USN-5206-1: Linux kernel (OEM) vulnerability Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. Source: USN-5206-1: Linux kernel (OEM) vulnerability
USN-5207-1: Linux kernel (OEM) vulnerabilities Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. (CVE-2021-4002) It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. (CVE-2021-4001) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly validate MSG_CRYPTO messages in some situations. An attacker could use this to [ more… ]
CES 2022: ASUS refreshes its gaming lineup and introduces new form factors, CPUs and GPUs At CES 2022, ASUS Republic of Gamers (ROG) introduced new and refreshed Windows 11 devices, such as the ROG Flow Z13, with new form factors for the Zephyrus Duo 16, Zephyrus G14 and Strix series, which also include new CPUs and GPUs. The ROG Flow Z13 is one of the new devices, a gaming tablet that comes with Windows 11, up to a 14-core Intel Core i9-12900H processor, an NVIDIA GeForce RTX 3050 Ti GPU and 5200MHz LPDDR5 memory. It has two display options: a 4K 60Hz display with 85% DCI-P3 coverage, or a Full HD 120Hz screen with a 100% sRGB gamut. Both have Corning Gorilla glass protection on the touch screen, Adaptive Sync, Dolby Vision HDR with 500 nits of brightness and Pantone [ more… ]
CES 2022: Lenovo ushers in new looks and approaches for hybrid work, gaming and everything else At CES 2022, Lenovo introduced Windows 11 devices designed to meet the needs of a wide array of people, including creators, hybrid workers, gamers and environmentally conscious consumers. A decade after Lenovo debuted its 360-degree flexible hinge design on the multi-mode Yoga 2-in-1 laptop at CES, the Yoga continues to span and stretch across form factors with the seventh generation of this defining line of laptops. For this 10th anniversary, the design language reboot shifts towards a new vertically flipped Yoga wordmark and includes curved edges for its convertibles, a gender-neutral color palette, more recycled materials and luxury finishes. A new 14-inch flagship convertible laptop is first up for 2022: the Lenovo Yoga 9i, co-engineered with Intel with a design to meet the requirements [ more… ]
USN-5204-1: Django vulnerabilities Chris Bailey discovered that Django incorrectly handled evaluating submitted passwords. A remote attacker could possibly use this issue to consume resources, resulting in a denial of service. (CVE-2021-45115) Dennis Brinkrolf discovered that Django incorrectly handled the dictsort template filter. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2021-45116) Dennis Brinkrolf discovered that Django incorrectly handled certain file names. A remote attacker could possibly use this issue to save files to arbitrary filesystem locations. (CVE-2021-45452) Source: USN-5204-1: Django vulnerabilities
Copyright © 2024 | WordPress Theme by MH Themes
