[월:] 2019년 02월

No Image

USN-3878-3: Linux kernel regression

2019-02-09 KENNETH 0

USN-3878-3: Linux kernel regression linux, linux-hwe regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Ubuntu 18.04 LTS Summary USN-3878-1 introduced a regression in the Linux kernel. Software Description linux – Linux kernel linux-hwe – Linux hardware enablement (HWE) kernel Details USN-3878-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that could prevent systems with certain graphics chipsets from booting. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information (host machine kernel memory). (CVE-2018-14625) Cfir Cohen discovered that a use-after-free vulnerability existed in the KVM implementation of [ more… ]

No Image

Announcing Windows 10 Insider Preview Build 18334

2019-02-09 KENNETH 0

Announcing Windows 10 Insider Preview Build 18334 Hello Windows Insiders, today we are releasing Windows 10 Insider Preview Build 18334 (19H1) to Windows Insiders in the Fast ring. REMINDER: As is normal with builds early in the development cycle, builds may contain bugs that might be painful for some. If this makes you uncomfortable, you may want to consider switching to the Slow ring. Slow ring builds will continue to be higher quality. If you are looking for a complete look at what build is in which Insider ring – head on over to Flight Hub. You can also check out the rest of our documentation here including a complete list of new features and updates that have gone out as part of Insider flights for the current development cycle (which currently is 19H1). What’s new in Build 18334 Gaming [ more… ]

No Image

WordPress 5.1 Release Candidate

2019-02-08 KENNETH 0

WordPress 5.1 Release Candidate The first release candidate for WordPress 5.1 is now available! This is an important milestone, as the release date for WordPress 5.1 draws near. “Release Candidate” means that the new version is ready for release, but with millions of users and thousands of plugins and themes, it’s possible something was missed. WordPress 5.1 is scheduled to be released on Thursday, February 21, but we need your help to get there—if you haven’t tried 5.1 yet, now is the time! There are two ways to test the WordPress 5.1 release candidate: try the WordPress Beta Tester plugin (you’ll want to select the “bleeding edge nightlies” option), or you can download the release candidate here (zip). What’s in WordPress 5.1? Inspired by Archie Bell & The Drells, WordPress’s theme for 2019 is to “tighten up”, and WordPress 5.1 focussed on [ more… ]

No Image

USN-3878-2: Linux kernel (Azure) vulnerabilities

2019-02-08 KENNETH 0

USN-3878-2: Linux kernel (Azure) vulnerabilities linux-azure vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Summary Several security issues were fixed in the Linux kernel. Software Description linux-azure – Linux kernel for Microsoft Azure Cloud systems Details It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information (host machine kernel memory). (CVE-2018-14625) Cfir Cohen discovered that a use-after-free vulnerability existed in the KVM implementation of the Linux kernel, when handling interrupts in environments where nested virtualization is in use (nested KVM virtualization is not enabled by default in Ubuntu kernels). A local attacker in a guest VM could possibly use this to gain administrative privileges [ more… ]

No Image

USN-3871-5: Linux kernel (Azure) vulnerabilities

2019-02-08 KENNETH 0

USN-3871-5: Linux kernel (Azure) vulnerabilities linux-azure vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in the Linux kernel. Software Description linux-azure – Linux kernel for Microsoft Azure Cloud systems Details Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10876, CVE-2018-10879) Wen Xu discovered that a buffer overflow existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10877) [ more… ]