USN-6625-1: Linux kernel vulnerabilities

Read Time:51 Second

Marek Marczykowski-Górecki discovered that the Xen event channel
infrastructure implementation in the Linux kernel contained a race
condition. An attacker in a guest VM could possibly use this to cause a
denial of service (paravirtualized device unavailability). (CVE-2023-34324)

Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver
in the Linux kernel during device removal. A privileged attacker could use
this to cause a denial of service (system crash). (CVE-2023-35827)

It was discovered that a race condition existed in the Linux kernel when
performing operations with kernel objects, leading to an out-of-bounds
write. A local attacker could use this to cause a denial of service (system
crash) or execute arbitrary code. (CVE-2023-45863)

黄思聪 discovered that the NFC Controller Interface (NCI) implementation in
the Linux kernel did not properly handle certain memory allocation failure
conditions, leading to a null pointer dereference vulnerability. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-46343)

Half of Firms Stall Digital Projects as Cyber Warfare Risk Surges

CISA Warns of CrushFTP Vulnerability Exploitation in the Wild

Arguing Against CALEA

Boards Urged to Follow New Cyber Code of Practice

Russian bots hard at work spreading political unrest on Romania’s internet

Malicious Microsoft VS Code Extensions Used in Cryptojacking Campaign

Smishing Triad Fuels Surge in Toll Payment Scams in US, UK

Darknet’s Xanthorox AI Offers Customizable Tools for Hackers

King Bob pleads guilty to Scattered Spider-linked cryptocurrency thefts from investors

USN-6625-1: Linux kernel vulnerabilities

trunk-0.21.13-1.fc42

USN-7424-1: Expat vulnerability

mod_auth_openidc-2.4.16.11-1.fc41

mod_auth_openidc-2.4.16.11-1.fc40

USN-7423-1: GNU binutils vulnerabilities

USN-7406-6: Linux kernel (NVIDIA Tegra IGX) vulnerabilities