Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Daily Archives: February 12, 2025
USN-7234-4: Linux kernel (AWS) vulnerabilities
Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux
kernel did not properly handle locking for rings with IOPOLL, leading to a
double-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-21400)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– TTY drivers;
– Netfilter;
– Network traffic control;
– VMware vSockets driver;
(CVE-2024-53141, CVE-2024-53103, CVE-2024-40967, CVE-2024-53164)
USN-7235-3: Linux kernel (AWS) vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Netfilter;
– Network traffic control;
– VMware vSockets driver;
(CVE-2024-53164, CVE-2024-53103, CVE-2024-53141)
USN-7236-3: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Netfilter;
– Network traffic control;
– VMware vSockets driver;
(CVE-2024-53164, CVE-2024-53103, CVE-2024-53141)
USN-7238-4: Linux kernel (AWS) vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Network traffic control;
– VMware vSockets driver;
(CVE-2024-53103, CVE-2024-53164)
openssl-3.2.4-1.fc41
FEDORA-2025-e0e44b1b98
Packages in this update:
openssl-3.2.4-1.fc41
Update description:
Rebase to 3.2.4, fix CVE-2024-12797
openssl-3.2.4-1.fc40
FEDORA-2025-becf280371
Packages in this update:
openssl-3.2.4-1.fc40
Update description:
Rebase to 3.2.4
CHERI Security Hardware Program Essential to UK Security, Says Government
NCSC CTO Ollie Whitehouse discussed a UK government-backed project designed to secure underlying computer hardware, preventing most vulnerabilities from occurring
Romance Scams Cost Americans $697.3M Last Year
Romance scams cost Americans $697.3m in 2024, with crypto fraud schemes on the rise
Exclusive: Massive IoT Data Breach Exposes 2.7 Billion Records
Massive IoT data breach exposed 2.7 billion records including Wi-Fi credentials