Yakir Sitbon, Ariel Klikstein Security Vulnerabilities

linux-gcp vulnerabilities

It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly...

Linux kernel (GCP) vulnerabilities

Releases Ubuntu 16.04 ESM Packages linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems Details It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a...

Unbreakable Enterprise kernel security update

[5.15.0-100.96.32] - crypto: Report fips module name and version for aarch64 (Saeed Mirzamohammadi) [Orabug: 35225251] - uek-rpm: Enable RFC7919 config for aarch64 (Saeed Mirzamohammadi) [Orabug: 35225251] [5.15.0-100.96.31] - uek-rpm: Update linux-firmware dependency (Somasundaram...

linux-azure vulnerabilities

Updated on 2023-04-11: Please note that when USN 5975-1 was originally published, it incorrectly included the linux-gcp kernel for Ubuntu 16.04 ESM. References to that kernel have been removed from this USN and the correct information for it has been published in USN 6007-1. Original advisory...

Linux kernel vulnerabilities

Releases Ubuntu 16.04 ESM Packages linux-azure - Linux kernel for Microsoft Azure Cloud systems Details Updated on 2023-04-11: Please note that when USN 5975-1 was originally published, it incorrectly included the linux-gcp kernel for Ubuntu 16.04 ESM. References to that kernel have been...

linux-azure, linux-azure, linux-azure vulnerabilities

It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly...

Linux kernel (Azure) vulnerabilities

Releases Ubuntu 14.04 ESM Packages linux-azure - Linux kernel for Microsoft Azure Cloud systems Details It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a...

linux-hwe vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4378) It was discovered that an out-of-bounds write vulnerability...

Linux kernel (HWE) vulnerabilities

Releases Ubuntu 16.04 ESM Packages linux-hwe - Linux hardware enablement (HWE) kernel Details Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute...

linux-azure-4.15 vulnerabilities

It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 (V4L2) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20369) Pawan Kumar Gupta, Alyssa...

linux-snapdragon vulnerabilities

It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 (V4L2) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20369) Pawan Kumar Gupta, Alyssa...

Linux kernel (Azure) vulnerabilities

Releases Ubuntu 18.04 ESM Packages linux-azure-4.15 - Linux kernel for Microsoft Azure Cloud systems Details It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 (V4L2) implementation in the Linux kernel. A local attacker could use this to cause a denial...

linux, linux-aws, linux-gcp-4.15, linux-kvm, linux-oracle, linux-raspi2 vulnerabilities

It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 (V4L2) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20369) Pawan Kumar Gupta, Alyssa...

linux-dell300x vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Tamás Koczka discovered that....

Linux kernel (Qualcomm Snapdragon) vulnerabilities

Releases Ubuntu 18.04 ESM Packages linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors Details It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 (V4L2) implementation in the Linux kernel. A local attacker could use this to cause a...

Linux kernel vulnerabilities

Releases Ubuntu 18.04 ESM Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems linux-kvm - Linux kernel for cloud environments linux-oracle - Linux kernel for Oracle Cloud systems...

Linux kernel (Dell300x) vulnerabilities

Releases Ubuntu 18.04 ESM Packages linux-dell300x - Linux kernel for Dell 300x platforms Details It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of...

Researchers Discover Hundreds of Amazon RDS Instances Leaking Users' Personal Data

Hundreds of databases on Amazon Relational Database Service (Amazon RDS) are exposing personal identifiable information (PII), new findings from Mitiga, a cloud incident response company, show. "Leaking PII in this manner provides a potential treasure trove for threat actors – either during the...

Multiple High-Severity Flaws Affect Widely Used OpenLiteSpeed Web Server Software

Multiple high-severity flaws have been uncovered in the open source OpenLiteSpeed Web Server as well as its enterprise variant that could be weaponized to achieve remote code execution. "By chaining and exploiting the vulnerabilities, adversaries could compromise the web server and gain fully...

linux-azure-fde vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4159) It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux.....

linux-intel-iotg vulnerabilities

Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code....

Linux kernel (Azure CVM) vulnerabilities

Releases Ubuntu 20.04 LTS Packages linux-azure-fde - Linux kernel for Microsoft Azure CVM cloud systems Details It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information (kernel...

Linux kernel (Intel IoTG) vulnerabilities

Releases Ubuntu 22.04 LTS Packages linux-intel-iotg - Linux kernel for Intel IoT platforms Details Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker...

linux-ibm vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Selim....

linux-aws-5.4 vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4159) It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux.....

Linux kernel (AWS) vulnerabilities

Releases Ubuntu 18.04 ESM Packages linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems Details It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information (kernel...

Linux kernel (IBM) vulnerabilities

Releases Ubuntu 22.04 LTS Packages linux-ibm - Linux kernel for IBM cloud systems Details It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause...

linux-gcp, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4159) It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux.....

Linux kernel vulnerabilities

Releases Ubuntu 20.04 LTS Ubuntu 18.04 ESM Packages linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems linux-oracle-5.4 - Linux kernel for Oracle Cloud systems linux-raspi - Linux kernel for Raspberry Pi systems linux-raspi-5.4 - Linux kernel for Raspberry Pi systems Details It...

linux, linux-aws, linux-bluefield, linux-gke, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4159) It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux.....

linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-raspi vulnerabilities

Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code....

Linux kernel vulnerabilities

Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-aws-5.15 - Linux kernel for Amazon Web Services (AWS) systems linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-azure-5.15 - Linux...

Linux kernel vulnerabilities

Releases Ubuntu 20.04 LTS Ubuntu 18.04 ESM Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-bluefield - Linux kernel for NVIDIA BlueField platforms linux-gke - Linux kernel for Google Container Engine (GKE) systems linux-gkeop - Linux kernel for...

