Assorted[chips] Security Vulnerabilities

Supermicro's BMC Firmware Found Vulnerable to Multiple Critical Vulnerabilities

Multiple security vulnerabilities have been disclosed in the Intelligent Platform Management Interface (IPMI) firmware for Supermicro baseboard management controllers (BMCs) that could result in privilege escalation and execution of malicious code on affected systems. The seven flaws, tracked from....

Exploit for Use After Free in Linux Linux Kernel

Detection-and-Mitigation-for-CVE-2022-1679 The ath9k is a...

IoT Secure Development Guide

Introduction This guide deals with threat modelling and early stages of development so that security issues and controls are identified before committing to manufacturing. Current attack methods, and the pitfalls we find in embedded designs, have been highlighted so that a finished product is as...

Parmesan Anti-Forgery Protection

The Guardian is reporting about microchips in wheels of Parmesan cheese as an anti-forgery...

Security News This Week: US Energy Firm Targeted With Malicious QR Codes in Mass Phishing Attack

New research reveals the strategies hackers use to hide their malware distribution system, and companies are rushing to release mitigations for the “Downfall” processor vulnerability on Intel...

New ‘Downfall’ Flaw Exposes Valuable Data in Generations of Intel Chips

The vulnerability could allow attackers to take advantage of an information leak to steal sensitive details like private messages, passwords, and encryption...

Recapping the top stories from Black Hat and DEF CON

Welcome to this week's edition of the Threat Source newsletter. I had a significant amount of FOMO last week seeing everyone out in Vegas. (I was happy to not get conference crud sickness, but it seems like I missed a great time otherwise.) But, as anyone who works with me could guess, I was...

The Threat Lurking in Data Centers – Hack Power Management Systems, Take All the Power

The Threat Lurking in Data Centers – Hack Power Management Systems, Take All the Power By Trellix · August 12, 2023 This story was also written by Jesse Chick, Philippe Laulheret and Sam Quinn. Summary In a modern working environment where many employees are working from home or in hybrid office...

The Threat Lurking in Data Centers – Hack Power Management Systems, Take All the Power

The Threat Lurking in Data Centers – Hack Power Management Systems, Take All the Power By Trellix · August 12, 2023 This story was also written by Jesse Chick, Philippe Laulheret and Sam Quinn. Summary In a modern working environment where many employees are working from home or in hybrid office...

CentOS Update for kernel CESA-2014:1143 centos5

The remote host is missing an update for...

SuSE Update for kernel SUSE-SA:2011:017

The remote host is missing an update for...

CentOS Update for glx-utils CESA-2013:0898 centos5

The remote host is missing an update for...

CentOS Update for glx-utils CESA-2013:0897 centos6

The remote host is missing an update for...

Google Releases Android Patch Update for 3 Actively Exploited Vulnerabilities

Google has released its monthly security updates for the Android operating system, addressing 46 new software vulnerabilities. Among these, three vulnerabilities have been identified as actively exploited in targeted attacks. One of the vulnerabilities tracked as CVE-2023-26083 is a memory leak...

linux-2.6 - several issues

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3875 Vasiliy Kulikov discovered an issue in the Linux implementation of the ...

linux-2.6 - several issues

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-2524 David Howells reported an issue in the Common Internet.....

The US Navy, NATO, and NASA Are Using a Shady Chinese Company’s Encryption Chips

The US government warns encryption chipmaker Hualan has suspicious ties to China’s military. Yet US agencies still use one of its subsidiary’s chips, raising fears of a...

A bowl full of security problems: Examining the vulnerabilities of smart pet feeders

Introduction In today's interconnected world, more and more devices are being connected to the internet, including everyday household items like pet feeders that are becoming smart by virtue of this simple fact. However, as these devices become more sophisticated, they also become more vulnerable.....

Activities in the Cybercrime Underground Require a New Approach to Cybersecurity

As Threat Actors Continuously Adapt their TTPs in Today's Threat Landscape, So Must You Earlier this year, threat researchers at Cybersixgill released the annual report, The State of the Cybercrime Underground. The research stems from an analysis of Cybersixgill's collected intelligence items...

Unbreakable Enterprise kernel security update

[5.15.0-102.110.5] - RISC-V: Fix up a cherry-pick warning in setup_vm_final() (Alexandre Ghiti) - Revert 'Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work' (Liu Jian) - riscv: mm: remove redundant parameter of create_fdt_early_page_table (Song Shuai) - kernfs:...

