Red Hat Security Advisory 2024-1328-03 - Red Hat Advanced Cluster Management for Kubernetes 2.9.3 General Availability release images, which fix bugs and update container images. Issues addressed include denial of service and traversal vulnerabilities.
f6f85471c9a907c483cc77c26bf19a3950c25f78d7dd2e8e2bad198d0735c06b
Debian Linux Security Advisory 5640-1 - Two vulnerabilities were discovered in Open vSwitch, a software-based Ethernet virtual switch, which could result in a bypass of OpenFlow rules or denial of service.
ee33fda52165e0797d00ba28edf1c0746142b6af8db3080011d86af844a64baa
Membership Management System version 1.0 suffers from remote shell upload and remote SQL injection vulnerabilities.
bafbc2c7895ab97a3d57de482862b676a744678a894f6abb9103ae63f21b01a1
Ubuntu Security Notice 6587-5 - USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the RRChangeOutputProperty and RRChangeProviderProperty APIs. An attacker could possibly use this issue to cause the X Server to crash, or obtain sensitive information.
9f02a5fba82a37e9433c20a481152b829c57eaf4483d36e161436fe7547bf8f0
Apple Security Advisory 03-12-2024-1 - GarageBand 10.4.11 addresses code execution and use-after-free vulnerabilities.
cf1feda0632734f3eac97a03cb231aca57c5c2445e35cdacbbac27e26d43b080
Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.
bb37d3d885c05665df5e0348f90e65516bd9024d109db00efe75183960a1ab40
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
75dbd070cadb95c190fb2c3e720880078476efddd8b02e812bc1c594dfa6e86f
Apple Security Advisory 03-07-2024-5 - watchOS 10.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
6df43170bd5fc352fd321acd5fe231d753158fd667fcbe6941a1ccefd16eb11a
Apple Security Advisory 03-07-2024-4 - macOS Monterey 12.7.4 addresses buffer overflow, bypass, code execution, and out of bounds write vulnerabilities.
6d34d98987ed9e7f5bc383bd22eb781faef984e2518dc2398e1701abcb1cdd3b
Red Hat Security Advisory 2024-1323-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Issues addressed include out of bounds write and use-after-free vulnerabilities.
9a06e0eca6d55f4737c53093f73634c651394734ef1e9e0d5c554986987a9199
Red Hat Security Advisory 2024-1306-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include memory exhaustion, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
918586fe8c14e3f2f628a7b762630d87f80c4a3f3463279d073ae350dd8596f4
Apple Security Advisory 03-07-2024-3 - macOS Ventura 13.6.5 addresses buffer overflow, bypass, code execution, and out of bounds write vulnerabilities.
a73a9b93cfdd3db0327dd1d8307d169f4dba16169f4b090abd5020a3d9a70efe
Apple Security Advisory 03-07-2024-2 - macOS Sonoma 14.4 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, and spoofing vulnerabilities.
29c509ba93a9dc40af758aca80410a21c8239c2a3c115bac3d2acd0e1e6deea5
Apple Security Advisory 03-07-2024-1 - Safari 17.4 addresses denial of service, data exfiltration, and missing authentication vulnerabilities.
5bc0c85ddeab13d91cebaf39fefae7e5434a1407a66d5df1287ec20e5148e936
Apple Security Advisory 03-05-2024-1 - iOS 17.4 and iPadOS 17.4 addresses bypass vulnerabilities.
cbc9275ed4bed87b1bfd7c0e5e76fb3237d40785b4580fdd1ac1b0c19e68baf4
Race conditions arise when multiple threads attempt to access a shared resource without proper synchronization, often leading to vulnerabilities such as concurrent use-after-free. To mitigate their occurrence, operating systems rely on synchronization primitives such as mutexes, spinlocks, etc. In this paper, the authors present GhostRace, the first security analysis of these primitives on speculatively executed code paths. Their key finding is that all the common synchronization primitives can be microarchitecturally bypassed on speculative paths, turning all architecturally race-free critical regions into Speculative Race Conditions (SRCs).
e0d3a753ac273a430c317cd67e808c20b6cdd914b31b24e71450d5fb4ad420af
In this whitepaper, the authors introduce the first model-stealing attack that extracts precise, nontrivial information from black-box production language models like OpenAI's ChatGPT or Google's PaLM-2. Specifically, their attack recovers the embedding projection layer (up to symmetries) of a transformer model, given typical API access. For under $20 USD, their attack extracts the entire projection matrix of OpenAI's ada and babbage language models. They thereby confirm, for the first time, that these black-box models have a hidden dimension of 1024 and 2048, respectively. They also recover the exact hidden dimension size of the gpt-3.5-turbo model, and estimate it would cost under $2,000 in queries to recover the entire projection matrix. They conclude with potential defenses and mitigations, and discuss the implications of possible future work that could extend this attack.
35bb26fb1fe58d91b595fbecc219b129076e6cc3ae746288dc27c6fa0d128e6a
Red Hat Security Advisory 2024-1278-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include out of bounds write and use-after-free vulnerabilities.
6b2284d02c2f3fc32bd487fd3f167763e2d294ff66de903a129316872db1929b
Ubuntu Security Notice 6656-2 - USN-6656-1 fixed several vulnerabilities in PostgreSQL. This update provides the corresponding updates for Ubuntu 16.04 LTS It was discovered that PostgreSQL incorrectly handled dropping privileges when handling REFRESH MATERIALIZED VIEW CONCURRENTLY commands. If a user or automatic system were tricked into running a specially crafted command, a remote attacker could possibly use this issue to execute arbitrary SQL functions.
f45b11c7e2648a6365c7c0c4a04b1f4fe6c6106dd3b6d76e794be3a2d298a00a
Red Hat Security Advisory 2024-1269-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.
0dca2b95d83f2e06fcd70d43d60fe031ceb4425e7cba49254273efdce77b6b5f
Red Hat Security Advisory 2024-1268-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.
a345f643b8091f2ef476dc55be42211ec4686a71622f968e79555da9a6b7b6f0
Red Hat Security Advisory 2024-1253-03 - An update for kpatch-patch-5_14_0-70_64_1, kpatch-patch-5_14_0-70_70_1, kpatch-patch-5_14_0-70_75_1, kpatch-patch-5_14_0-70_80_1, and kpatch-patch-5_14_0-70_85_1 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include privilege escalation and use-after-free vulnerabilities.
617ece46c41b05791b1be764d0835032147659b14ce52b66d5869faff9182db3
Red Hat Security Advisory 2024-1250-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include memory exhaustion, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
1a8fb1156681ea9fffde120cc80c4918fc32db13b323665272dc5e45827f8bb9
Red Hat Security Advisory 2024-1248-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include null pointer, out of bounds access, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
e8cee96a94ad07c9429b0bfe0fc3b41b26d6aecb31ef509f3a03f7021e1d0f40
Debian Linux Security Advisory 5637-1 - Several security vulnerabilities have been discovered in Squid, a full featured web proxy cache. Due to programming errors in Squid's HTTP request parsing, remote attackers may be able to execute a denial of service attack by sending large X-Forwarded-For header or trigger a stack buffer overflow while performing HTTP Digest authentication. Other issues facilitate request smuggling past a firewall or a denial of service against Squid's Helper process management.
a79ef3e7a5505aef83c8e1d9026a34f64acecaa9ccd3e41b225ac5500d8a96e7