The Expel Quarterly Threat Report distills the threats and trends the Expel SOC saw in Q2. Download it now.

Read Time:23 Second

Graham Cluley Security News is sponsored this week by the folks at Expel. Thanks to the great team there for their support! Every quarter, the Expel security operations centre (SOC) publishes its Quarterly Threat Report (QTR) to distill all the trends, notable new behaviours, and unusual attacks it saw in the previous quarter. By sharing … Continue reading “The Expel Quarterly Threat Report distills the threats and trends the Expel SOC saw in Q2. Download it now.”

Read More

linux-firmware-20230919-1.fc39

Read Time:1 Minute, 9 Second

FEDORA-2023-dd3ebcea25

Packages in this update:

linux-firmware-20230919-1.fc39

Update description:

Update to upstream 20230919 release:

amd-ucode: Add note on fam19h warnings
i915: update MTL HuC to version 8.5.4
amdgpu: update DMCUB to 0.0.183.0 for various AMDGPU ASICs
qcom: add link to sc8280xp audioreach firmware
qcom: sm8250: add RB5 sensors DSP firmware
qcom: Update vpu-1.0 firmware
qcom: sm8250: update DSP firmware
qcom: add firmware for the onboard WiFi on qcm2290 / qrb4210
qcom: add venus firmware files for v6.0
qcom: add firmware for QRB4210 platforms
qcom: add firmware for QCM2290 platforms
qcom: add GPU firmware for QCM2290 / QRB2210
ath10k/WCN3990: move wlanmdsp to qcom/sdm845
QCA: Update Bluetooth WCN685x 2.1 firmware to 2.1.0-00605
Fix carl9170fw shell scripts for shellcheck errors
i915: Update MTL DMC to v2.16
Update firmware file for Intel Bluetooth AX200/AX201/AX203/AX210/AX211
Update firmware for qat_4xxx devices
Update AMD SEV firmware
rtw89: 8852b: update fw to v0.29.29.3
rtw89: 8851b: update fw to v0.29.41.2
i915: add GSC 102.0.0.1655 for MTL
cirrus: Add CS35L41 firmware for HP G11 models
Update AMD cpu microcode
rtl_bt: Add firmware v2 file for RTL8852C
Revert “rtl_bt: Update RTL8852C BT USB firmware to 0x040D_7225”
cxgb4: Update firmware to revision 1.27.4.0

Read More

linux-firmware-20230919-1.fc38

Read Time:1 Minute, 9 Second

FEDORA-2023-4056a5c165

Packages in this update:

linux-firmware-20230919-1.fc38

Update description:

Update to upstream 20230919 release:

amd-ucode: Add note on fam19h warnings
i915: update MTL HuC to version 8.5.4
amdgpu: update DMCUB to 0.0.183.0 for various AMDGPU ASICs
qcom: add link to sc8280xp audioreach firmware
qcom: sm8250: add RB5 sensors DSP firmware
qcom: Update vpu-1.0 firmware
qcom: sm8250: update DSP firmware
qcom: add firmware for the onboard WiFi on qcm2290 / qrb4210
qcom: add venus firmware files for v6.0
qcom: add firmware for QRB4210 platforms
qcom: add firmware for QCM2290 platforms
qcom: add GPU firmware for QCM2290 / QRB2210
ath10k/WCN3990: move wlanmdsp to qcom/sdm845
QCA: Update Bluetooth WCN685x 2.1 firmware to 2.1.0-00605
Fix carl9170fw shell scripts for shellcheck errors
i915: Update MTL DMC to v2.16
Update firmware file for Intel Bluetooth AX200/AX201/AX203/AX210/AX211
Update firmware for qat_4xxx devices
Update AMD SEV firmware
rtw89: 8852b: update fw to v0.29.29.3
rtw89: 8851b: update fw to v0.29.41.2
i915: add GSC 102.0.0.1655 for MTL
cirrus: Add CS35L41 firmware for HP G11 models
Update AMD cpu microcode
rtl_bt: Add firmware v2 file for RTL8852C
Revert “rtl_bt: Update RTL8852C BT USB firmware to 0x040D_7225”
cxgb4: Update firmware to revision 1.27.4.0

Read More

linux-firmware-20230919-1.fc37

Read Time:1 Minute, 9 Second

FEDORA-2023-defb0a89ff

Packages in this update:

linux-firmware-20230919-1.fc37

Update description:

