An issue has been found in sniproxy, a transparent TLS and HTTP layer 4
proxy with SNI support. Due to bad handling of wildcard backend hosts,
a crafted HTTP or TLS packet might lead to remote arbitrary code
execution.
It’s only a smart lightbulb. Why would anyone want to hack that?
Great question. Because it gets to the heart of security matters for your IoT smart home devices.
Internet of Things (IoT) devices have certainly made themselves at home in recent years. Once a novelty, they’ve become far more commonplace. The numbers bear that out. Recent research indicates that the average U.S. household has 20.2 connected devices. Europe has 17.4 on average, while Japan trails at 10.3.
Of course, those figures largely account for computers, tablets, phones, and internet-connected smart TVs. Yet the study uncovered a sizable jump in the presence of other smart devices.
Comparing 2022 to 2021, smart homes worldwide had:
55% more cameras.
43% more smart doorbells.
38% more home hubs.
25% more smart light bulbs.
23% more smart plugs.
19% more smart thermostats.
Consider that connected devices in the home rose just 10% globally during the same timeframe. It’s clear that IoT smart home device ownership is on the upswing. Yet has security kept up with all that growth?
That security question brings us back to the lightbulb.
An adage in security is this: if a device gets connected, it gets protected. And that protection has to be strong because a network is only as secure as its weakest link. Unfortunately, many IoT devices are indeed the weakest security links on home networks.
Some recent research sheds light on what’s at stake. Cybersecurity teams at the Florida Institute of Technology found that companion apps for several big brand smart devices had security flaws. Of the 20 apps linked to connected doorbells, locks, security systems, televisions, and cameras they studied, 16 had “critical cryptographic flaws” that might allow attackers to intercept and modify their traffic. These flaws might lead to the theft of login credentials and spying, the compromise of the connected device, or the compromise of other devices and data on the network.
Over the years, our research teams at McAfee Labs have uncovered similar security vulnerabilities in other IoT devices like smart coffee makers and smart wall plugs.
Vulnerabilities such as these have the potential to compromise other devices on the network.
Let’s imagine a smart lightbulb with poor security measures. As part of your home network, a motivated hacker might target it, compromise it, and gain access to the other devices on your network. In that way, a lightbulb might lead to your laptop—and all the files and data on it.
So yes, someone might be quite interested in hacking your lightbulb.
One Friday morning in 2016, great swathes of the American internet ground to a halt.
Major websites and services became unresponsive as internet directory services got flooded with millions and millions of malicious requests. As such, millions and millions of people were affected, along with public agencies and private businesses alike. Behind it, a botnet. An internet drone army of compromised IOT devices like digital video recorders and webcams.
Known as the Mirai botnet, its initial purpose was to target Minecraft game servers. Essentially to “grief” innocent players. Yet it later found its way into other hands. From there, it became among the first high-profile botnet attacks on the internet.
Botnet attacks can be small and targeted, such as when bad actors want to target a certain business (or game servers). And they can get as large as Mirai did. Regardless of size, these attacks rely on compromised devices. Consumer IoT devices often get targeted for such purposes for the same reasons listed above. They can lack strong security features out of the box, making them easy to enlist in a botnet.
In all, the threat of botnets makes another strong case for securing your devices.
To put a fine point on it, security in your smart home is an absolute must. And you can make your smart home far more secure with a few steps.
Many smart home devices use a smartphone as a sort of remote control, and to gather, store, and share data. So whether you’re an Android owner or an iOS owner, protect your smartphone so you can protect the things it accesses and controls—and the data stored on it too.
One issue with many IoT devices is that they often come with a default username and password. This could mean that your device and thousands of others just like it share the same credentials. That makes it easy for a hacker to access to them because those default usernames and passwords are often published online.
When you purchase any IoT device, set a fresh password using a strong method of password creation. Likewise, create an entirely new username for additional protection as well.
Banks and other online services commonly offer multi-factor authentication to help protect your accounts. In addition to using a username and password for login, it sends a security code to another device you own (often a mobile phone). It throws a big barrier in the way of hackers who try to force their way into your device with a password/username combination. If your IoT devices support multi-factor authentication, consider using it with them too.
