Read Time:6 Second
Here is an overview of the CIS Benchmarks that the Center for Internet Security updated or released for October 2023.
Yearly Archives: 2023
mbedtls-2.28.5-1.el9
Read Time:17 Second
FEDORA-EPEL-2023-61870984c8
Packages in this update:
mbedtls-2.28.5-1.el9
Update description:
Update to 2.28.5
CVE-2023-43615
Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.5
Security Advisory: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2023-10-1/
mbedtls-2.28.5-1.el8
Read Time:17 Second
FEDORA-EPEL-2023-18e8d4f55b
Packages in this update:
mbedtls-2.28.5-1.el8
Update description:
Update to 2.28.5
CVE-2023-43615
Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.5
Security Advisory: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2023-10-1/
mbedtls-2.28.5-1.fc39
Read Time:16 Second
FEDORA-2023-0352951853
Packages in this update:
mbedtls-2.28.5-1.fc39
Update description:
Update to 2.28.5
CVE-2023-43615
Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.5
Security Advisory: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2023-10-1/
mbedtls-2.28.5-1.fc38
Read Time:16 Second
FEDORA-2023-5c6521d81d
Packages in this update:
mbedtls-2.28.5-1.fc38
Update description:
Update to 2.28.5
CVE-2023-43615
Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.5
Security Advisory: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2023-10-1/
mbedtls-2.28.5-1.fc37
Read Time:16 Second
FEDORA-2023-e0ab860391
Packages in this update:
mbedtls-2.28.5-1.fc37
Update description:
Update to 2.28.5
CVE-2023-43615
Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.5
Security Advisory: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2023-10-1/
LSN-0098-1: Kernel Live Patch Security Notice
Read Time:2 Minute, 21 Second
It was discovered that the IP-VLAN network driver for the Linux kernel did
not properly initialize memory in some situations, leading to an out-of-
bounds write vulnerability. An attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code.(CVE-2023-3090)
It was discovered that the virtual terminal driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly expose sensitive
information (kernel memory).(CVE-2023-3567)
It was discovered that the universal 32bit network packet classifier
implementation in the Linux kernel did not properly perform reference
counting in some situations, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code.(CVE-2023-3609)
It was discovered that the network packet classifier with
netfilter/firewall marks implementation in the Linux kernel did not
properly handle reference counting, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code.(CVE-2023-3776)
Kevin Rich discovered that the netfilter subsystem in the Linux kernel did
not properly handle table rules flush in certain circumstances. A local
attacker could possibly use this to cause a denial of service (system
crash) or execute arbitrary code.(CVE-2023-3777)
Kevin Rich discovered that the netfilter subsystem in the Linux kernel did
not properly handle rule additions to bound chains in certain
circumstances. A local attacker could possibly use this to cause a denial
of service (system crash) or execute arbitrary code.(CVE-2023-3995)
It was discovered that the netfilter subsystem in the Linux kernel did not
properly handle PIPAPO element removal, leading to a use-after-free
vulnerability. A local attacker could possibly use this to cause a denial
of service (system crash) or execute arbitrary code.(CVE-2023-4004)
It was discovered that some network classifier implementations in the Linux
kernel contained use-after-free vulnerabilities. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code.(CVE-2023-4128)
Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux
kernel did not properly handle locking for rings with IOPOLL, leading to a
double-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.(CVE-2023-21400)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle L2CAP socket release, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code.(CVE-2023-40283)
Half of CISOs Now Report to CEO as Influence Grows
CVE-2022-30527
Read Time:13 Second
A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application assigns improper access rights to specific folders containing executable files and libraries.
This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.
Model Extraction Attack on Neural Networks
Read Time:1 Minute, 18 Second
Adi Shamir et al. have a new model extraction attack on neural networks:
Polynomial Time Cryptanalytic Extraction of Neural Network Models
Abstract: Billions of dollars and countless GPU hours are currently spent on training Deep Neural Networks (DNNs) for a variety of tasks. Thus, it is essential to determine the difficulty of extracting all the parameters of such neural networks when given access to their black-box implementations. Many versions of this problem have been studied over the last 30 years, and the best current attack on ReLU-based deep neural networks was presented at Crypto’20 by Carlini, Jagielski, and Mironov. It resembles a differential chosen plaintext attack on a cryptosystem, which has a secret key embedded in its black-box implementation and requires a polynomial number of queries but an exponential amount of time (as a function of the number of neurons).
In this paper, we improve this attack by developing several new techniques that enable us to extract with arbitrarily high precision all the real-valued parameters of a ReLU-based DNN using a polynomial number of queries and a polynomial amount of time. We demonstrate its practical efficiency by applying it to a full-sized neural network for classifying the CIFAR10 dataset, which has 3072 inputs, 8 hidden layers with 256 neurons each, and about 1.2 million neuronal parameters. An attack following the approach by Carlini et al. requires an exhaustive search over 2256 possibilities. Our attack replaces this with our new techniques, which require only 30 minutes on a 256-core computer.