USN-7161-1: Docker vulnerabilities

Read Time:27 Second

Yair Zak discovered that Docker could unexpectedly forward DNS requests
from internal networks in an unexpected manner. An attacker could possibly
use this issue to exfiltrate data by encoding information in DNS queries
to controlled nameservers. This issue was only addressed in
Ubuntu 24.04 LTS. (CVE-2024-29018)

Cory Snider discovered that Docker did not properly handle authorization
plugin request processing. An attacker could possibly use this issue to
bypass authorization controls by forwarding API requests without their
full body, leading to unauthorized actions. (CVE-2024-41110)

New Advances in the Understanding of Prime Numbers

US Government Issues Cloud Security Requirements for Federal Agencies

Phishing Attacks Double in 2024

New Attacks Exploit VSCode Extensions and npm Packages

It’s time to stop calling it “pig butchering”

How to Lose a Fortune with Just One Bad Click

Attacker Distributes DarkGate Using MS Teams Vishing Technique

Nigeria Cracks Down on Cryptocurrency Investment Fraud and Romance Scams

Meta Hit with Massive $263m GDPR Fine

USN-7161-1: Docker vulnerabilities

USN-7169-2: Linux kernel (GCP) vulnerabilities

age-1.2.1-1.fc41

USN-7172-1: libvpx vulnerability

USN-7176-1: GStreamer Good Plugins vulnerabilities

USN-7175-1: GStreamer Base Plugins vulnerabilities

USN-7174-1: GStreamer vulnerability