Update to upstream 20230919 release:

amd-ucode: Add note on fam19h warnings
i915: update MTL HuC to version 8.5.4
amdgpu: update DMCUB to 0.0.183.0 for various AMDGPU ASICs
qcom: add link to sc8280xp audioreach firmware
qcom: sm8250: add RB5 sensors DSP firmware
qcom: Update vpu-1.0 firmware
qcom: sm8250: update DSP firmware
qcom: add firmware for the onboard WiFi on qcm2290 / qrb4210
qcom: add venus firmware files for v6.0
qcom: add firmware for QRB4210 platforms
qcom: add firmware for QCM2290 platforms
qcom: add GPU firmware for QCM2290 / QRB2210
ath10k/WCN3990: move wlanmdsp to qcom/sdm845
QCA: Update Bluetooth WCN685x 2.1 firmware to 2.1.0-00605
Fix carl9170fw shell scripts for shellcheck errors
i915: Update MTL DMC to v2.16
Update firmware file for Intel Bluetooth AX200/AX201/AX203/AX210/AX211
Update firmware for qat_4xxx devices
Update AMD SEV firmware
rtw89: 8852b: update fw to v0.29.29.3
rtw89: 8851b: update fw to v0.29.41.2
i915: add GSC 102.0.0.1655 for MTL
cirrus: Add CS35L41 firmware for HP G11 models
Update AMD cpu microcode
rtl_bt: Add firmware v2 file for RTL8852C
Revert “rtl_bt: Update RTL8852C BT USB firmware to 0x040D_7225”
cxgb4: Update firmware to revision 1.27.4.0

Read More

USN-6388-1: Linux kernel vulnerabilities

Read Time:2 Minute, 7 Second

Daniel Moghimi discovered that some Intel(R) Processors did not properly
clear microarchitectural state after speculative execution of various
instructions. A local unprivileged user could use this to obtain to
sensitive information. (CVE-2022-40982)

Yang Lan discovered that the GFS2 file system implementation in the Linux
kernel could attempt to dereference a null pointer in some situations. An
attacker could use this to construct a malicious GFS2 image that, when
mounted and operated on, could cause a denial of service (system crash).
(CVE-2023-3212)

It was discovered that the NET/ROM protocol implementation in the Linux
kernel contained a race condition in some situations, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2023-32269)

It was discovered that the NFC implementation in the Linux kernel contained
a use-after-free vulnerability when performing peer-to-peer communication
in certain conditions. A privileged attacker could use this to cause a
denial of service (system crash) or possibly expose sensitive information
(kernel memory). (CVE-2023-3863)

It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle L2CAP socket release, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-40283)

It was discovered that some network classifier implementations in the Linux
kernel contained use-after-free vulnerabilities. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-4128)

It was discovered that the JFS file system implementation in the Linux
kernel did not properly validate memory allocations in certain situations,
leading to a null pointer dereference vulnerability. An attacker could use
this to construct a malicious JFS image that, when mounted, could cause a
denial of service (system crash). (CVE-2023-4385)

It was discovered that the VMware VMXNET3 ethernet driver in the Linux
kernel contained a use-after-free vulnerability in certain situations. A
local attacker in a guest VM could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-4387)

It was discovered that the VMware VMXNET3 ethernet driver in the Linux
kernel did not properly handle errors in certain situations, leading to a
null pointer dereference vulnerability. A local attacker in a guest VM
could use this to cause a denial of service (system crash). (CVE-2023-4459)

Read More

USN-6387-1: Linux kernel vulnerabilities

Read Time:38 Second

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii
Oleksenko discovered that some AMD processors could leak stale data from
division operations in certain situations. A local attacker could possibly
use this to expose sensitive information. (CVE-2023-20588)

It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle L2CAP socket release, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-40283)

It was discovered that some network classifier implementations in the Linux
kernel contained use-after-free vulnerabilities. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-4128)

Read More

USN-6386-1: Linux kernel vulnerabilities

Read Time:49 Second

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii
Oleksenko discovered that some AMD processors could leak stale data from
division operations in certain situations. A local attacker could possibly
use this to expose sensitive information. (CVE-2023-20588)

It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle L2CAP socket release, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-40283)

It was discovered that some network classifier implementations in the Linux
kernel contained use-after-free vulnerabilities. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-4128)

Lonial Con discovered that the netfilter subsystem in the Linux kernel
contained a memory leak when handling certain element flush operations. A
local attacker could use this to expose sensitive information (kernel
memory). (CVE-2023-4569)

Read More