Another device that needs good password protection is your internet router. Make sure you use a strong and unique password as well to help prevent hackers from breaking into your home network. Also consider changing the name of your home network so that it doesn’t personally identify you.
Fun alternatives to using your name or address include everything from movie lines like “May the Wi-Fi be with you” to old sitcom references like “Central Perk.” Also check that your router is using an encryption method, like WPA2 or the newer WPA3, which will keep your signal secure.
Older routers might have outdated security measures, which might make them more prone to attacks. If you’re renting yours from your internet provider, contact them for an upgrade. If you’re using your own, visit a reputable news or review site such as Consumer Reports for a list of the best routers that combine speed, capacity, and security.
In addition to fixing the odd bug or adding the occasional new feature, updates often fix security gaps. Out-of-date apps and devices might have flaws that hackers can exploit, so update regularly. If you can set your smart home apps and devices to receive automatic updates, select that option so that you’ll always have the latest.
Just as you can offer your guests secure access that’s separate from your own devices, you can create an additional network on your router that keeps your computers and smartphones separate from IoT devices. This way, if an IoT device is compromised, a hacker will still have difficulty accessing your other devices on your primary network that hosts your computers and smartphones.
You can take another strong security step before you even bring that new smart device home. Research.
Unfortunately, there are few consumer standards for smart devices. That’s unlike other household appliances. They must comply with government regulations, industry standards, and consumer-friendly standards like Energy Star ratings. So, some of the research burden falls on the buyer when it comes to purchasing the most secure devices.
Here are a few steps that can help:
A positive or high customer rating for a smart device is a good place to start, yet purchasing a safer device takes more than that. Impartial third-party reviewers like Consumer Reports will offer thorough reviews of smart devices and their security, as part of a paid subscription.
Likewise, look for other resources that account for device and data security in their writeups, such as the “Privacy Not Included” website. Run by a nonprofit organization, it reviews a wealth of apps and smart devices based on the strength of their security and privacy measures.
Whether you’re looking at a device made by a well-known company or one you haven’t heard of before, a web search can show you if they’ve had any reported privacy or security issues in the past. And just because you might be looking at a popular brand name doesn’t mean that you’ll make yourself more private or secure by choosing them. Companies of all sizes and years of operation have encountered problems with their smart home devices.
What you should look for, though, is how quickly the company addresses any issues and if they consistently have problems with them. Again, you can turn to third-party reviewers or reputable news sources for information that can help shape your decision.
Some smart devices will provide you with options around what data they collect and then what they do with it after it’s collected. Hop online and see if you can download some instructions for manuals for the devices you’re considering. They might explain the settings and permissions that you can enable or disable.
As mentioned above, multi-factor authentication provides an additional layer of protection. It makes things much more difficult for a hacker or bad actor to compromise your device, even if they know your password and username. Purchase devices that offer this as an option. It’s a terrific line of defense.
Some manufacturers are more security- and privacy-minded than others. Look for them. You might see a camera that has a physical shutter that caps the lens and blocks recording when it’s not in use. You might also find doorbell cameras that store video locally, instead of uploading it to the cloud where others can potentially access it. Also look for manufacturers that call out their use of encryption, which can further protect your data in transit.
Even the smallest of IoT smart home devices can lead to big issues if they’re not secured.
It only takes one poorly secured device to compromise everything else on an otherwise secure network. And with manufacturers in a rush to capitalize on the popularity of smart home devices, sometimes security takes a back seat. They might not thoroughly design their products for security up front, and they might not regularly update them for security in the long term.
Meanwhile, other manufacturers do a fine job. It takes a bit of research on the buyer’s part to find out which manufacturers handle security best.
Aside from research, a few straightforward steps can keep your smart devices and your network safe. Just as with any other connected device, strong passwords, multi-factor authentication, and regular updates remain key security steps.
For a secure smart home, just remember the adage: if a device gets connected, it gets protected.
