[월:] 2023년 01월

No Image

USN-5793-4: Linux kernel (IBM) vulnerabilities

2023-01-11 KENNETH 0

USN-5793-4: Linux kernel (IBM) vulnerabilities It was discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3910) It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the sound [ more… ]

No Image

USN-5793-3: Linux kernel vulnerabilities

2023-01-11 KENNETH 0

USN-5793-3: Linux kernel vulnerabilities It was discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3910) It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the sound subsystem [ more… ]

No Image

WordPress is Turning 20: Let’s Celebrate!

2023-01-11 KENNETH 0

WordPress is Turning 20: Let’s Celebrate! 2023 marks the 20th year of WordPress. Where would we all be without WordPress? Just think of that! While many technologies, software stacks, and fashion trends have come and gone throughout the past two decades, WordPress has thrived. This is due to the fantastic work and contributions of the WordPress community, comprised of thousands of contributors; and millions of users who have embraced the four freedoms of WordPress and the mission to democratize publishing. Let’s celebrate! Throughout the beginning of 2023, leading up to the official anniversary date of WordPress’s launch (May 27, 2003), a number of different events will celebrate this important milestone, reflect on the journey, and look toward the future. Please join in! Over the next few months, be sure to check WordPress’s official social media accounts along with the official [ more… ]

No Image

USN-5798-1: .NET 6 vulnerability

2023-01-11 KENNETH 0

USN-5798-1: .NET 6 vulnerability Johan Gorter discovered that .NET 6 incorrectly processed certain invalid HTTP requests. An attacker could possibly use this issue to cause a denial of service condition for an exposed endpoint. Source: USN-5798-1: .NET 6 vulnerability

No Image

USN-5791-3: Linux kernel (Azure) vulnerabilities

2023-01-11 KENNETH 0

USN-5791-3: Linux kernel (Azure) vulnerabilities It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) It was discovered that the sound subsystem in the Linux kernel contained a race condition in some [ more… ]