Vulnerable children's identities used in tax fraud scheme

Fraudster Ariel "Melo" Jimenez has been sentenced to 12 years in prison for leading a "tax fraud and identity theft conspiracy" that resulted in the fraudulent claiming of tax credits, earning him millions of dollars. "Ariel Jimenez was the leader of a long-running fraudulent tax business that...

Intel® Processors Post Invalidation RSB Advisory

Summary: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing prescriptive guidance to address this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-26373 Description: Non-transparent sharing of return predictor targets...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.308.7.el7 uek-rpm: Update OL7/8 Secureboot certificate and shim versions (Sherry Yang) [Orabug: 34248329] [5.4.17-2136.308.6] mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection (Johannes Berg) arm: remove CONFIG_ARCH_HAS_HOLES_MEMORYMODEL (Mike Rapoport) x86/cpu:...

Unbreakable Enterprise kernel security update

[5.4.17-2136.308.7] - uek-rpm: Update OL7/8 Secureboot certificate and shim versions (Sherry Yang) [Orabug: 34248329] [5.4.17-2136.308.6] - mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection (Johannes Berg) - arm: remove CONFIG_ARCH_HAS_HOLES_MEMORYMODEL (Mike Rapoport) -...

Multiple RTOS (Update E)

EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendors: Multiple Equipment: Multiple Vulnerabilities: Integer Overflow or Wraparound CISA is aware of a public report, known as “BadAlloc” that details vulnerabilities found in multiple real-time operating...

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.305.5.3] - bpf: fix out-of-tree module build (Alan Maguire) [Orabug: 33973548] - ACPICA: Enable sleep button on ACPI legacy wake (Anchal Agarwal) [Orabug: 33973543] - Revert 'btrfs: inode: refactor the parameters of insert_reserved_file_extent()' (Srikanth C S) [Orabug:...

Unbreakable Enterprise kernel security update

[5.4.17-2136.305.5.3] - bpf: fix out-of-tree module build (Alan Maguire) [Orabug: 33973548] - ACPICA: Enable sleep button on ACPI legacy wake (Anchal Agarwal) [Orabug: 33973543] - Revert 'btrfs: inode: refactor the parameters of insert_reserved_file_extent()' (Srikanth C S) [Orabug:...

Akamai + Guardicore: End-to-End Zero Trust

Ransomware attacks increased by over 150% in 2020. As criminals find new ways to attack networks and systems, protect work-from-home employees with...

Lazarus Attackers Turn to the IT Supply Chain

Lazarus – a North Korean advanced persistent threat (APT) group – is working on launching cyberespionage-focused attacks on supply chains with its multi-platform MATA framework. The MATA malware framework can target three operating systems: Windows, Linux and macOS. MATA has historically been used....

Microsoft Warns of Cross-Account Takeover Bug in Azure Container Instances

Microsoft on Wednesday said it remediated a vulnerability in its Azure Container Instances (ACI) services that could have been weaponized by a malicious actor "to access other customers' information" in what the researchers described as the "first cross-account container takeover in the public...

Unbreakable Enterprise kernel security update

[5.4.17-2102.204.4.2] - rds/ib: quarantine STALE mr before dereg (Manjunath Patil) [Orabug: 33150447] [5.4.17-2102.204.4.1] - rds/ib: update mr incarnation after forming inv wr (Manjunath Patil) [Orabug: 33177348] - rds/ib: avoid dereg of mr in frwr_clean (Manjunath Patil) [Orabug: 33150427] ...

Unbreakable Enterprise kernel-container security update

[5.4.17-2102.204.4.2] - rds/ib: quarantine STALE mr before dereg (Manjunath Patil) [Orabug: 33150447] - rds/ib: update mr incarnation after forming inv wr (Manjunath Patil) [Orabug: 33177348] - rds/ib: avoid dereg of mr in frwr_clean (Manjunath Patil) [Orabug: 33150427] - arm64: mm: kdump:...

NukeSped Copies Fileless Code From Bundlore, Leaves It Unused

While investigating samples of NukeSped, a remote access trojan (RAT), Trend Micro came across several Bundlore adware samples using the same fileless routine that was spotted in...

Unbreakable Enterprise kernel security update

[5.4.17-2102.202.5] - sctp: delay auto_asconf init until binding the first addr (Xin Long) [Orabug: 32907967] {CVE-2021-23133} {CVE-2021-23133} - dm ioctl: fix out of bounds array access when no devices (Mikulas Patocka) [Orabug: 32860491] {CVE-2021-31916} - uek-rpm: update kABI lists for the...

Unbreakable Enterprise kernel-container security update

[5.4.17-2102.202.5] - sctp: delay auto_asconf init until binding the first addr (Xin Long) [Orabug: 32907967] {CVE-2021-23133} - dm ioctl: fix out of bounds array access when no devices (Mikulas Patocka) [Orabug: 32860491] {CVE-2021-31916} - uek-rpm: update kABI lists for the new symbols...

HackerOne: HackerOne making payments in USDC (Coinbase stable coin)

Summary: Hello Everyone, My name is Ariel and I’m a manager in HackerOne’s community team. As a part of a Hack Week project, HackerOne is now supporting payments via USDC, Coinbase’s stable coin. This has been a feature requested by many hackers, that we are now glad to announce as supported. More....

Windows Container Malware Targets Kubernetes

Windows containers have been victimized for over a year by the first known malware to target Windows containers. The ongoing campaign pierces Kubernetes clusters so as to plant backdoors, allowing attackers to steal data and user credentials, or even hijack an entire databases hosted in a cluster.....