Read Time:7 Second
A new report by Cato Networks found that exploiting old vulnerabilities in unpatched systems is one of threat actors’ favorite initial access vectors
Monthly Archives: May 2024
djvulibre-3.5.28-5.el8
Read Time:8 Second
FEDORA-EPEL-2024-f7310355bb
Packages in this update:
djvulibre-3.5.28-5.el8
Update description:
Security fix for CVE-2021-46310 and CVE-2021-46312.
djvulibre-3.5.28-4.el9
Read Time:8 Second
FEDORA-EPEL-2024-ff0fd23aa7
Packages in this update:
djvulibre-3.5.28-4.el9
Update description:
Security fix for CVE-2021-46310 and CVE-2021-46312.
djvulibre-3.5.28-6.fc38
Read Time:8 Second
FEDORA-2024-e8b9bedd36
Packages in this update:
djvulibre-3.5.28-6.fc38
Update description:
Security fix for CVE-2021-46310 and CVE-2021-46312.
djvulibre-3.5.28-9.fc40
Read Time:8 Second
FEDORA-2024-d20163632f
Packages in this update:
djvulibre-3.5.28-9.fc40
Update description:
Security fix for CVE-2021-46310 and CVE-2021-46312.
djvulibre-3.5.28-7.fc39
Read Time:8 Second
FEDORA-2024-891c09df97
Packages in this update:
djvulibre-3.5.28-7.fc39
Update description:
Security fix for CVE-2021-46310 and CVE-2021-46312.
New Attack on VPNs
Read Time:1 Minute, 6 Second
This attack has been feasible for over two decades:
Researchers have devised an attack against nearly all virtual private network applications that forces them to send and receive some or all traffic outside of the encrypted tunnel designed to protect it from snooping or tampering.
TunnelVision, as the researchers have named their attack, largely negates the entire purpose and selling point of VPNs, which is to encapsulate incoming and outgoing Internet traffic in an encrypted tunnel and to cloak the user’s IP address. The researchers believe it affects all VPN applications when they’re connected to a hostile network and that there are no ways to prevent such attacks except when the user’s VPN runs on Linux or Android. They also said their attack technique may have been possible since 2002 and may already have been discovered and used in the wild since then.
[…]
The attack works by manipulating the DHCP server that allocates IP addresses to devices trying to connect to the local network. A setting known as option 121 allows the DHCP server to override default routing rules that send VPN traffic through a local IP address that initiates the encrypted tunnel. By using option 121 to route VPN traffic through the DHCP server, the attack diverts the data to the DHCP server itself.
Ransomware Strikes Wichita, Services Disrupted
Read Time:5 Second
Online payment systems, such as those for water bills and court citations, are still offline
USN-6765-1: Linux kernel (OEM) vulnerabilities
Read Time:3 Minute, 33 Second
Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel
did not properly validate H2C PDU data, leading to a null pointer
dereference vulnerability. A remote attacker could use this to cause a
denial of service (system crash). (CVE-2023-6356, CVE-2023-6535,
CVE-2023-6536)
Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida
discovered that the Linux kernel mitigations for the initial Branch History
Injection vulnerability (CVE-2022-0001) were insufficient for Intel
processors. A local attacker could potentially use this to expose sensitive
information. (CVE-2024-2201)
Chenyuan Yang discovered that the RDS Protocol implementation in the Linux
kernel contained an out-of-bounds read vulnerability. An attacker could use
this to possibly cause a denial of service (system crash). (CVE-2024-23849)
It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel, leading to a null pointer dereference vulnerability. A
