USN-4484-1: Linux kernel vulnerability It was discovered that the cgroup v2 subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2020-14356) Source: USN-4484-1: Linux kernel vulnerability
USN-4486-1: Linux kernel vulnerability Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate meta-data information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service (system crash). Source: USN-4486-1: Linux kernel vulnerability
USN-4485-1: Linux kernel vulnerabilities Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the i915_gem_execbuffer2_ioctl. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2018-20669) It was discovered that the Kvaser CAN/USB driver in the Linux kernel did not properly initialize memory in certain situations. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-19947) Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory in some failure conditions. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-20810) It was discovered that the elf handling code in the Linux kernel did not initialize memory before using it in certain situations. A local [ more… ]
입사 후 6개월 동안 달라진 것들 – 2020 신입 온보딩 과정 그 후의 이야기 지난 3월, 카카오 개발자로서 첫 걸음을 떼던 Albus, David, Tate 세 분을 만나 두 달간의 신입 개발자 온보딩 과정에 대해 진솔한 이야기를 나누는 자리가 있었습니다. (두 달 간의 신입 개발자 온보딩 과정을 돌아보며 – 신입 개발자들과의 인터뷰) 부서로 갓 배정된 시점에 코로나(COVID-19)로 인해 전사 원격근무를 하게 되어 당시 인터뷰도 화상으로 만나 보았는데요, 현재는 on-site 근무로 […] Source: 입사 후 6개월 동안 달라진 것들 – 2020 신입 온보딩 과정 그 후의 이야기
USN-4483-1: Linux kernel vulnerabilities Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory in some failure conditions. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-20810) Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Pages. A local attacker with access to DAX storage could use this to gain administrative privileges. (CVE-2020-10757) It was discovered that the Linux kernel did not correctly apply Speculative Store Bypass Disable (SSBD) mitigations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10766) It was discovered that the Linux kernel did not correctly apply Indirect Branch Predictor Barrier (IBPB) mitigations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10767) [ more… ]
Copyright © 2026 | WordPress Theme by MH Themes
