USN-7047-1: Knot Resolver vulnerabilities

Read Time:41 Second

Vladimír Čunát discovered that Knot Resolver incorrectly handled input
during DNSSEC validation. A remote attacker could possibly use this issue
to bypass certain validations. (CVE-2019-10190)

Vladimír Čunát discovered that Knot Resolver incorrectly handled input
during DNSSEC validation. A remote attacker could possibly use this issue
to downgrade DNSSEC-secure domains to a DNSSEC-insecure state, resulting
in a domain hijacking attack. (CVE-2019-10191)

Vladimír Čunát discovered that Knot Resolver incorrectly handled certain
DNS replies with many resource records. An attacker could possibly use
this issue to consume system resources, resulting in a denial of service.
(CVE-2019-19331)

Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Knot
Resolver incorrectly handled certain queries. A remote attacker could
use this issue to perform an amplification attack directed at a target.
(CVE-2020-12667)

Friday Squid Blogging: Squid Sticker

Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe

Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers

LockBit Admins Tease a New Ransomware Version

Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns

CISA Urges Encrypted Messaging After Salt Typhoon Hack

Ransomware Attackers Target Industries with Low Downtime Tolerance

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

US Organizations Still Using Kaspersky Products Despite Ban

USN-7047-1: Knot Resolver vulnerabilities

CyberDanube Security Research 20241219-0 | Authenticated Remote Code Execution in Ewon Flexy 205

USN-7179-1: Linux kernel vulnerabilities

USN-7173-2: Linux kernel vulnerabilities

swiftlint-0.57.1-1.fc42

USN-7166-3: Linux kernel (HWE) vulnerabilities

USN-7159-4: Linux kernel (IoT) vulnerabilities