[월:] 2021년 03월

No Image

USN-4889-1: Linux kernel vulnerabilities

2021-03-25 KENNETH 0

USN-4889-1: Linux kernel vulnerabilities Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-27365) Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did not properly restrict access to iSCSI transport handles. A local attacker could use this to cause a denial of service or expose sensitive information (kernel pointer addresses). (CVE-2021-27363) Adam Nichols discovered that an out-of-bounds read existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2021-27364) Source: USN-4889-1: Linux kernel vulnerabilities

No Image

USN-4890-1: Linux kernel vulnerabilities

2021-03-25 KENNETH 0

USN-4890-1: Linux kernel vulnerabilities Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly compute a speculative execution limit on pointer arithmetic in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27171) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly apply speculative execution limits on some pointer types. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27170) Source: USN-4890-1: Linux kernel vulnerabilities

NGINX Steps Up to F5 Agility 2021 with App-Driven Events

2021-03-25 KENNETH 0

NGINX Steps Up to F5 Agility 2021 with App-Driven Events This year, F5 Agility returns to the online stage April 20–22 with a wide range of information sessions, talks, and workshops designed to help you get the most out of F5’s products, services, and third‑party integrations. NGINX, as part of F5, has prepared a set of content tailored with you in mind, complete with the latest product releases and features as well as thought‑provoking discussions on app delivery, security, digital architecture, and microservices deployment. Here’s just a short selection of talks and other events which will undoubtedly be of interest to the NGINX community. Find out more about F5 Agility and register! Production-Grade Kubernetes in Action Demand for improved and innovative approaches to deploying Kubernetes has risen sharply over the past few years, and NGINX has risen to the occasion with [ more… ]

No Image

USN-4888-1: ldb vulnerabilities

2021-03-25 KENNETH 0

USN-4888-1: ldb vulnerabilities Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain LDAP attributes. A remote attacker could possibly use this issue to cause the LDAP server to crash, resulting in a denial of service. (CVE-2021-20277) Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain DN strings. A remote attacker could use this issue to cause the LDAP server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-27840) Source: USN-4888-1: ldb vulnerabilities

Announcing Windows 10 Insider Preview Build 21343

2021-03-25 KENNETH 0

Announcing Windows 10 Insider Preview Build 21343 Hello Windows Insiders, today we are releasing Windows 10 Insider Preview Build 21343 (RS_PRERELEASE) to Windows Insiders in the Dev Channel. What’s new in Build 21343 New icons in File Explorer We first began updating the icons in Windows 10 last year starting with the built-in apps. Since then, we have continued updating icons throughout Windows 10 including the icon for Windows Security, the Narrator icon, and most recently the icon for Notepad. Now we’re taking the next step by updating many of the system icons used throughout File Explorer. Please note: After upgrading to this build, any custom folders pinned to Quick Access will disappear. You can either make note of them prior to updating to this build or pause updates until we get a fix in. Several changes, such as the [ more… ]