Daily Archives: September 23, 2024

Advisories

USN-7028-1: Linux kernel vulnerabilities

Read Time:51 Second

It was discovered that the JFS file system contained an out-of-bounds read
vulnerability when printing xattr debug information. A local attacker could
use this to cause a denial of service (system crash).

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– GPU drivers;
– Greybus drivers;
– Modular ISDN driver;
– Multiple devices driver;
– Network drivers;
– SCSI drivers;
– VFIO drivers;
– F2FS file system;
– GFS2 file system;
– JFS file system;
– NILFS2 file system;
– Kernel debugger infrastructure;
– Bluetooth subsystem;
– IPv4 networking;
– L2TP protocol;
– Netfilter;
– RxRPC session sockets;
(CVE-2024-42154, CVE-2023-52527, CVE-2024-26733, CVE-2024-42160,
CVE-2021-47188, CVE-2024-38570, CVE-2024-26851, CVE-2024-26984,
CVE-2024-26677, CVE-2024-39480, CVE-2024-27398, CVE-2022-48791,
CVE-2024-42224, CVE-2024-38583, CVE-2024-40902, CVE-2023-52809,
CVE-2024-39495, CVE-2024-26651, CVE-2024-26880, CVE-2024-42228,
CVE-2024-27437, CVE-2022-48863)

Read More

Advisories

USN-7020-2: Linux kernel vulnerabilities

Read Time:18 Second

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– GPU drivers;
– Network drivers;
– SCSI drivers;
– F2FS file system;
– BPF subsystem;
– IPv4 networking;
(CVE-2024-42160, CVE-2024-42159, CVE-2024-42154, CVE-2024-41009,
CVE-2024-42228, CVE-2024-42224)

Read More

News

Quantum Computing and Cybersecurity – Preparing for a New Age of Threats

Read Time:6 Minute, 10 Second

The content of this post is solely the responsibility of the author.  LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article. 

Quantum computing is no longer just a distant technological breakthrough confined to research labs. It is quickly becoming a reality that will transform the digital landscape as we know it. Quantum computers utilize the principles of quantum mechanics to perform complex computations at unprecedented speeds. While this revolutionary computing power has the potential to solve problems that traditional computers cannot handle, it also poses a significant threat to modern cybersecurity practices.

Currently, most data encryption systems rely on algorithms that are effective against classical computers. However, quantum computers can break through these encryption methods with relative ease, leading to a new and unprecedented era of vulnerability. This makes quantum computing a double-edged sword—unlocking new possibilities while simultaneously disrupting the security foundations of the digital economy.

Many companies that store and transmit sensitive information, such as financial data, health records, or intellectual property, are particularly at risk. Even though quantum computers are not widely accessible yet, the data encrypted today could be harvested and decrypted in the future using quantum technology. This is why businesses must act now to prepare for the quantum future, ensuring they are not caught off guard when this technology becomes mainstream. Being proactive will safeguard data and strengthen cybersecurity systems against emerging threats.

Understanding Quantum Risks 

The advent of quantum computing introduces a series of unprecedented risks to the current landscape of cybersecurity. While traditional cryptographic algorithms such as RSA and elliptic curve cryptography (ECC) have long been trusted to protect sensitive data, they are now under threat from quantum computers’ immense processing power. Quantum computing can break the mathematical problems that these encryption methods rely on, making them obsolete.

One of the most concerning threats is the possibility of “harvest now, decrypt later” attacks. In these scenarios, malicious actors collect encrypted data now, anticipating that quantum computers will soon have the power to decrypt it. This is particularly dangerous for organizations dealing with highly sensitive, long-lived data. While this data may be safe from current threats, it is vulnerable to future decryption, potentially exposing private information once quantum technology becomes more accessible. This threat, combined with existing vulnerabilities from insider threats, underscores the urgent need for organizations to reassess their cybersecurity measures.

In addition to this future risk, some cybersecurity protocols are already at heightened risk due to quantum advancements. Public key infrastructure (PKI), which underpins many aspects of digital security, including secure web browsing, email encryption, and VPNs, is one example of a system vulnerable to quantum attacks. Algorithms like RSA and ECC are heavily used in these security measures, but their reliance on factorization or discrete logarithms makes them susceptible to quantum decryption, emphasizing the importance of insider threat monitoring.

