[월:] 2022년 04월

No Image

USN-5358-2: Linux kernel vulnerabilities

2022-04-01 KENNETH 0

USN-5358-2: Linux kernel vulnerabilities It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1055) It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-27666) Source: USN-5358-2: Linux kernel vulnerabilities

No Image

USN-5357-2: Linux kernel vulnerability

2022-04-01 KENNETH 0

USN-5357-2: Linux kernel vulnerability It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Source: USN-5357-2: Linux kernel vulnerability

No Image

Sonic lands in the Candy Kingdom as Great Adventure Season begins

2022-04-01 KENNETH 0

Sonic lands in the Candy Kingdom as Great Adventure Season begins The first week in Candy Crush Saga’s Great Adventure Season has begun with the arrival of a guest starring character in the game – none other than Sonic the Hedgehog. All blue candies this week will be reskinned into a “sonictastic” design in the game, and two different adventures will invite you to join and to collect the blue Sonic Candies: Sonic Dash Collection and The Great Chase. If you manage to get to the top 10 on the leaderboard in the Great Chase or collect at least 5,000 blue Sonic Candies in Sonic Dash Collection, you can take a screenshot of your achievement and claim your Candy Community Sonic badge. Let the fun begin. After the first week Sonic will leave the arena, but the Great Adventure will [ more… ]

No Image

People of WordPress: Juan Aldasoro

2022-04-01 KENNETH 0

People of WordPress: Juan Aldasoro In this series, we share some of the inspiring stories of how WordPress and its global network of contributors can change people’s lives for the better. This month we feature a website developer and project manager from Argentina, who found in the software a way to live his life in the way he dreamed. WordPress offers something to everyone. For Juan Aldasoro, a developer and project manager for a large distributed company, it provides an opportunity to combine his different interests and skills to live the type of life he wanted.  “I like visual, creative and technical things. The joy of WordPress is that you can do all of these things, you don’t have to limit yourself to any one aspect . You can also do this from almost anywhere in the world!” From working [ more… ]

No Image

USN-5360-1: Tomcat vulnerabilities

2022-04-01 KENNETH 0

USN-5360-1: Tomcat vulnerabilities It was discovered that Tomcat incorrectly performed input verification. A remote attacker could possibly use this issue to intercept sensitive information. (CVE-2020-13943, CVE-2020-17527, CVE-2021-25122, CVE-2021-30640) It was discovered that Tomcat did not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-9484, CVE-2021-33037) It was discovered that Tomcat did not properly validate the input length. An attacker could possibly use this to trigger an infinite loop, resulting in a denial of service. (CVE-2020-9494, CVE-2021-25329, CVE-2021-41079) Source: USN-5360-1: Tomcat vulnerabilities