Monthly Archives: June 2023

Advisories

[CVE-2023-29459] FC Red Bull Salzburg App “at.redbullsalzburg.android.AppMode.Default.Splash.SplashActivity” Arbitrary URL Loading

Read Time:26 Second

Posted by Julien Ahrens (RCE Security) on Jun 02

RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: FC Red Bull Salzburg App
Vendor URL: https://play.google.com/store/apps/details?id=laola.redbull
Type: Improper Authorization in Handler for Custom URL Scheme [CWE-939]
Date found: 2023-04-06
Date published: 2023-06-01
CVSSv3 Score: 6.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
CVE: CVE-2023-29459…

Read More

News

Russia points finger at US for iPhone exploit campaign that also hit Kaspersky Lab

Read Time:58 Second

The Russian federal security agency, the FSB, has put out a security alert claiming that US intelligence services are behind an attack campaign that exploits vulnerabilities in iOS and compromised thousands of iPhones devices in Russia, including those of foreign diplomats. In a separate report, Russian antivirus vendor Kaspersky Lab said that several dozen of its senior employees and upper management were targeted as part of the operation, although unlike the FSB, the company did not attribute the attack to any specific state.

According to the company’s analysis of infected devices, the operation has been ongoing since at least 2019 and starts with victims receiving an invisible message over the ​​iMessage application with an attachment that initiates an exploit chain and then deletes itself. “The deployment of the spyware is completely hidden and requires no action from the user,” Kaspersky Lab’s founder and CEO Eugene Kaspersky said in a blog post. “The spyware then quietly transmits private information to remote servers: microphone recordings, photos from instant messengers, geolocation, and data about a number of other activities of the owner of the infected device.”

To read this article in full, please click here

Read More

Advisories

USN-6135-1: Linux kernel (Azure CVM) vulnerabilities

Read Time:1 Minute, 12 Second

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in
the netfilter subsystem of the Linux kernel when processing batch requests,
leading to a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2023-32233)

Gwangun Jung discovered that the Quick Fair Queueing scheduler
implementation in the Linux kernel contained an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-31436)

Reima Ishii discovered that the nested KVM implementation for Intel x86
processors in the Linux kernel did not properly validate control registers
in certain situations. An attacker in a guest VM could use this to cause a
denial of service (guest crash). (CVE-2023-30456)

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux
kernel did not properly perform data buffer size validation in some
situations. A physically proximate attacker could use this to craft a
malicious USB device that when inserted, could cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2023-1380)

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu
Linux kernel contained a race condition when handling inode locking in some
situations. A local attacker could use this to cause a denial of service
(kernel deadlock). (CVE-2023-2612)

Read More