A flaw was found in the Linux kernel’s implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.
More Stories
USN-6743-3: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359)
What is the Attack? Cisco issued an advisory on 24th April, regarding its Adaptive Security Appliances, multifunctional devices combining firewall,...
USN-6657-2: Dnsmasq vulnerabilities
USN-6657-1 fixed several vulnerabilities in Dnsmasq. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS....
Defense in depth — the Microsoft way (part 87): shipping more rotten software to billions of unsuspecting customers
Posted by Stefan Kanthak on Apr 24 Hi @ll, this post is a continuation of <https://seclists.org/fulldisclosure/2023/Oct/17> and <https://seclists.org/fulldisclosure/2021/Oct/17> With the...
Response to CVE-2023-26756 – Revive Adserver
Posted by Matteo Beccati on Apr 24 CVE-2023-26756 has been recently filed against the Revive Adserver project. The action was...
USN-6749-1: FreeRDP vulnerabilities
It was discovered that FreeRDP incorrectly handled certain context resets. If a user were tricked into connecting to a malicious...