Category Archives: Advisories

LSN-0102-1: Kernel Live Patch Security Notice

Read Time:1 Minute, 22 Second

It was discovered that a race condition existed in the io_uring subsystem
in the Linux kernel, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code.(CVE-2023-1872)

Lonial Con discovered that the netfilter subsystem in the Linux kernel
contained a memory leak when handling certain element flush operations. A
local attacker could use this to expose sensitive information (kernel
memory).(CVE-2023-4569)

It was discovered that the TLS subsystem in the Linux kernel did not
properly perform cryptographic operations in some situations, leading to a
null pointer dereference vulnerability. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code.(CVE-2023-6176)

It was discovered that a race condition existed in the AppleTalk networking
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code.(CVE-2023-51781)

Jann Horn discovered that the TLS subsystem in the Linux kernel did not
properly handle spliced messages, leading to an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code.(CVE-2024-0646)

Notselwyn discovered that the netfilter subsystem in the Linux kernel did
not properly handle verdict parameters in certain cases, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.(CVE-2024-1086)

Read More

Microsoft PlayReady deficiencies / content key sniffing on Windows

Read Time:23 Second

Posted by Security Explorations on Apr 02

Hello All,

It’s been 1.5 years since Microsoft got a notification about PlayReady issues
affecting Canal+ VOD service in Poland [1].

Per information received from Microsoft back then:
1) “to maintain the integrity of the PlayReady ecosystem, the company takes
reports such as (ours) very seriously” (Oct 7, 2022),
2) the STB manufacturer committed to mitigate the incident (Nov 18, 2022).

However, as of late Mar 2024, no change…

Read More