USN-5311-2: containerd regression

Read Time:21 Second

USN-5311-1 released updates for contained. Unfortunately, a subsequent update
reverted the fix for this CVE by mistake. This update corrects the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that containerd allows attackers to gain access to read-
only copies of arbitrary files and directories on the host via a specially-
crafted image configuration. An attacker could possibly use this issue to
obtain sensitive information.

Windows CLFS Driver Elevation of Privilege

What is the Vulnerability?A zero-day vulnerability has recently been identified in the Common Log File System (CLFS) kernel driver. CLFS...

April 11, 2025

USN-7432-1: libsoup vulnerabilities

It was discovered that libsoup could be made to read out of bounds. An attacker could possibly use this issue...

April 10, 2025

chromium-135.0.7049.84-1.fc40

FEDORA-2025-4ad8f5e805 Packages in this update: chromium-135.0.7049.84-1.fc40 Update description: Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation Read...

April 10, 2025

chromium-135.0.7049.84-1.el10_1

FEDORA-EPEL-2025-d2ac333cd9 Packages in this update: chromium-135.0.7049.84-1.el10_1 Update description: Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation Read...

April 10, 2025

chromium-135.0.7049.84-1.el9

FEDORA-EPEL-2025-6930d627d4 Packages in this update: chromium-135.0.7049.84-1.el9 Update description: Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation Read...

April 10, 2025

chromium-135.0.7049.84-1.fc41

FEDORA-2025-20e35f4f9f Packages in this update: chromium-135.0.7049.84-1.fc41 Update description: Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation Read...

April 10, 2025

Reimagining Democracy

China-based SMS Phishing Triad Pivots to Banks

Google Cloud: China Achieves “Cyber Superpower” Status

Google Cloud: CISOs Demand Simplified Security Tools Amid Growing Tech Complexity

Over 40% of UK Businesses Faced Cybersecurity Breaches in 2024

SpyNote Malware Targets Android Users with Fake Google Play Pages

AI-Powered AkiraBot Evades CAPTCHA to Spam 80,000 Websites

Operation Endgame Continues with Smokeloader Customer Arrests

Smashing Security podcast #412: Signalgate sucks, and the quandary of quishing

USN-5311-2: containerd regression

Windows CLFS Driver Elevation of Privilege

USN-7432-1: libsoup vulnerabilities

chromium-135.0.7049.84-1.fc40

chromium-135.0.7049.84-1.el10_1

chromium-135.0.7049.84-1.el9

chromium-135.0.7049.84-1.fc41