Articles by KENNETH

About KENNETH
지락문화예술공작단
No Image

USN-4977-1: Linux kernel vulnerabilities

2021-06-03 KENNETH 0

USN-4977-1: Linux kernel vulnerabilities Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25670) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-25671, CVE-2020-25672) Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly handle error conditions in some situations, leading to an infinite loop. A local attacker could use this to cause a denial of service. (CVE-2020-25673) Piotr Krysiuk and Benedict Schlueter discovered that the eBPF implementation in the Linux kernel performed out of bounds speculation on pointer arithmetic. A local attacker [ more… ]

Improving font rendering in Microsoft Edge

2021-06-03 KENNETH 0

Improving font rendering in Microsoft Edge Today we are excited to announce improved font rendering in the latest Canary builds of Microsoft Edge on Windows. We have improved the contrast enhancement and gamma correction to match the quality and clarity of other native Windows applications. Font rendering will also now respect user ClearType Tuner settings when applying text contrast enhancement and gamma correction. What’s New? In the latest Canary builds, we now have support for applying the system settings for contrast enhancement and gamma correction of text. You can enable this with the edge://flags#edge-enhance-text-contrast flag. To experiment with different values, run the ClearType Text Tuner (search for “Adjust ClearType text” in the Start menu). Note that Edge must be restarted whenever the settings are changed, and that only the settings for your primary monitor are used. You can see the effect [ more… ]

No Image

Annual Warhammer Skulls Festival launching on PC and Xbox June 3

2021-06-02 KENNETH 0

Annual Warhammer Skulls Festival launching on PC and Xbox June 3 Warhammer Skulls, the annual festival of all things Warhammer video gaming, is coming to Xbox and Windows PC for the first time June 3. To kick off the launch, there will be a special Xbox specific Warhammer Skulls Showcase live streamed to Xbox’s Twitch and YouTube on June 3 at 10 a.m. PST, featuring world premieres, reveals and announcements from leading studios and franchises. Head over to Xbox Wire to find out more. Source: Annual Warhammer Skulls Festival launching on PC and Xbox June 3

No Image

USN-4976-1: Dnsmasq vulnerability

2021-06-02 KENNETH 0

USN-4976-1: Dnsmasq vulnerability Petr Mensik discovered that Dnsmasq incorrectly randomized source ports in certain configurations. A remote attacker could possibly use this issue to facilitate DNS cache poisoning attacks. Source: USN-4976-1: Dnsmasq vulnerability

No Image

USN-4975-1: Django vulnerabilities

2021-06-02 KENNETH 0

USN-4975-1: Django vulnerabilities It was discovered that the Django URLValidator function incorrectly handled newlines and tabs. A remote attacker could possibly use this issue to perform a header injection attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-32052) Rasmus Lerchedahl Petersen and Rasmus Wriedt Larsen discovered that Django incorrectly handled path sanitation in admindocs. A remote attacker could possibly use this issue to determine the existence of arbitrary files and in certain configurations obtain their contents. (CVE-2021-33203) It was discovered that Django incorrectly handled IPv4 addresses with leading zeros. A remote attacker could possibly use this issue to perform a wide variety of attacks, including bypassing certain access restrictions. (CVE-2021-33571) Source: USN-4975-1: Django vulnerabilities