CVE-2024-42321

In the Linux kernel, the following vulnerability has been resolved: net: flowdissector: use DEBUGNETWARNONONCE The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit: d1dab4f71d37 "net: add and use skbgethashsymmetricnet" bu...

CVE-2024-26675

CVE-2024-26675 (Linux kernel) affects the ppp_async path. The issue arises from MRU (Maximum Receive Unit) limits not being enforced for PPP async messages, which can trigger a warning in __alloc_pages via a memory/page allocation path when handling large skb allocations during PPP input. The des...

CVE-2024-26675

In the Linux kernel, the following vulnerability has been resolved: pppasync: limit MRU to 64K syzbot triggered a warning 1 in allocpages: WARNONONCEGFPorder MAXPAGEORDER, gfp Willem fixed a similar issue in commit c0a2a1b0d631 "ppp: limit MRU to 64K" Adopt the same sanity check for...

willem-de-kooning.com Cross Site Scripting vulnerability OBB-3435520

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

DNS Reverse Lookup Shellshock Exploit

DNS reverse lookups can be used as a vector of attack for the bash shellshock vulnerability. DNS Reverse Lookup as a vector for the Bash vulnerability CVE-2014-6271 et.al. CVE-2014-3671 references: CVE-2014-6271, CVE-2014-7169, CVE-2014-6277, CVE-2014-6278 CVE-2014-7186 and, CVE-2014-7187 Summary...

DNS Reverse Lookup Shellshock

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Advisory DNS Reverse Lookup as a vector for the Bash vulnerability CVE-2014-6271 et.al. CVE-2014-3671 references: CVE-2014-6271, CVE-2014-7169, CVE-2014-6277, CVE-2014-6278 CVE-2014-7186 and, CVE-2014-7187 Summary: Above CVEs detail a number ...

CVE-2011-1416

The Research In Motion RIM BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011...

CVE-2011-1416

The Research In Motion RIM BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011...

Stable and Beta Channel Updates

The Chrome Stable and Beta channels have been updated to 10.0.648.133 for Windows, Mac, Linux and Chrome Frame. This release fixes the following security issue: Security fixes and rewards: Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private unt...