Monthly Archives: March 2023

Advisories

USN-5939-1: Linux kernel (GCP) vulnerabilities

Read Time:4 Minute, 0 Second

It was discovered that the Upper Level Protocol (ULP) subsystem in the
Linux kernel did not properly handle sockets entering the LISTEN state in
certain protocols, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-0461)

It was discovered that the NVMe driver in the Linux kernel did not properly
handle reset events in some situations. A local attacker could use this to
cause a denial of service (system crash). (CVE-2022-3169)

It was discovered that a use-after-free vulnerability existed in the SGI
GRU driver in the Linux kernel. A local attacker could possibly use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3424)

Gwangun Jung discovered a race condition in the IPv4 implementation in the
Linux kernel when deleting multipath routes, resulting in an out-of-bounds
read. An attacker could use this to cause a denial of service (system
crash) or possibly expose sensitive information (kernel memory).
(CVE-2022-3435)

It was discovered that a race condition existed in the Kernel Connection
Multiplexor (KCM) socket implementation in the Linux kernel when releasing
sockets in certain situations. A local attacker could use this to cause a
denial of service (system crash). (CVE-2022-3521)

It was discovered that the Netronome Ethernet driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3545)

It was discovered that the hugetlb implementation in the Linux kernel
contained a race condition in some situations. A local attacker could use
this to cause a denial of service (system crash) or expose sensitive
information (kernel memory). (CVE-2022-3623)

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an out-of-bounds write vulnerability. A local attacker
could use this to cause a denial of service (system crash).
(CVE-2022-36280)

Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel did not
properly perform reference counting in some situations, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2022-41218)

It was discovered that the Intel i915 graphics driver in the Linux kernel
did not perform a GPU TLB flush in some situations. A local attacker could
use this to cause a denial of service or possibly execute arbitrary code.
(CVE-2022-4139)

It was discovered that a race condition existed in the Xen network backend
driver in the Linux kernel when handling dropped packets in certain
circumstances. An attacker could use this to cause a denial of service
(kernel deadlock). (CVE-2022-42328, CVE-2022-42329)

It was discovered that the Atmel WILC1000 driver in the Linux kernel did
not properly validate offsets, leading to an out-of-bounds read
vulnerability. An attacker could use this to cause a denial of service
(system crash). (CVE-2022-47520)

It was discovered that the network queuing discipline implementation in the
Linux kernel contained a null pointer dereference in some situations. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2022-47929)

José Oliveira and Rodrigo Branco discovered that the prctl syscall
implementation in the Linux kernel did not properly protect against
indirect branch prediction attacks in some situations. A local attacker
could possibly use this to expose sensitive information. (CVE-2023-0045)

It was discovered that a use-after-free vulnerability existed in the
Advanced Linux Sound Architecture (ALSA) subsystem. A local attacker could
use this to cause a denial of service (system crash). (CVE-2023-0266)

Kyle Zeng discovered that the IPv6 implementation in the Linux kernel
contained a NULL pointer dereference vulnerability in certain situations. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-0394)

It was discovered that the Android Binder IPC subsystem in the Linux kernel
did not properly validate inputs in some situations, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2023-20938)

Kyle Zeng discovered that the class-based queuing discipline implementation
in the Linux kernel contained a type confusion vulnerability in some
situations. An attacker could use this to cause a denial of service (system
crash). (CVE-2023-23454)

Kyle Zeng discovered that the ATM VC queuing discipline implementation in
the Linux kernel contained a type confusion vulnerability in some
situations. An attacker could use this to cause a denial of service (system
crash). (CVE-2023-23455)

Read More

News

McAfee Teammates Share How They #EmbraceEquity This International Women’s Day

Read Time:3 Minute, 7 Second

International Women’s Day is a time for us to celebrate the achievements and contributions of women at McAfee and around the world. We reflect on progress, the work ahead, and how all of us can create a more equitable and inclusive world.

Collectively we can #EmbraceEquity and raise awareness of how equity leads to equality today and beyond.

See how Team McAfee embraces equity.

“As a father of two daughters, I want them to be able to embrace any opportunities they encounter and be successful at whatever they put they mind to. So, I embrace equity as it creates the best environment for everyone to succeed and simply, it’s just the right thing to do.” Andrew – Software Sales Senior Manager

“In 2023, I’m hopeful that equity will be embraced by all sectors of our society. When we collectively embrace equity, we create a more equal world that strives to be diverse, inclusive and fair.” Fiona, Accounting Senior Manager

“I embrace equity because I believe that everyone deserves to be treated fairly and have equal opportunities, regardless of their background, identity, or personal characteristics.” – Jeremy, Senior UC Engineer

“Embracing equity will help us advance into a future where we appreciate and value uniqueness of each other!” – Ambareen, Senior Manage, Content Operations & QA, DevOps

“I love the #EmbraceEquity theme as it demonstrates how the conversation has progressed to a point where we are having meaningful conversations about why equality is not enough. Equity-based solutions consider the experiences people have and with that more women can get what they need to succeed. This is a long-term solution and I’m excited for continuing this conversation going forward.” – Keegan, Senior Retail Channel Marketing Manager

“I embrace equity because it’s the right thing. But more than this, because without it there is no way we would be able to achieve our full potential.” – Aaron, VP Finance

“To me, #EmbracingEquity means to accept everyone’s differences, uniqueness, and backgrounds; the very essence that makes us each who we are.”  – Deb, Executive Assistant

