[월:] 2022년 06월

No Image

USN-5466-1: Linux kernel vulnerabilities

2022-06-08 KENNETH 0

USN-5466-1: Linux kernel vulnerabilities It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499) Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966) It was discovered that the SCTP protocol implementation in the Linux kernel did not properly verify VTAGs in some situations. A remote attacker could possibly use this to cause a denial of service (connection disassociation). (CVE-2021-3772) It was discovered that the btrfs file system implementation in the Linux kernel did not properly handle locking [ more… ]

No Image

USN-5465-1: Linux kernel vulnerabilities

2022-06-08 KENNETH 0

USN-5465-1: Linux kernel vulnerabilities It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499) Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966) Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions. (CVE-2022-30594) Source: USN-5465-1: Linux kernel vulnerabilities

No Image

USN-5464-1: E2fsprogs vulnerability

2022-06-08 KENNETH 0

USN-5464-1: E2fsprogs vulnerability Nils Bars discovered that e2fsprogs incorrectly handled certain file systems. A local attacker could use this issue with a crafted file system image to possibly execute arbitrary code. Source: USN-5464-1: E2fsprogs vulnerability

Load Balancing TCP and UDP Traffic in Kubernetes with NGINX

2022-06-08 KENNETH 0

Load Balancing TCP and UDP Traffic in Kubernetes with NGINX [Editor– This post is an extract from our comprehensive eBook, Managing Kubernetes Traffic with F5 NGINX: A Practical Guide. Download it for free today.] Along with HTTP traffic, NGINX Ingress Controller load balances TCP and UDP traffic, so you can use it to manage traffic for a wide range of apps and utilities based on those protocols, including: MySQL, LDAP, and MQTT – TCP‑based apps used by many popular applications DNS, syslog, and RADIUS – UDP‑based utilities used by edge devices and non‑transactional applications TCP and UDP load balancing with NGINX Ingress Controller is also an effective solution for distributing network traffic to Kubernetes applications in the following circumstances: You are using end-to-end encryption (EE2E) and having the application handle encryption and decryption rather than NGINX Ingress Controller You need high‑performance load balancing [ more… ]

[도서] 코딩의 미래

2022-06-08 KENNETH 0

[도서] 코딩의 미래 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]코딩의 미래 홍전일 저 | 로드북 | 2022년 06월 판매가 14,400원 (10%할인) | YES포인트 800원(5%지급) 20년 이상 독서와 코딩을 즐기는 저자가 코딩 진로를 두고 고민하는 독자들을 위해 쓴 책이다. 설마 인공지능이 우리의 코딩 밥그릇을 빼앗아 갈까? 설마 하는 생각이 자주 현실이 되어버리는 요즘이다. 이 책이 코 Source: [도서] 코딩의 미래