As a result, encryption methods that have been reliable for decades are becoming increasingly fragile in the face of quantum power. Companies that fail to acknowledge this evolving threat run the risk of having their data exposed or stolen, even years from now. The quantum threat is real, and it’s only a matter of time before cybercriminals fully harness this power to break today’s most secure encryption methods.

Preparing for a Quantum-Resilient Future

As the quantum era approaches, companies need to take proactive steps to protect their data and systems from the vulnerabilities exposed by quantum computing. Preparing for a quantum-resilient future involves adopting new cryptographic methods, enhancing security protocols, and building agility into the organization’s cybersecurity framework.

One of the most important steps in this preparation is the adoption of quantum-safe cryptography, also known as post-quantum cryptography. These cryptographic algorithms are designed to be secure against both classical and quantum attacks. Companies should begin exploring these new encryption methods now to ensure a smooth transition as standards are finalized. Methods like lattice-based cryptography and hash-based signatures are promising candidates that resist quantum attacks.

Another crucial aspect of preparation is crypto-agility, which is the ability to switch between different cryptographic algorithms and protocols as threats evolve. Implementing crypto-agility now will allow organizations to adapt swiftly as quantum-resistant algorithms are developed and tested. This strategy reduces the risk of being locked into outdated cryptographic systems that could be rendered insecure overnight by quantum advancements.

Companies should also consider assessing their current cybersecurity infrastructure for vulnerabilities to quantum attacks. This includes conducting a thorough audit of all systems that use public key encryption and evaluating how long critical data needs to remain secure. Industries handling long-lived sensitive data, including healthcare, government entities, and travel platforms storing extensive user information, should prioritize these updates to protect their customers’ information from future threats.

Building a roadmap for quantum resilience is another essential step. This roadmap should guide the organization from its current cryptographic ecosystem to a post-quantum one. It includes setting milestones for adopting quantum-resistant encryption, developing protocols for securely handling long-term data, and ensuring that key personnel are trained on the emerging quantum threat landscape. Businesses that start planning now will be better positioned to adapt when quantum computing becomes mainstream.

While many companies are preparing for the future, it’s also important to monitor regulatory developments in quantum cryptography. Governmental agencies such as NIST and the European Telecommunications Standards Institute (ETSI) are actively working on quantum-safe standards. Staying informed on these efforts ensures organizations remain compliant while protecting their systems from quantum threats. 

Incorporating these strategies into a comprehensive cybersecurity plan is the key to future-proofing your organization against quantum-enabled threats. By investing in quantum-safe cryptography, developing crypto-agility, and staying ahead of regulatory changes, organizations can secure their data and protect their operations against the coming quantum revolution.

Future-Proofing Cybersecurity in the Quantum Era 

As we stand on the brink of the quantum computing revolution, the need to future-proof cybersecurity has never been more critical. While quantum computing holds immense promise for technological advancements, it also threatens to disrupt the security frameworks that protect our most sensitive data. Organizations must take a proactive approach to ensure they are prepared for the quantum era, which means thinking ahead, embracing innovation, and continuously adapting to an ever-evolving threat landscape.

The road to quantum resilience will require ongoing vigilance. The development of quantum-safe cryptography, the ability to adapt quickly to new security standards, and close monitoring of regulatory changes will be key elements in staying one step ahead of quantum threats. Organizations that begin their preparations now will be better positioned to protect their data and maintain trust in the digital economy as quantum computing progresses.

The challenge may seem daunting, but it is also an opportunity to build stronger, more resilient cybersecurity frameworks. By committing to long-term planning and fostering a culture of security awareness, businesses can safeguard their future and ensure they are ready for whatever the quantum era may bring.

In a world where the stakes are high, investing in quantum-resistant technologies today will pay off tomorrow. The future belongs to those who not only recognize the challenges ahead but also take decisive action to meet them. As the quantum era unfolds, being prepared will make all the difference in protecting the digital landscape for years to come.

