woff-0.20091126-34.fc36

Read Time:12 Second

FEDORA-2022-706c76c4f0

Packages in this update:

woff-0.20091126-34.fc36

Update description:

Fix a possible double free in woffEncode().

Update License to SPDX
improved summary and description
Add hand-written man pages
Install HTML format description as documentation

Read More

CVE-2021-31693

Read Time:20 Second

VMware Tools for Windows (12.x.y prior to 12.1.5, 11.x.y and 10.x.y) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest OS, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a denial-of-service condition in the Windows guest OS.

Read More

USN-5728-3: Linux kernel (GCP) vulnerabilities

Read Time:2 Minute, 43 Second

Jann Horn discovered that the Linux kernel did not properly track memory
allocations for anonymous VMA mappings in some situations, leading to
potential data structure reuse. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2022-42703)

It was discovered that a race condition existed in the memory address space
accounting implementation in the Linux kernel, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-41222)

It was discovered that a race condition existed in the instruction emulator
of the Linux kernel on Arm 64-bit systems. A local attacker could use this
to cause a denial of service (system crash). (CVE-2022-20422)

It was discovered that the KVM implementation in the Linux kernel did not
properly handle virtual CPUs without APICs in certain situations. A local
attacker could possibly use this to cause a denial of service (host system
crash). (CVE-2022-2153)

Hao Sun and Jiacheng Xu discovered that the NILFS file system
implementation in the Linux kernel contained a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-2978)

Johannes Wikner and Kaveh Razavi discovered that for some Intel x86-64
processors, the Linux kernel’s protections against speculative branch
target injection attacks were insufficient in some circumstances. A local
attacker could possibly use this to expose sensitive information.
(CVE-2022-29901)

Abhishek Shah discovered a race condition in the PF_KEYv2 implementation in
the Linux kernel. A local attacker could use this to cause a denial of
service (system crash) or possibly expose sensitive information (kernel
memory). (CVE-2022-3028)

It was discovered that the Netlink device interface implementation in the
Linux kernel did not properly handle certain error conditions, leading to a
use-after-free vulnerability with some network device drivers. A local
attacker with admin access to the network device could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2022-3625)

It was discovered that the IDT 77252 ATM PCI device driver in the Linux
kernel did not properly remove any pending timers during device exit,
resulting in a use-after-free vulnerability. A local attacker could
possibly use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2022-3635)

Jann Horn discovered a race condition existed in the Linux kernel when
unmapping VMAs in certain situations, resulting in possible use-after-free
vulnerabilities. A local attacker could possibly use this to cause a denial
of service (system crash) or execute arbitrary code. (CVE-2022-39188)

Xingyuan Mo and Gengjia Chen discovered that the Promise SuperTrak EX
storage controller driver in the Linux kernel did not properly handle
certain structures. A local attacker could potentially use this to expose
sensitive information (kernel memory). (CVE-2022-40768)

Sönke Huster discovered that a use-after-free vulnerability existed in the
WiFi driver stack in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2022-42719)

Read More

CyberDanube Security Research 20221124-0 | Authenticated Command Injection Hirschmann BAT-C2

Read Time:12 Second

Posted by Thomas Weber on Nov 29

CyberDanube Security Research 20221124-0
——————————————————————————-
               title| Authenticated Command Injection
             product| Hirschmann (Belden) BAT-C2
  vulnerable version| 8.8.1.0R8
       fixed version| 09.13.01.00R04
          CVE number| CVE-2022-40282
              impact| High
           …

Read More

Win32.Ransom.Conti / Crypto Logic Flaw

Read Time:20 Second

Posted by malvuln on Nov 29

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/99e55ce93392068c970384ab24a0e13d.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Backup media: infosec.exchange/@malvuln

Threat: Win32.Ransom.Conti
Vulnerability: Crypto Logic Flaw
Description: Conti ransomware FAILS to encrypt non PE files that have a
“.exe” in the filename. Creating specially crafted file names…

Read More

Ransomware Deception Tactics Part 1

Read Time:12 Second

Posted by malvuln on Nov 29

Did you know? some Ransomware like CONTI and others will FAIL to encrypt
non PE files that have a “.exe” in the filename.

Test.exe.docx
Test.exe.pdf

Conti MD5: 9eb9197cd58f4417a27621c4e1b25a71

ATOMSILO MD5: 5559e9f5e1645f8554ea020a29a5a3ee

Read More

Trojan.Win32.DarkNeuron.gen / Named Pipe Null DACL

Read Time:19 Second

Posted by malvuln on Nov 29

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/d891c9374ccb2a4cae2274170e8644d8.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Backup media: infosec.exchange/@malvuln

Threat: Trojan.Win32.DarkNeuron.gen
Vulnerability: Named Pipe Null DACL
Family: DarkNeuron (Turla Group)
Type: PE32
MD5: d891c9374ccb2a4cae2274170e8644d8
Vuln ID: MVID-2022-0661
Disclosure: 11/24/2022…

Read More

Backdoor.Win32.Autocrat.b / Weak Hardcoded Credentials

Read Time:19 Second

Posted by malvuln on Nov 29

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/4262a8b52b902aa2e6bf02a156d1b8d4.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Backup media: infosec.exchange/@malvuln

Threat: Backdoor.Win32.Autocrat.b
Vulnerability: Weak Hardcoded Credentials
Description: The malware is packed with PeCompact, listens on TCP port 8536
and requires authentication. However, the password…

Read More