Unbreakable Enterprise kernel security update

[5.4.17-2136.320.7] - selftests: fib_tests: mute cleanup error message (Po-Hsu Lin) - KVM: arm64: PMU: Align chained counter implementation with architecture pseudocode (Marc Zyngier) [Orabug: 35449815] - KVM: arm64: Filter out v8.1+ events on v8.0 HW (Marc Zyngier) [Orabug: 35449815] - KVM:...

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.320.7.el8] - selftests: fib_tests: mute cleanup error message (Po-Hsu Lin) - KVM: arm64: PMU: Align chained counter implementation with architecture pseudocode (Marc Zyngier) [Orabug: 35449815] - KVM: arm64: Filter out v8.1+ events on v8.0 HW (Marc Zyngier) [Orabug: 35449815] -...

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.320.7.el7] - selftests: fib_tests: mute cleanup error message (Po-Hsu Lin) - KVM: arm64: PMU: Align chained counter implementation with architecture pseudocode (Marc Zyngier) [Orabug: 35449815] - KVM: arm64: Filter out v8.1+ events on v8.0 HW (Marc Zyngier) [Orabug: 35449815] -...

New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force

Researchers have discovered an inexpensive attack technique that could be leveraged to brute-force fingerprints on smartphones to bypass user authentication and seize control of the devices. The approach, dubbed BrutePrint, bypasses limits put in place to counter failed biometric authentication...

Fedora 14 : kernel-2.6.35.6-48.fc14 (2010-16826)

Fix several important security issues. Also fixes suspend on some systems with TPM chips, enables additional Ricoh SDHC adapters, and fixes a problem with the error message printed when an Intel IOMMU gets disabled. Note that Tenable Network Security has extracted the preceding description block...

Intel Let Google Cloud Hack Its New Secure Chips and Found 10 Bugs

To protect its Confidential Computing cloud infrastructure and gain critical insights, Google leans on its relationships with...

The Bug Report - March 2023 Edition

The Bug Report – March 2023 Edition By Trellix · April 05, 2023 This story was also written by Kasimir Schulz. It really is bussin, though. Why am I here? Welcome back to the Bug Report, Ides of March edition! Last month was highlighted by glimpses into the past, with a historic attack...

The Bug Report - March 2023 Edition

The Bug Report – March 2023 Edition By Trellix · April 05, 2023 This story was also written by Kasimir Schulz. It really is bussin, though. Why am I here? Welcome back to the Bug Report, Ides of March edition! Last month was highlighted by glimpses into the past, with a historic attack...

ChatGPT happy to write ransomware, just really bad at it

This morning I decided to write some ransomware. I've never done it before, and I can't code in C, the language ransomware is mostly commonly written in, but I have a reasonably good idea of what ransomware does. Previously, this lack of technical skills would have served as something of a barrier....

Threat Source newsletter (March 23, 2023) — Meta is threatening to ban news sharing in Canada. Good.

Welcome to this week's edition of the Threat Source newsletter. After asking ChatGPT to write the newsletter for me two weeks ago, I was tempted to have Google's Bard do the same, but I resisted making this the newsletter's new gimmick. Instead, I wanted to write about another tech giant -- Meta......

Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips

Google is calling attention to a set of severe security flaws in Samsung's Exynos chips, some of which could be exploited remotely to completely compromise a phone without requiring any user interaction. The 18 zero-day vulnerabilities affect a wide range of Android smartphones from Samsung, Vivo,....

Unbreakable Enterprise kernel security update

[5.4.17-2136.317.5.3] - udf: Fix file corruption when appending just after end of preallocated extent (Jan Kara) [Orabug: 35192150] - selftests/ftrace: Fix bash specific '==' operator (Masami Hiramatsu (Google)) [Orabug: 35192150] - net: Fix unwanted sign extension in netdev_stats_to_stats64()...

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.317.5.3] - udf: Fix file corruption when appending just after end of preallocated extent (Jan Kara) [Orabug: 35192150] - selftests/ftrace: Fix bash specific '==' operator (Masami Hiramatsu (Google)) [Orabug: 35192150] - net: Fix unwanted sign extension in netdev_stats_to_stats64()...

