Read Time:3 Second
Privacy International warns UK is “sleepwalking into public mass surveillance”
Daily Archives: November 10, 2023
tor-0.4.8.9-1.fc39
Read Time:10 Second
FEDORA-2023-36344fb44b
Packages in this update:
tor-0.4.8.9-1.fc39
Update description:
update to latest upstream release https://forum.torproject.org/t/security-release-0-4-8-9/10155
CherryBlos, the malware that steals cryptocurrency via your photos – what you need to know
tor-0.4.8.9-1.el8
Read Time:10 Second
FEDORA-EPEL-2023-6b5f919719
Packages in this update:
tor-0.4.8.9-1.el8
Update description:
update to latest upstream release https://forum.torproject.org/t/security-release-0-4-8-9/10155
tor-0.4.8.9-1.el9
Read Time:10 Second
FEDORA-EPEL-2023-becba09145
Packages in this update:
tor-0.4.8.9-1.el9
Update description:
update to latest upstream release https://forum.torproject.org/t/security-release-0-4-8-9/10155
tor-0.4.8.9-1.fc37
Read Time:10 Second
FEDORA-2023-f73b2bc240
Packages in this update:
tor-0.4.8.9-1.fc37
Update description:
update to latest upstream release https://forum.torproject.org/t/security-release-0-4-8-9/10155
tor-0.4.8.9-1.fc38
Read Time:10 Second
FEDORA-2023-29cafcbf4a
Packages in this update:
tor-0.4.8.9-1.fc38
Update description:
update to latest upstream release https://forum.torproject.org/t/security-release-0-4-8-9/10155
USN-6465-3: Linux kernel (GKE) vulnerabilities
Read Time:25 Second
Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in
the Linux kernel contained a race condition, leading to a null pointer
dereference vulnerability. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-31083)
Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the
Linux kernel contained a null pointer dereference vulnerability in some
situations. A local privileged attacker could use this to cause a denial of
service (system crash). (CVE-2023-3772)
USN-6462-2: Linux kernel (IoT) vulnerabilities
Read Time:53 Second
Seth Jenkins discovered that the Linux kernel did not properly perform
address randomization for a per-cpu memory management structure. A local
attacker could use this to expose sensitive information (kernel memory) or
in conjunction with another kernel vulnerability. (CVE-2023-0597)
Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in
the Linux kernel contained a race condition, leading to a null pointer
dereference vulnerability. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-31083)
Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the
Linux kernel contained a null pointer dereference vulnerability in some
situations. A local privileged attacker could use this to cause a denial of
service (system crash). (CVE-2023-3772)
It was discovered that the Siano USB MDTV receiver device driver in the
Linux kernel did not properly handle device initialization failures in
certain situations, leading to a use-after-free vulnerability. A physically
proximate attacker could use this cause a denial of service (system crash).
(CVE-2023-4132)