The post Make Your Smart Home a Secure Home Too: Securing Your IoT Smart Home Devices appeared first on McAfee Blog.
microcode_ctl-2.1-55.fc38
Update to upstream 2.1-40. 20230516
Addition of 06-6c-01/0x10 (ICL-D B0) microcode at revision 0x1000230;
Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode at revision
0x2b000461;
Addition of 06-8f-04/0x10 microcode at revision 0x2c0001d1;
Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-04) at revision 0x2b000461;
Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-04) at revision 0x2c0001d1;
Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-04) at revision 0x2b000461;
Addition of 06-8f-06/0x10 (SPR-HBM B2) microcode (in
intel-ucode/06-8f-04) at revision 0x2c0001d1;
Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-04) at revision 0x2b000461;
Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-04) at revision 0x2b000461;
Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-04) at revision 0x2c0001d1;
Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000461;
Addition of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) at
revision 0x2c0001d1;
Addition of 06-8f-05/0x87 (SPR-SP E2) microcode at revision
0x2b000461;
Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode at revision
0x2c0001d1;
Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000461;
Addition of 06-8f-06/0x10 (SPR-HBM B2) microcode (in
intel-ucode/06-8f-05) at revision 0x2c0001d1;
Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000461;
Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000461;
Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-05) at revision 0x2c0001d1;
Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000461;
Addition of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) at
revision 0x2c0001d1;
Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000461;
Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-06) at revision 0x2c0001d1;
Addition of 06-8f-06/0x87 (SPR-SP E3) microcode at revision
0x2b000461;
Addition of 06-8f-06/0x10 (SPR-HBM B2) microcode at revision
0x2c0001d1;
Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000461;
Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000461;
Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-06) at revision 0x2c0001d1;
Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) at revision 0x2b000461;
Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) at revision 0x2b000461;
Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) at revision 0x2b000461;
Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode at revision
0x2b000461;
Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) at revision 0x2b000461;
Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) at revision 0x2b000461;
Addition of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) at
revision 0x2c0001d1;
Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) at revision 0x2b000461;
Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-08) at revision 0x2c0001d1;
Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) at revision 0x2b000461;
Addition of 06-8f-06/0x10 (SPR-HBM B2) microcode (in
intel-ucode/06-8f-08) at revision 0x2c0001d1;
Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) at revision 0x2b000461;
Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode at revision
0x2b000461;
Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode at revision
0x2c0001d1;
Addition of 06-b7-01/0x32 (RPL-S S0) microcode at revision 0x113;
Addition of 06-ba-02/0xc0 (RPL-H 6+8/P 6+8 J0) microcode at revision
0x4112;
Addition of 06-ba-03/0xc0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) at revision 0x4112;
Addition of 06-ba-02/0xc0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) at revision 0x4112;
Addition of 06-ba-03/0xc0 (RPL-U 2+8 Q0) microcode at revision 0x4112;
Addition of 06-be-00/0x01 (ADL-N A0) microcode at revision 0x10;
Addition of 06-9a-04/0x40 (AZB A0/R0) microcode at revision 0x4;
Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x100015e
up to 0x1000171;
Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode from
revision 0x2006e05 up to 0x2006f05;
Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003302
up to 0x4003501;
Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x5003302 up to 0x5003501;
Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002501
up to 0x7002601;
Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd000375
up to 0xd000390;
Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x3c up
to 0x3e;
Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x20 up
to 0x22;
Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xb2
up to 0xba;
Update of 06-8a-01/0x10 (LKF B2/B3) microcode from revision 0x31 up
to 0x33;
Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
0xa4 up to 0xaa;
Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x28 up
to 0x2a;
Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x40 up
to 0x44;
Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode from revision 0xf0
up to 0xf2;
Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode from
revision 0xf0 up to 0xf2;
Update of 06-8e-0b/0xd0 (WHL-U W0) microcode from revision 0xf0 up
to 0xf2;
Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode from revision 0xf0 up to 0xf6;
Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x16 up
to 0x17;
Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x421 up to 0x42a;
Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x421 up to 0x42a;
Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x421 up to 0x42a;
Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x421
up to 0x42a;
Update of 06-9c-00/0x01 (JSL A0/A1) microcode from revision 0x24000023
up to 0x24000024;
Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode from
revision 0xf0 up to 0xf2;
Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision
0xf0 up to 0xf2;
Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode from revision 0xf0
up to 0xf2;
Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode from revision
0xf0 up to 0xf2;
Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision
0xf0 up to 0xf8;
Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xf0 up
to 0xf6;
Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xf0
up to 0xf6;
Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xf0
up to 0xf6;
Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xf0
up to 0xf6;
Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision
0xf0 up to 0xf6;
Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x54 up
to 0x58;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x22 up to 0x2c (old pf 0x3);
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x22
up to 0x2c (old pf 0x3);
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x22 up to
0x2c (old pf 0x3);
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x22 up to
0x2c (old pf 0x3).
