USN-6648-2: Linux kernel (Azure) vulnerabilities

Read Time:55 Second

It was discovered that a race condition existed in the AppleTalk networking
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-51781)

Zhenghan Wang discovered that the generic ID allocator implementation in
the Linux kernel did not properly check for null bitmap when releasing IDs.
A local attacker could use this to cause a denial of service (system
crash). (CVE-2023-6915)

Robert Morris discovered that the CIFS network file system implementation
in the Linux kernel did not properly validate certain server commands
fields, leading to an out-of-bounds read vulnerability. An attacker could
use this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2024-0565)

Jann Horn discovered that the TLS subsystem in the Linux kernel did not
properly handle spliced messages, leading to an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2024-0646)

Microsoft Reports 92% Adoption Rate for Phishing-Resistant MFA Among Corporate Users

Android Improves Its Security

SuperCard X Enables Contactless ATM Fraud in Real-Time

Billbug Espionage Group Deploys New Tools in Southeast Asia

New Cryptojacking Malware Targets Docker with Novel Mining Technique

The AI Fix #47: An AI is the best computer programmer in the world

Scalllywag Ad Fraud Network Generates 1.4 Billion Bid Requests Daily

$40bn Southeast Asian Scam Sector Growing “Like a Cancer”

Crosswalks hacked to play fake audio of Musk, Zuck, and Jeff Bezos

USN-6648-2: Linux kernel (Azure) vulnerabilities

Erlang/OTP RCE (CVE-2025-32433)

digikam-8.6.0-4.fc40

digikam-8.6.0-4.fc41

digikam-8.6.0-4.fc42

epiphany-47.6-1.fc41

epiphany-48.2-1.fc42