 

Read More

Advisories

USN-7007-2: Linux kernel vulnerabilities

Read Time:5 Minute, 10 Second

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)

Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel
did not properly check for the device to be enabled before writing. A local
attacker could possibly use this to cause a denial of service.
(CVE-2024-25741)

It was discovered that the JFS file system contained an out-of-bounds read
vulnerability when printing xattr debug information. A local attacker could
use this to cause a denial of service (system crash). (CVE-2024-40902)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM64 architecture;
– M68K architecture;
– MIPS architecture;
– PowerPC architecture;
– RISC-V architecture;
– x86 architecture;
– Block layer subsystem;
– Cryptographic API;
– Accessibility subsystem;
– ACPI drivers;
– Serial ATA and Parallel ATA drivers;
– Drivers core;
– Bluetooth drivers;
– Character device driver;
– CPU frequency scaling framework;
– Hardware crypto device drivers;
– Buffer Sharing and Synchronization framework;
– DMA engine subsystem;
– FPGA Framework;
– GPIO subsystem;
– GPU drivers;
– Greybus drivers;
– HID subsystem;
– HW tracing;
– I2C subsystem;
– IIO subsystem;
– InfiniBand drivers;
– Input Device (Mouse) drivers;
– Macintosh device drivers;
– Multiple devices driver;
– Media drivers;
– VMware VMCI Driver;
– Network drivers;
– Near Field Communication (NFC) drivers;
– NVME drivers;
– Pin controllers subsystem;
– PTP clock framework;
– S/390 drivers;
– SCSI drivers;
– SoundWire subsystem;
– Greybus lights staging drivers;
– Media staging drivers;
– Thermal drivers;
– TTY drivers;
– USB subsystem;
– DesignWare USB3 driver;
– Framebuffer layer;
– ACRN Hypervisor Service Module driver;
– eCrypt file system;
– File systems infrastructure;
– Ext4 file system;
– F2FS file system;
– JFFS2 file system;
– JFS file system;
– NILFS2 file system;
– NTFS3 file system;
– SMB network file system;
– IOMMU subsystem;
– Memory management;
– Netfilter;
– BPF subsystem;
– Kernel debugger infrastructure;
– DMA mapping infrastructure;
– IRQ subsystem;
– Tracing infrastructure;
– 9P file system network protocol;
– B.A.T.M.A.N. meshing protocol;
– CAN network layer;
– Ceph Core library;
– Networking core;
– IPv4 networking;
– IPv6 networking;
– IUCV driver;
– MAC80211 subsystem;
– Multipath TCP;
– NET/ROM layer;
– NFC subsystem;
– Open vSwitch;
– Network traffic control;
– TIPC protocol;
– TLS protocol;
– Unix domain sockets;
– Wireless networking;
– XFRM subsystem;
– ALSA framework;
– SoC Audio for Freescale CPUs drivers;
– Kirkwood ASoC drivers;
(CVE-2024-42140, CVE-2024-38580, CVE-2024-38555, CVE-2024-38591,
CVE-2024-40942, CVE-2024-42130, CVE-2024-41095, CVE-2024-40994,
CVE-2024-39469, CVE-2024-38610, CVE-2024-42097, CVE-2024-42137,
CVE-2024-31076, CVE-2024-38552, CVE-2024-36489, CVE-2024-40983,
CVE-2024-40908, CVE-2024-39493, CVE-2024-40970, CVE-2024-40901,
CVE-2024-38567, CVE-2024-38599, CVE-2024-38605, CVE-2024-42119,
CVE-2024-38590, CVE-2024-38558, CVE-2023-52884, CVE-2024-41000,
CVE-2024-42101, CVE-2024-40943, CVE-2024-39507, CVE-2024-42115,
CVE-2024-40968, CVE-2024-42095, CVE-2024-41034, CVE-2024-38618,
CVE-2024-38633, CVE-2024-40904, CVE-2024-42070, CVE-2024-38583,