Addresses CVE-2022-21216, CVE-2022-33196, CVE-2022-33972, CVE-2022-38090
microcode_ctl-2.1-53.1.fc37
Update to upstream 2.1-40. 20230516
Addition of 06-6c-01/0x10 (ICL-D B0) microcode at revision 0x1000230;
Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode at revision
0x2b000461;
Addition of 06-8f-04/0x10 microcode at revision 0x2c0001d1;
Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-04) at revision 0x2b000461;
Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-04) at revision 0x2c0001d1;
Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-04) at revision 0x2b000461;
Addition of 06-8f-06/0x10 (SPR-HBM B2) microcode (in
intel-ucode/06-8f-04) at revision 0x2c0001d1;
Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-04) at revision 0x2b000461;
Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-04) at revision 0x2b000461;
Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-04) at revision 0x2c0001d1;
Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000461;
Addition of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) at
revision 0x2c0001d1;
Addition of 06-8f-05/0x87 (SPR-SP E2) microcode at revision
0x2b000461;
Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode at revision
0x2c0001d1;
Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000461;
Addition of 06-8f-06/0x10 (SPR-HBM B2) microcode (in
intel-ucode/06-8f-05) at revision 0x2c0001d1;
Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000461;
Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000461;
Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-05) at revision 0x2c0001d1;
Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000461;
Addition of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) at
revision 0x2c0001d1;
Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000461;
Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-06) at revision 0x2c0001d1;
Addition of 06-8f-06/0x87 (SPR-SP E3) microcode at revision
0x2b000461;
Addition of 06-8f-06/0x10 (SPR-HBM B2) microcode at revision
0x2c0001d1;
Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000461;
Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000461;
Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-06) at revision 0x2c0001d1;
Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) at revision 0x2b000461;
Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) at revision 0x2b000461;
Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) at revision 0x2b000461;
Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode at revision
0x2b000461;
Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) at revision 0x2b000461;
Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) at revision 0x2b000461;
Addition of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) at
revision 0x2c0001d1;
Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) at revision 0x2b000461;
Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-08) at revision 0x2c0001d1;
Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) at revision 0x2b000461;
Addition of 06-8f-06/0x10 (SPR-HBM B2) microcode (in
intel-ucode/06-8f-08) at revision 0x2c0001d1;
Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) at revision 0x2b000461;
Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode at revision
0x2b000461;
Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode at revision
0x2c0001d1;
Addition of 06-b7-01/0x32 (RPL-S S0) microcode at revision 0x113;
Addition of 06-ba-02/0xc0 (RPL-H 6+8/P 6+8 J0) microcode at revision
0x4112;
Addition of 06-ba-03/0xc0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) at revision 0x4112;
Addition of 06-ba-02/0xc0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) at revision 0x4112;
Addition of 06-ba-03/0xc0 (RPL-U 2+8 Q0) microcode at revision 0x4112;
Addition of 06-be-00/0x01 (ADL-N A0) microcode at revision 0x10;
Addition of 06-9a-04/0x40 (AZB A0/R0) microcode at revision 0x4;
Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x100015e
up to 0x1000171;
Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode from
revision 0x2006e05 up to 0x2006f05;
Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003302
up to 0x4003501;
Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x5003302 up to 0x5003501;
Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002501
up to 0x7002601;
Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd000375
up to 0xd000390;
Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x3c up
to 0x3e;
Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x20 up
to 0x22;
Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xb2
up to 0xba;
Update of 06-8a-01/0x10 (LKF B2/B3) microcode from revision 0x31 up
to 0x33;
Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
0xa4 up to 0xaa;
Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x28 up
to 0x2a;
Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x40 up
to 0x44;
Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode from revision 0xf0
up to 0xf2;
Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode from
revision 0xf0 up to 0xf2;
Update of 06-8e-0b/0xd0 (WHL-U W0) microcode from revision 0xf0 up
