Category Archives: Advisories

USN-5295-1: Linux kernel (HWE) vulnerabilities

Read Time:1 Minute, 5 Second

It was discovered that the Packet network protocol implementation in the
Linux kernel contained a double-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-22600)

Jann Horn discovered a race condition in the Unix domain socket
implementation in the Linux kernel that could result in a read-after-free.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-4083)

Kirill Tkhai discovered that the XFS file system implementation in the
Linux kernel did not calculate size correctly when pre-allocating space in
some situations. A local attacker could use this to expose sensitive
information. (CVE-2021-4155)

Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in
the Linux kernel did not perform a GPU TLB flush in some situations. A
local attacker could use this to cause a denial of service or possibly
execute arbitrary code. (CVE-2022-0330)

It was discovered that the VMware Virtual GPU driver in the Linux kernel
did not properly handle certain failure conditions, leading to a stale
entry in the file descriptor table. A local attacker could use this to
expose sensitive information or possibly gain administrative privileges.
(CVE-2022-22942)

Read More

SEC Consult SA-20220215 :: Multiple Critical Vulnerabilities in multiple Zyxel devices

Read Time:15 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Feb 16

SEC Consult Vulnerability Lab Security Advisory < 20220215-0 >
=======================================================================
title: Multiple Critical Vulnerabilities
product: Multiple Zyxel devices
vulnerable version: For affected products see “Solution” section
fixed version: see “Solution” section
CVE number: –
impact: Critical
homepage:…

Read More

Trojan-Spy.Win32.Zbot.aawo.Zeus-Builder / Insecure Permissions

Read Time:20 Second

Posted by malvuln on Feb 16

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/fe0dacbc953d4301232b386fcb3afc23.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Spy.Win32.Zbot.aawo.Zeus-Builder
Vulnerability: Insecure Permissions
Description: ZeuS Builder saves PE files to the c drive with insecure
permissions granting change (C) permissions to the authenticated user
group. Standard users can…

Read More

Backdoor.Win32.Prosti.b / Insecure Permissions

Read Time:19 Second

Posted by malvuln on Feb 16

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/8201ba6b542fc91c004110b2fc5395aa.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Prosti.b
Vulnerability: Insecure Permissions
Description: The malware writes a “.dll” PE file with insecure permissions
under c drive granting change (C) permissions to the authenticated user
group. Standard users can…

Read More

Email-Worm.Win32.Lama / Insecure Permissions

Read Time:19 Second

Posted by malvuln on Feb 16

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/1c255ef6fd44877700867f94a59875d2.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Email-Worm.Win32.Lama
Vulnerability: Insecure Permissions
Description: The malware writes a “.BAT” file with insecure permissions
under c drive granting change (C) permissions to the authenticated user
group. Standard users can rename…

Read More

Backdoor.Win32.Prorat.lkt / Weak Hardcoded Password

Read Time:19 Second

Posted by malvuln on Feb 16

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/65a53a37843db2b86a67a9e23277c1bf.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Prorat.lkt
Vulnerability: Weak Hardcoded Password
Description: The malware listens on TCP port 2121. Authentication is
required, however the password “special” is weak and hardcoded in cleartext
at offset 0040267C.
Type:…

Read More