CVE-2024-39471, CVE-2024-38578, CVE-2024-38637, CVE-2024-40987,
CVE-2024-39506, CVE-2024-39482, CVE-2024-42124, CVE-2024-40981,
CVE-2024-35927, CVE-2022-48772, CVE-2024-38588, CVE-2023-52887,
CVE-2024-40941, CVE-2024-34027, CVE-2024-38627, CVE-2024-42106,
CVE-2024-40927, CVE-2024-38559, CVE-2024-39499, CVE-2024-39505,
CVE-2024-42120, CVE-2024-38615, CVE-2024-39467, CVE-2024-42232,
CVE-2024-38589, CVE-2024-38621, CVE-2024-41002, CVE-2024-40934,
CVE-2024-38582, CVE-2024-39480, CVE-2024-38571, CVE-2024-39301,
CVE-2024-38612, CVE-2024-39495, CVE-2024-39276, CVE-2024-42096,
CVE-2024-41041, CVE-2024-40912, CVE-2024-41089, CVE-2024-41093,
CVE-2024-40931, CVE-2024-42092, CVE-2024-41047, CVE-2024-40956,
CVE-2024-42229, CVE-2024-40914, CVE-2024-39490, CVE-2024-38548,
CVE-2024-41044, CVE-2024-40967, CVE-2024-38596, CVE-2024-40902,
CVE-2024-41055, CVE-2024-38601, CVE-2024-42153, CVE-2024-38623,
CVE-2024-35247, CVE-2024-38635, CVE-2024-38662, CVE-2024-42086,
CVE-2024-42102, CVE-2024-42154, CVE-2024-38587, CVE-2024-39466,
CVE-2024-40911, CVE-2024-39503, CVE-2024-42090, CVE-2024-42087,
CVE-2024-40929, CVE-2024-37078, CVE-2024-39489, CVE-2024-42244,
CVE-2024-40980, CVE-2024-38624, CVE-2024-42105, CVE-2024-36270,
CVE-2024-41092, CVE-2024-40937, CVE-2024-38780, CVE-2024-41035,
CVE-2024-42104, CVE-2024-40988, CVE-2024-36894, CVE-2024-42157,
CVE-2024-38613, CVE-2024-40916, CVE-2024-41040, CVE-2024-36032,
CVE-2024-40978, CVE-2024-38579, CVE-2024-38550, CVE-2024-41049,
CVE-2024-40959, CVE-2024-42131, CVE-2024-42161, CVE-2024-42247,
CVE-2024-37356, CVE-2024-40905, CVE-2024-42098, CVE-2024-40932,
CVE-2024-42236, CVE-2024-38565, CVE-2024-38661, CVE-2024-40963,
CVE-2024-42240, CVE-2024-40984, CVE-2024-39277, CVE-2024-38573,
CVE-2024-39509, CVE-2024-41006, CVE-2024-34777, CVE-2024-42152,
CVE-2024-40954, CVE-2024-39501, CVE-2024-42109, CVE-2024-42080,
CVE-2024-42225, CVE-2024-41007, CVE-2024-42077, CVE-2024-38634,
CVE-2024-40995, CVE-2024-42084, CVE-2024-40974, CVE-2024-38586,
CVE-2024-42224, CVE-2024-40960, CVE-2024-39500, CVE-2024-41004,
CVE-2024-42145, CVE-2024-38619, CVE-2024-36974, CVE-2024-39502,
CVE-2024-41097, CVE-2024-40958, CVE-2024-41027, CVE-2024-36972,
CVE-2024-36286, CVE-2024-40990, CVE-2024-42082, CVE-2024-40945,
CVE-2024-36014, CVE-2024-42068, CVE-2024-41087, CVE-2024-36978,
CVE-2024-42148, CVE-2024-40971, CVE-2024-38546, CVE-2024-39488,
CVE-2024-41048, CVE-2024-42121, CVE-2024-38381, CVE-2024-41046,
CVE-2024-36971, CVE-2024-42085, CVE-2024-39487, CVE-2024-33847,
CVE-2024-38607, CVE-2024-33621, CVE-2024-40957, CVE-2024-42127,
CVE-2024-38547, CVE-2024-36015, CVE-2024-38549, CVE-2024-38597,
CVE-2024-42093, CVE-2024-42089, CVE-2024-39468, CVE-2024-38560,
CVE-2024-42223, CVE-2024-38659, CVE-2024-38598, CVE-2024-40976,
CVE-2024-42094, CVE-2024-41005, CVE-2024-39475, CVE-2024-40961,
CVE-2024-42076)

Read More

Advisories

ZDI-24-1273: (0Day) FastStone Image Viewer PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-9112.

Read More

Advisories

ZDI-24-1274: (0Day) FastStone Image Viewer TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-9113.

Read More

Advisories

ZDI-24-1275: (0Day) FastStone Image Viewer GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-9114.

Read More