to 0xf2;
Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode from revision 0xf0 up to 0xf6;
Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x16 up
to 0x17;
Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x421 up to 0x42a;
Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x421 up to 0x42a;
Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x421 up to 0x42a;
Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x421
up to 0x42a;
Update of 06-9c-00/0x01 (JSL A0/A1) microcode from revision 0x24000023
up to 0x24000024;
Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode from
revision 0xf0 up to 0xf2;
Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision
0xf0 up to 0xf2;
Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode from revision 0xf0
up to 0xf2;
Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode from revision
0xf0 up to 0xf2;
Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision
0xf0 up to 0xf8;
Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xf0 up
to 0xf6;
Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xf0
up to 0xf6;
Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xf0
up to 0xf6;
Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xf0
up to 0xf6;
Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision
0xf0 up to 0xf6;
Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x54 up
to 0x58;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x22 up to 0x2c (old pf 0x3);
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x22
up to 0x2c (old pf 0x3);
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x22 up to
0x2c (old pf 0x3);
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x22 up to 0x2c (old pf 0x3);
Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x22 up to
0x2c (old pf 0x3).
Addresses CVE-2022-21216, CVE-2022-33196, CVE-2022-33972, CVE-2022-38090
Perception Point said the increase is due to the adoption of new cloud collaboration apps
The vulnerability was discovered by Salt Security and has a CVSS score of 9.6
The threat actors used sophisticated tactics to evade detection during their malicious activities
Graham Cluley Security News is sponsored this week by the fab folks at Kolide. Thanks to the great team there for their support! Right now, “Zero Trust” is in serious danger of becoming an empty buzzword. The problem isn’t just that marketers have slapped the Zero Trust label on everything short of breakfast cereal–it’s that … Continue reading “Can zero trust be saved?”
Zheng Wang discovered that the Intel i915 graphics driver in the Linux
kernel did not properly handle certain error conditions, leading to a
double-free. A local attacker could possibly use this to cause a denial of
service (system crash). (CVE-2022-3707)
Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did
not properly implement speculative execution barriers in usercopy functions
in certain situations. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2023-0459)
It was discovered that the TLS subsystem in the Linux kernel contained a
type confusion vulnerability in some situations. A local attacker could use
this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2023-1075)
It was discovered that the Reliable Datagram Sockets (RDS) protocol
implementation in the Linux kernel contained a type confusion vulnerability
in some situations. An attacker could use this to cause a denial of service
(system crash). (CVE-2023-1078)
Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel
did not properly initialize some data structures. A local attacker could
use this to expose sensitive information (kernel memory). (CVE-2023-1513)
It was discovered that a use-after-free vulnerability existed in the iSCSI
TCP implementation in the Linux kernel. A local attacker could possibly use
this to cause a denial of service (system crash). (CVE-2023-2162)
It was discovered that the NET/ROM protocol implementation in the Linux
kernel contained a race condition in some situations, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2023-32269)
Duoming Zhou discovered that a race condition existed in the infrared
receiver/transceiver driver in the Linux kernel, leading to a use-after-
free vulnerability. A privileged attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2023-1118)
Cybersecurity professionals who need to track the latest vulnerability exploits now have a new tool designed to make their job easier, with the launch today of VulnCheck XDB, a database of exploits and proof of concepts hosted on Git repositories.
The tool, from cyberthreat intelligence provider VulnCheck, is aimed at helping vulnerability researchers and security teams prioritize vulnerabilities based on the availability and criticality of new exploits that have been made public.
“There is a significant gap in exploit databases available today for modern security teams,” said Anthony Bettini, CEO and founder of VulnCheck. “That’s why we’re excited to launch XDB. This complementary tool will be instrumental in helping researchers, offensive teams and detection engineers solve the vulnerability prioritization challenge and bolster security.”
