Category Archives: Advisories

USN-7076-1: Linux kernel (Azure) vulnerabilities

Read Time:15 Second

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Microsoft Azure Network Adapter (MANA) driver;
– Watchdog drivers;
– Netfilter;
– Network traffic control;
(CVE-2024-27397, CVE-2024-45016, CVE-2024-45001, CVE-2024-38630)

Read More

USN-7059-2: OATH Toolkit vulnerability

Read Time:17 Second

USN-7059-1 fixed a vulnerability in OATH Toolkit library. This
update provides the corresponding update for Ubuntu 24.10.

Original advisory details:

Fabian Vogt discovered that OATH Toolkit incorrectly handled file
permissions. A remote attacker could possibly use this issue to
overwrite root owned files, leading to a privilege escalation attack.
(CVE-2024-47191)

Read More

USN-7073-2: Linux kernel (Azure) vulnerabilities

Read Time:14 Second

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Watchdog drivers;
– Netfilter;
– Memory management;
– Network traffic control;
(CVE-2024-27397, CVE-2024-38630, CVE-2024-45016, CVE-2024-26960)

Read More

ZDI-24-1417: Schneider Electric EcoStruxure Data Center Expert Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability

Read Time:13 Second

The vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Data Center Expert. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2024-8531.

Read More