Category Archives: Advisories

Re: over 2000 packages depend on abort()ing libgmp

Read Time:23 Second

Posted by Georgi Guninski on Oct 16

Observe that ubuntu issue advisory about libgmp crash
without mentioning potential exploitability.

quote:
https://ubuntu.com/security/notices/USN-5672-1

Details
12 October 2022

It was discovered that GMP did not properly manage memory
on 32-bit platforms when processing a specially crafted
input. An attacker could possibly use this issue to cause
applications using GMP to crash, resulting in a denial of
service.

References
CVE-2021-43618

Read More

Apple Music Android Application – MITM SSL Certificate Vulnerability (CVE-2022-32906)

Read Time:23 Second

Posted by David Coomber on Oct 16

Apple Music Android Application – MITM SSL Certificate Vulnerability
(CVE-2022-32906)

https://www.info-sec.ca/advisories/Apple-Music-Android.html

Overview

“Stream over 90 million songs, all ad-free.”

(https://play.google.com/store/apps/details?id=com.apple.android.music)

Issue

The Apple Music Android application (versions 3.8.0 – 3.10.2 were
tested, versions 2.0.1 – 3.7.2 have not been tested
[…

Read More