Ransomware Strain Targeting NAS and ESXi Hosts

The threat actors behind RTM Locker have developed a ransomware strain that's capable of targeting Linux machines, marking the group's first foray into the open source operating system. "Its locker ransomware infects Linux, NAS, and ESXi hosts and appears to be inspired by Babuk ransomware's leak...

RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware

Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" RTM Locker that functions as a private ransomware-as-a-service RaaS provider and carries out opportunistic attacks to generate illicit profit. "The 'Read The Manual' Locker gang uses...

Release Information for Veeam Backup & Replication 12 Day 0 Update

Update Applicability This "Day 0" update for Veeam Backup & Replication 12 is strictly intended for servers using the RTM release build 12.0.0.14 02. If Veeam Backup & Replication 12 GA build 12.0.0.14 20 is installed, this update can be ignored as it is not needed. All resolved issues listed in...

Updated glibc packages fix security vulnerability

Updated glibc packages fix security vulnerability: An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to...

Dream Report ODS Remote Connector privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report ODS Remote Connector 20.2.16900.0. A specially-crafted command injection can lead to elevated capabilities. An attacker can provide a malicious file to trigger this vulnerability. Tested Version...

RTM Cybergang Adds New Quoter Ransomware to Crime Spree

The Russian-speaking group behind the infamous RTM banking trojan is now packing a trifecta of threats as it turns up the heat – part of a massive new money-grab campaign. Beyond the banking malware it is known for, attackers have enlisted a recently-discovered ransomware family called Quoter as...

Security Bulletin: Public disclosed vulnerability from Cacti affects IBM Spectrum LSF RTM and IBM Spectrum LSF Suite for HPA

Summary Public disclosed vulnerability from Cacti affects IBM Spectrum LSF RTM and IBM Spectrum LSF Suite for HPA. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM Platform RTM| 10....

Security Bulletin: Public disclosed vulnerability from Cacti affects IBM Spectrum LSF RTM and IBM Spectrum LSF Suite for HPA

Summary Public disclosed vulnerability from Cacti affects IBM Spectrum LSF RTM and IBM Spectrum LSF Suite for HPA. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM Spectrum LSF RTM|...

SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2019:3091-1)

This update for ucode-intel to version fixes the following issues : Updated to 20191115 official security release bsc1157004 and bsc1155988 Includes security fixes for : - CVE-2019-11135: Added feature allowing to disable TSX RTM bsc1139073 - CVE-2019-11139: A CPU microcode only fix for Voltage...

SUSE-SU-2019:3091-1 Security update for ucode-intel

This update for ucode-intel to version fixes the following issues: - Updated to 20191115 official security release bsc1157004 and bsc1155988 - Includes security fixes for: - CVE-2019-11135: Added feature allowing to disable TSX RTM bsc1139073 - CVE-2019-11139: A CPU microcode only fix for Voltage...

SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2986-1)

This update for ucode-intel fixes the following issues : Updated to 20191112 official security release bsc1155988 Includes security fixes for : - CVE-2019-11135: Added feature allowing to disable TSX RTM bsc1139073 - CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues bsc114103...

SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2019:2987-1)

This update for ucode-intel fixes the following issues : Updated to 20191112 official security release bsc1155988 Includes security fixes for : - CVE-2019-11135: Added feature allowing to disable TSX RTM bsc1139073 - CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues bsc114103...

SUSE-SU-2019:2988-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: - Updated to 20191112 official security release bsc1155988 - Includes security fixes for: - CVE-2019-11135: Added feature allowing to disable TSX RTM bsc1139073 - CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues bsc1141...