KENNETH – 페이지 159 – 지락문화예술공작단

USN-6022-1: Kamailio vulnerabilities

2023-04-15 KENNETH 0

USN-6022-1: Kamailio vulnerabilities It was discovered that Kamailio did not properly sanitize SIP messages under certain circumstances. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and 18.04 ESM. (CVE-2018-16657) It was discovered that Kamailio did not properly validate INVITE requests under certain circumstances. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. (CVE-2020-27507) Source: USN-6022-1: Kamailio vulnerabilities

Announcing Windows 11 Insider Preview Build 23435

2023-04-15 KENNETH 0

Announcing Windows 11 Insider Preview Build 23435 Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 23435 to the Dev Channel. What’s new in Build 23435 Gallery in File Explorer We are introducing Gallery, a new feature in File Explorer designed to make it easy to access your photo collection. The set of content shown in Gallery is the same as what you’ll see in the All Photos view in the Photos app. Gallery is optimized for accessing your most recently taken photos. If you have OneDrive Camera Roll Backup set up on your phone, photos you take will show up automatically at the top of the view. You can choose which folders are shown in Gallery through the Collection dropdown. You can also add subfolders of existing sources to filter to a subset of your content, [ more… ]

USN-6021-1: Chromium vulnerabilities

2023-04-14 KENNETH 0

USN-6021-1: Chromium vulnerabilities It was discovered that Chromium did not properly manage memory in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-1528, CVE-2023-1530, CVE-2023-1531, CVE-2023-1533, CVE-2023-1811, CVE-2023-1815, CVE-2023-1818) It was discovered that Chromium could be made to access memory out of bounds in WebHID. A remote attacker could possibly use this issue to corrupt memory via a malicious HID device, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-1529) It was discovered that Chromium could be made to access memory out of bounds in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-1532, CVE-2023-1534, [ more… ]

USN-6020-1: Linux kernel (BlueField) vulnerabilities

2023-04-14 KENNETH 0

USN-6020-1: Linux kernel (BlueField) vulnerabilities It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. (CVE-2022-2196) Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4382) It was discovered that the RNDIS [ more… ]

구름과 카카오가 함께한 다섯 번째 구름톤 후기 (1편)

2023-04-14 KENNETH 0

구름과 카카오가 함께한 다섯 번째 구름톤 후기 (1편) 카카오는 자체 기술 행사뿐 아니라, 기술 생태계에서 일어나는 다양한 행사를 지원하고 후원하고 있습니다. 그중에서도 구름(goorm)과 카카오가 함께하는 구름톤(9oormthon)의 이야기를 들려드리려 합니다. 들어가며: 카카오 크루들이 함께하는 구름톤 (구름톤 홈페이지에서 캡처) ‘구름톤’은 카카오 클라우드 플랫폼의 이름인 ‘9rum’과 구름의 영문명 ‘goorm’, ‘Hackathon’의 합성어로 두 구름이 만나 열리는 해커톤입니다. 2022년부터 시작하여 이번 3월에는 5회 차를 맞이했어요. 구름톤 행사에 대한 […] Source: 구름과 카카오가 함께한 다섯 번째 구름톤 후기 (1편)