USN-6648-2: Linux kernel (Azure) vulnerabilities

Read Time:55 Second

It was discovered that a race condition existed in the AppleTalk networking
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-51781)

Zhenghan Wang discovered that the generic ID allocator implementation in
the Linux kernel did not properly check for null bitmap when releasing IDs.
A local attacker could use this to cause a denial of service (system
crash). (CVE-2023-6915)

Robert Morris discovered that the CIFS network file system implementation
in the Linux kernel did not properly validate certain server commands
fields, leading to an out-of-bounds read vulnerability. An attacker could
use this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2024-0565)

Jann Horn discovered that the TLS subsystem in the Linux kernel did not
properly handle spliced messages, leading to an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2024-0646)

Squid Dominated the Oceans in the Late Cretaceous

Tradecraft in the Information Age

ISACA Addresses Experience Gap with CISA Associate Designation

Russian basketball player arrested in ransomware case despite being “useless with computers”

Paddy Power and BetFair have suffered a data breach

British Man Sentenced for Network Rail Wi-Fi Hack

Indian Cyber Espionage Group Targets Italian Government

Over Half of “Finfluencer” Victims Have Lost Money, Says TSB

MPs Warn of “Significant” Iranian Cyber-Threat to UK

USN-6648-2: Linux kernel (Azure) vulnerabilities

Next.js Middleware Auth.Bypass Vulnerability

httpd-2.4.64-1.fc42

httpd-2.4.64-1.fc41

USN-7608-6: Linux kernel (Xilinx ZynqMP) vulnerabilities

restic-0.18.0-1.fc43

SAP NetWeaver S/4HANA – ABAP Code Execution via Internal Function