Highlights from the New U.S. Cybersecurity Strategy

The Biden administration today issued its vision for beefing up the nation's collective cybersecurity posture, including calls for legislation establishing liability for software products and services that are sold with little regard for security. The White House's new national cybersecurity...

K02326457 : Multiple AMD processor vulnerabilities

Security Advisory Description CVE-2018-8930 The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3. CVE-2018-8931 The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips...

K60570139 : Rowhammer hardware vulnerability CVE-2020-10255

Security Advisory Description Modern DRAM chips (DDR4 and LPDDR4 after 2015) are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh (TRR), aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create...

K23440942 : Insufficient validation of ICMP error messages CVE-2004-0790 (11.x - 13.x)

Security Advisory Description The vulnerability described in this article was initially fixed in earlier versions, but a regression was reintroduced in BIG-IP 12.x through 13.x. For information about earlier versions, refer to K4583: Insufficient validation of ICMP error messages - VU#222750 /...

Chip company loses $250m after ransomware hits supply chain

Applied Materials, one of the world's leading suppliers of equipment, services, and software for the manufacture of semiconductors, has warned that its second-quarter sales are likely to be hurt to the tune of $250 million due to a cybersecurity attack at one of its suppliers. MKS Instruments Inc.....

Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices

A set of 38 security vulnerabilities has been uncovered in wireless industrial internet of things (IIoT) devices from four different vendors that could pose a significant attack surface for threat actors looking to exploit operational technology (OT) environments. "Threat actors can exploit...

gratis-chips-gewinnen.de Cross Site Scripting vulnerability OBB-3033879

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Multiple MediaTek chips ims elevation of privilege vulnerabilities

MediaTek chips are a variety of chips from MediaTek, a China-based MediaTek company. Several MediaTek chips ims have an elevation of privilege vulnerability, which stems from a mismatch in the package format and can be exploited by attackers for elevation of...

Moderate: userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides hardware-accelerated.....

Multiple MediaTek chip telephony privilege elevation vulnerabilities

MediaTek chips are a variety of chips from MediaTek, a China-based MediaTek company. Several MediaTek chips telephony has elevation of privilege vulnerability, the vulnerability originated from the package format mismatch, attackers can use the vulnerability for elevation of...

Allwinner 3.4 Legacy Kernel Local Privilege Escalation

This module attempts to exploit a debug backdoor privilege escalation in Allwinner SoC based devices. Vulnerable Allwinner SoC chips: H3, A83T or H8 which rely on Kernel 3.4. Vulnerable OS: all OS images available for Orange Pis, any for FriendlyARM's NanoPi M1, SinoVoip's M2+ and M3, Cuebietech's....

State Sponsored Attacks in 2023 and Beyond

As we begin 2023 I wanted to take some time and look at the state sponsored threat landscape. Over the last few decades we've seen seismic shifts in how state sponsored actors attack, starting with traditional espionage with attacks like Moonlight Maze and Project Gunman and evolving into more...

Code injection

Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator (PRNG) is used in situations where a Hardware Random Number Generator (HRNG) should have been used to prevent spoofing. This affects, for example, Samsung Galaxy S8, S8+, and Note8....

CVE-2020-6616

Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator (PRNG) is used in situations where a Hardware Random Number Generator (HRNG) should have been used to prevent spoofing. This affects, for example, Samsung Galaxy S8, S8+, and Note8....

CVE-2020-6616

Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator (PRNG) is used in situations where a Hardware Random Number Generator (HRNG) should have been used to prevent spoofing. This affects, for example, Samsung Galaxy S8, S8+, and Note8....

Unbreakable Enterprise kernel-container security update

[4.14.35-2047.521.4.el7] - tcp: Tunables for TCP delayed ack (min and max) timers (Venkat Venkatsubra) [Orabug: 34883100] [4.14.35-2047.521.3.el7] - Revert 'random: use expired timer rather than wq for mixing fast pool' (Saeed Mirzamohammadi) [Orabug: 34918228] [4.14.35-2047.521.2.el7] -...

Unbreakable Enterprise kernel security update

[4.14.35-2047.521.4] - tcp: Tunables for TCP delayed ack (min and max) timers (Venkat Venkatsubra) [Orabug: 34883100] [4.14.35-2047.521.3] - Revert 'random: use expired timer rather than wq for mixing fast pool' (Saeed Mirzamohammadi) [Orabug: 34918228] [4.14.35-2047.521.2] - RDS/IB: Fix the...