USN-6386-2: Linux kernel (Raspberry Pi) vulnerabilities

Read Time:49 Second

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii
Oleksenko discovered that some AMD processors could leak stale data from
division operations in certain situations. A local attacker could possibly
use this to expose sensitive information. (CVE-2023-20588)

It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle L2CAP socket release, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-40283)

It was discovered that some network classifier implementations in the Linux
kernel contained use-after-free vulnerabilities. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-4128)

Lonial Con discovered that the netfilter subsystem in the Linux kernel
contained a memory leak when handling certain element flush operations. A
local attacker could use this to expose sensitive information (kernel
memory). (CVE-2023-4569)

Compliance Now Biggest Cyber Challenge for UK Financial Services

Bot Traffic Overtakes Human Activity as Threat Actors Turn to AI

Organizations Found to Address Only 21% of GenAI-Related Vulnerabilities

LabHost Phishing Mastermind Sentenced to 8.5 Years

Closing the Gap: How to Build a Consistent Exposure and Vulnerability Management Workflow

Trump Revenge Tour Targets Cyber Leaders, Elections

Upcoming Speaking Engagements

Major WordPress Plugin Flaw Exploited in Under 4 Hours

Prodaft Offers “No Judgment” Deal to Buy Dark Web Accounts from Cybercrime Forum Users

USN-6386-2: Linux kernel (Raspberry Pi) vulnerabilities

cacti-1.2.30-1.el8 cacti-spine-1.2.30-1.el8

cacti-1.2.30-1.el9 cacti-spine-1.2.30-1.el9

USN-7437-1: CImg library vulnerabilities

mujs-1.0.9-2.el8

USN-7436-1: WebKitGTK vulnerabilities

USN-7435-1: Protocol Buffers vulnerability