privileged local attacker could use this to possibly cause a denial of
service (system crash). (CVE-2024-24860)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM64 architecture;
– PowerPC architecture;
– S390 architecture;
– Core kernel;
– x86 architecture;
– Block layer subsystem;
– Cryptographic API;
– Android drivers;
– Drivers core;
– Power management core;
– Bus devices;
– Hardware random number generator core;
– Device frequency;
– DMA engine subsystem;
– EDAC drivers;
– ARM SCMI message protocol;
– GPU drivers;
– IIO ADC drivers;
– InfiniBand drivers;
– IOMMU subsystem;
– Media drivers;
– Multifunction device drivers;
– MTD block device drivers;
– Network drivers;
– NVME drivers;
– PCI driver for MicroSemi Switchtec;
– x86 platform drivers;
– Power supply drivers;
– SCSI drivers;
– QCOM SoC drivers;
– SPMI drivers;
– Thermal drivers;
– TTY drivers;
– VFIO drivers;
– BTRFS file system;
– Ceph distributed file system;
– EFI Variable file system;
– EROFS file system;
– Ext4 file system;
– F2FS file system;
– GFS2 file system;
– JFS file system;
– Network file systems library;
– Network file system server daemon;
– Pstore file system;
– ReiserFS file system;
– SMB network file system;
– BPF subsystem;
– Memory management;
– TLS protocol;
– Networking core;
– IPv4 networking;
– IPv6 networking;
– Logical Link layer;
– Netfilter;
– Network traffic control;
– SMC sockets;
– Sun RPC protocol;
– AppArmor security module;
(CVE-2023-52635, CVE-2024-26632, CVE-2023-52468, CVE-2023-52472,
CVE-2023-52589, CVE-2024-26671, CVE-2024-26640, CVE-2024-26631,
CVE-2023-52489, CVE-2023-52616, CVE-2023-52445, CVE-2023-52463,
CVE-2024-26610, CVE-2023-52497, CVE-2023-52453, CVE-2023-52470,
CVE-2024-26649, CVE-2023-52583, CVE-2024-26644, CVE-2023-52607,
CVE-2023-52587, CVE-2024-26594, CVE-2023-52618, CVE-2023-52495,
CVE-2023-52632, CVE-2024-26583, CVE-2023-52633, CVE-2023-52591,
CVE-2024-26633, CVE-2023-52627, CVE-2024-26670, CVE-2024-26598,
CVE-2024-26592, CVE-2023-52473, CVE-2023-52623, CVE-2023-52446,
CVE-2023-52443, CVE-2023-52451, CVE-2024-26629, CVE-2023-52462,
CVE-2024-26808, CVE-2023-52598, CVE-2023-52611, CVE-2023-52492,
CVE-2023-52456, CVE-2023-52626, CVE-2023-52455, CVE-2024-26641,
CVE-2023-52588, CVE-2023-52608, CVE-2024-26618, CVE-2024-26582,
CVE-2023-52609, CVE-2023-52604, CVE-2024-26646, CVE-2024-26634,
CVE-2023-52469, CVE-2023-52467, CVE-2023-52447, CVE-2024-26623,
CVE-2023-52621, CVE-2024-26647, CVE-2024-26615, CVE-2023-52450,
CVE-2023-52619, CVE-2023-52610, CVE-2023-52606, CVE-2023-52464,
CVE-2023-52465, CVE-2024-26638, CVE-2023-52498, CVE-2024-26625,
CVE-2023-52449, CVE-2023-52584, CVE-2023-52454, CVE-2023-52458,
CVE-2024-26585, CVE-2024-26669, CVE-2023-52493, CVE-2024-26645,
CVE-2024-26607, CVE-2023-52615, CVE-2023-52617, CVE-2024-26612,
CVE-2024-26668, CVE-2023-52594, CVE-2023-52612, CVE-2024-26584,
CVE-2024-26586, CVE-2024-26616, CVE-2024-26673, CVE-2023-52448,
CVE-2024-26620, CVE-2023-52614, CVE-2024-26636, CVE-2023-52602,
CVE-2023-52452, CVE-2023-52601, CVE-2024-26635, CVE-2024-26627,
CVE-2023-52488, CVE-2023-52487, CVE-2023-52597, CVE-2023-52494,
CVE-2023-52444, CVE-2024-26608, CVE-2023-52593, CVE-2023-52491,
CVE-2023-52595, CVE-2023-52599, CVE-2024-26595, CVE-2023-52622,
CVE-2024-26650, CVE-2024-26614, CVE-2023-52490, CVE-2023-52486,
CVE-2023-52457)
USN-6764-1: libde265 vulnerability
Read Time:13 Second
It was discovered that libde265 could be made to allocate memory that
exceeds the maximum supported size. If a user or automated system were
tricked into opening a specially crafted file, an attacker could possibly
use this issue to cause a denial of service.