Multiple vulnerabilities have been discovered in the Xen hypervisor,
which could result in privilege escalation, denial of service or
information leaks.
Yearly Archives: 2023
netconsd-0.2-1.el8
FEDORA-EPEL-2023-347df5dde7
Packages in this update:
netconsd-0.2-1.el8
Update description:
Update to 0.2 to address CVE-2023-28753; Fixes: RHBZ#2181655
netconsd-0.2-1.el9
FEDORA-EPEL-2023-55df79c1ba
Packages in this update:
netconsd-0.2-1.el9
Update description:
Update to 0.2 to address CVE-2023-28753; Fixes: RHBZ#2181655
netconsd-0.2-1.fc36
FEDORA-2023-80b2470d3c
Packages in this update:
netconsd-0.2-1.fc36
Update description:
Update to 0.2 to address CVE-2023-28753; Fixes: RHBZ#2181655
netconsd-0.2-1.fc37
FEDORA-2023-88629e9585
Packages in this update:
netconsd-0.2-1.fc37
Update description:
Update to 0.2 to address CVE-2023-28753; Fixes: RHBZ#2181655
netconsd-0.2-1.fc38
FEDORA-2023-f25098f499
Packages in this update:
netconsd-0.2-1.fc38
Update description:
Update to 0.2 to address CVE-2023-28753; Fixes: RHBZ#2181655
Friday Squid Blogging: Creating Batteries Out of Squid Cells
This is fascinating:
“When a squid ends up chipping what’s called its ring tooth, which is the nail underneath its tentacle, it needs to regrow that tooth very rapidly, otherwise it can’t claw its prey,” he explains.
This was intriguing news and it sparked an idea in Hopkins lab where he’d been trying to figure out how to store and transmit heat.
“It diffuses in all directions. There’s no way to capture the heat and move it the way that you would electricity. It’s just not a fundamental law of physics.”
[…]
The tiny brown batteries he mentions are about the size of a chiclet, and Hopkins says it will take a decade or more to create larger batteries that could have commercial value.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
CVE-2021-3684
A vulnerability was found in OpenShift Assisted Installer. During generation of the Discovery ISO, image pull secrets were leaked as plaintext in the installation logs. An authenticated user could exploit this by re-using the image pull secret to pull container images from the registry as the associated user.
CVE-2021-3674
A flaw was found in rizin. The create_section_from_phdr function allocates space for ELF section data by processing the headers. Crafted values in the headers can cause out of bounds reads, which can lead to memory corruption and possibly code execution through the binary object’s callback function.
A Hacker’s Mind News
My latest book continues to sell well. Its ranking hovers between 1,500 and 2,000 on Amazon. It’s been spied in airports.
Reviews are consistently good. I have been enjoying giving podcast interviews. It all feels pretty good right now.
You can order a signed book from me here.
For those of you in New York, I’m giving at book talk at the Ford Foundation on Thursday, April 6. Admission is free, but you have to register.