“Change won’t happen unless we make it happen. I embrace equity because well it’s so clearly and fundamentally the right thing to do.” – Jared, VP Legal

“Embracing Equity means recognizing and supporting women across the globe, regardless of their background. We come together to empower one another, celebrate our achievements, and continue to build workplaces where ALL women can thrive.”  – Taylor, People Experience Program Manager

“I reaffirm my commitment to raise my voice to help others who need support to be heard, to enable them to succeed in their career and to lead. When we make room for diverse voices – we enrich the social fabric and through this, deepen our own perspectives.” – Natalia, Software Sales

“Gender equality is not just an issue for women to solve, it takes men and allies to lean in and truly remove those barriers. The more we can speak out, the more we can stand up and the more stories we can share the greater chance we have to truly inspire action. We can help create a more equitable world for everyone.” – Mike, Director of Global Transformation

“Humanity is diverse: we’re all unique individuals with our own passions, strengths and weaknesses. Equity is taking that uniqueness into account, so everyone has the resources and opportunities they need to succeed.” – Elodie, Security Researcher

Join McAfee and millions of others around the world in celebrating International Women’s Day by sharing how you’ll #EmbraceEquity.

Interested in finding out more about what we’re doing to drive meaningful change at McAfee? Check out our Impact Report

The post McAfee Teammates Share How They #EmbraceEquity This International Women’s Day appeared first on McAfee Blog.

Read More

Advisories

USN-5938-1: Linux kernel (GKE) vulnerabilities

Read Time:3 Minute, 32 Second

It was discovered that the Upper Level Protocol (ULP) subsystem in the
Linux kernel did not properly handle sockets entering the LISTEN state in
certain protocols, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-0461)

Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel
did not properly handle VLAN headers in some situations. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-0179)

It was discovered that the NVMe driver in the Linux kernel did not properly
handle reset events in some situations. A local attacker could use this to
cause a denial of service (system crash). (CVE-2022-3169)

Maxim Levitsky discovered that the KVM nested virtualization (SVM)
implementation for AMD processors in the Linux kernel did not properly
handle nested shutdown execution. An attacker in a guest vm could use this
to cause a denial of service (host kernel crash) (CVE-2022-3344)

Gwangun Jung discovered a race condition in the IPv4 implementation in the
Linux kernel when deleting multipath routes, resulting in an out-of-bounds
read. An attacker could use this to cause a denial of service (system
crash) or possibly expose sensitive information (kernel memory).
(CVE-2022-3435)

It was discovered that a race condition existed in the Kernel Connection
Multiplexor (KCM) socket implementation in the Linux kernel when releasing
sockets in certain situations. A local attacker could use this to cause a
denial of service (system crash). (CVE-2022-3521)

It was discovered that the Netronome Ethernet driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3545)

It was discovered that the Intel i915 graphics driver in the Linux kernel
did not perform a GPU TLB flush in some situations. A local attacker could
use this to cause a denial of service or possibly execute arbitrary code.
(CVE-2022-4139)

It was discovered that a race condition existed in the Xen network backend
driver in the Linux kernel when handling dropped packets in certain
circumstances. An attacker could use this to cause a denial of service
(kernel deadlock). (CVE-2022-42328, CVE-2022-42329)

It was discovered that the NFSD implementation in the Linux kernel
contained a use-after-free vulnerability. A remote attacker could possibly
use this to cause a denial of service (system crash) or execute arbitrary
code. (CVE-2022-4379)

It was discovered that a race condition existed in the x86 KVM subsystem
implementation in the Linux kernel when nested virtualization and the TDP
MMU are enabled. An attacker in a guest vm could use this to cause a denial
of service (host OS crash). (CVE-2022-45869)

It was discovered that the Atmel WILC1000 driver in the Linux kernel did
not properly validate the number of channels, leading to an out-of-bounds
write vulnerability. An attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2022-47518)

It was discovered that the Atmel WILC1000 driver in the Linux kernel did
not properly validate specific attributes, leading to an out-of-bounds
write vulnerability. An attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2022-47519)

It was discovered that the Atmel WILC1000 driver in the Linux kernel did
not properly validate offsets, leading to an out-of-bounds read
vulnerability. An attacker could use this to cause a denial of service
(system crash). (CVE-2022-47520)

It was discovered that the Atmel WILC1000 driver in the Linux kernel did
not properly validate specific attributes, leading to a heap-based buffer
overflow. An attacker could use this to cause a denial of service (system
crash) or possibly execute arbitrary code. (CVE-2022-47521)

Lin Ma discovered a race condition in the io_uring subsystem in the Linux
kernel, leading to a null pointer dereference vulnerability. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-0468)

Read More

News

SANS, Google launch academy to promote cloud security, diversity in workforce

Read Time:28 Second

SANS Institute has launched the SANS Cloud Diversity Academy (SCDA) in partnership with Google, to help provide training and certifications to women, ethnic minorities, Indigenous people and other groups that are currently underrepresented in the cybersecurity sector.

A 2022 report by Cybersecurity Ventures found that women make up only 25% of the cybersecurity workforce globally, while an Aspen Digital Tech Policy report from the same year found that only 9% of cybersecurity experts are Black, about 8% are Asian, and 4% are Hispanic.

To read this article in full, please click here

Read More

Advisories

USN-5937-1: Opusfile vulnerability

Read Time:13 Second

It was discovered that Opusfile was not properly validating pointer
arguments in some of its functions, which could lead to a NULL pointer
dereference. An attacker could possibly use this issue to cause a denial
of service or have other unspecified impacts.

Read More