Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-01-22

Ubuntu Security Notice USN-3537-1
Posted Jan 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3537-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.59 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, and Ubuntu 17.10 have been updated to MySQL 5.7.21. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-2562, CVE-2018-2565, CVE-2018-2573, CVE-2018-2576, CVE-2018-2583, CVE-2018-2586, CVE-2018-2590, CVE-2018-2600, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2645, CVE-2018-2646, CVE-2018-2647, CVE-2018-2665, CVE-2018-2667, CVE-2018-2668, CVE-2018-2696, CVE-2018-2703
MD5 | 82a01701711c492abceea0ded68d6bff
Ubuntu Security Notice USN-3531-2
Posted Jan 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3531-2 - USN-3531-1 updated Intel microcode to the 20180108 release. Regressions were discovered in the microcode updates which could cause system instability on certain hardware platforms. At the request of Intel, we have reverted to the previous packaged microcode version, the 20170707 release. It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides the microcode updates required for the corresponding Linux kernel updates. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-5715
MD5 | 0835473431422f7929814224db8f57ff
Red Hat Security Advisory 2018-0108-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0108-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
MD5 | 7e67c203cf6902f99b670fcdc6aab157
Red Hat Security Advisory 2018-0104-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0104-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory, kernel
systems | linux, redhat
MD5 | 44d80b85853eaaf52a7278d956489fc0
Red Hat Security Advisory 2018-0109-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0109-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
MD5 | d3480406bf0e1471c52f660c73d3a882
Red Hat Security Advisory 2018-0110-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0110-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
MD5 | af9365013b457b0f33c9009531594af1
Red Hat Security Advisory 2018-0111-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0111-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
MD5 | c4005d7c6a0c8c98f564d9caf34160a9
Red Hat Security Advisory 2018-0112-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0112-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
MD5 | a797edb525ac72fadb3363f42c2172ec
Red Hat Security Advisory 2018-0103-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0103-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory, kernel
systems | linux, redhat
MD5 | 495f82e396a6c8eb7173cb9829185682
Red Hat Security Advisory 2018-0105-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0105-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory, kernel
systems | linux, redhat
MD5 | 743b5c0ecbadd413ac79dad208f6f9d8
Red Hat Security Advisory 2018-0107-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0107-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory, kernel
systems | linux, redhat
MD5 | 03e1e46e536d66d4e34b07faa5a53410
Red Hat Security Advisory 2018-0106-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0106-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory, kernel
systems | linux, redhat
MD5 | c0e658af210d7d0a57921331db00dadf
Red Hat Security Advisory 2018-0102-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0102-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2017-3145
MD5 | 5e9d846eb04f6c251f16a5be25df86e4
Red Hat Security Advisory 2018-0101-01
Posted Jan 22, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0101-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2017-3145
MD5 | 47430589af2d78dedbf18705f7cbdfb8
Debian Security Advisory 4093-1
Posted Jan 22, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4093-1 - Josef Gajdusek discovered that OpenOCD, a JTAG debugger for ARM and MIPS, was vulnerable to Cross Protocol Scripting attacks. An attacker could craft a HTML page that, when visited by a victim running OpenOCD, could execute arbitrary commands on the victims host.

tags | advisory, arbitrary, protocol
systems | linux, debian
advisories | CVE-2018-5704
MD5 | 7ffcdc0b58babc7c2de9c03993a909d4
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

May 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    17 Files
  • 3
    May 3rd
    30 Files
  • 4
    May 4th
    29 Files
  • 5
    May 5th
    2 Files
  • 6
    May 6th
    3 Files
  • 7
    May 7th
    13 Files
  • 8
    May 8th
    27 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    15 Files
  • 11
    May 11th
    8 Files
  • 12
    May 12th
    2 Files
  • 13
    May 13th
    8 Files
  • 14
    May 14th
    7 Files
  • 15
    May 15th
    43 Files
  • 16
    May 16th
    19 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    3 Files
  • 20
    May 20th
    7 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    31 Files
  • 23
    May 23rd
    55 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close