Aggregator

三重情报，

各种问题已经持续一周时间了

A vulnerability classified as problematic was found in wasm3 139076a. This vulnerability affects unknown code. The manipulation leads to denial of service. This vulnerability was named CVE-2024-27527. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability classified as problematic was found in Linux Kernel up to 6.11.6. Affected by this vulnerability is the function il_isr of the file net/mac80211/util.c of the component iwlegacy. The manipulation leads to excessive iteration. This vulnerability is known as CVE-2024-50234. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.1.115/6.6.59/6.11.6. Affected by this issue is some unknown functionality of the component cfg80211. The manipulation leads to double free. This vulnerability is handled as CVE-2024-50235. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Artifex Ghostscript up to 10.03.x. This affects an unknown part of the file base/gsdevice.c of the component Filename Parser. The manipulation leads to integer overflow. This vulnerability is uniquely identified as CVE-2024-46953. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in SourceCodester Simple Music Cloud Community System 1.0. This vulnerability affects unknown code of the file /music/ajax.php?action=signup. The manipulation of the argument pp leads to unrestricted upload. This vulnerability was named CVE-2024-11054. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in Linux Kernel up to 5.10.201/5.15.139/6.1.63/6.5.12/6.6.2. Affected by this vulnerability is the function ath11k_mac_get_ar_by_pdev_id of the component ath11k. The manipulation leads to use after free. This vulnerability is known as CVE-2023-52798. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Потомки викингов готовятся покорять Луну?

AMD 计划在其全球员工中裁员约 4%，即在其员工总数约 26000 人中裁员约 1000 人。AMD 表示，裁员并不意味着公司陷入财务困境，而是将资源重新集中到利润率更高的产品上，此举旨在加速其人工智能和数据中心战略，而不是更广泛的改革。AMD 发言人表示，“作为整合我们资源与最大成长机会的一部分，我们正在采取一系列有针对性的措施，不幸的是，这些措施将导致我们在全球裁员约4%。”AMD 没有披露具体要裁减哪些团队。

Федеральная служба создаст рейтинг уязвимых объектов.

A vulnerability was found in Linux Kernel up to 6.0.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component khugepaged. The manipulation leads to use after free. This vulnerability is known as CVE-2022-48991. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.15.82/6.0.12. Affected by this vulnerability is the function sja1105_init_l2_policing. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2022-48980. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in MySQL up to 5.1.25. This affects an unknown part. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2010-3683. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

据The Hack News消息，与哈马斯存在关联的网络攻击者近期正专门针对以色列实体实施破坏性攻击。 Check Point 在一份分析中表示，该活动与一个名为 WIRTE 的组织有关，该组织最近至少进行了两波针对以色列的破坏性攻击。 WIRTE 是中东高级持续威胁 （APT） 的绰号，首先由西班牙网络安全公司 S2 Grupo 发现。该组织至少自 2018 年 8 月以来就一直活跃，主要针对该地区的广泛实体发动攻击，活动范围包括巴勒斯坦、约旦、伊拉克、沙特阿拉伯和埃及。 Check Point表示，该组织的活动在整个加沙战争期间一直存在，一方面，它的持续活动加强了与哈马斯的联系，另一方面又使这项活动的地理归属变得特别复杂。 WIRTE 在 2024 年的活动被发现利用中东的地缘政治紧张局势和战乱来制作恶意RAR文档，从而部署 Havoc 后期开发框架。 在 2024 年 9 月之前观察到的替代链利用类似的 RAR 文档部署 IronWind 下载器。这两种感染序列利用向受害者传播带有欺骗性的 PDF 文档，使用合法的可执行文件来侧载带有恶意软件的 DLL。 在 2024 年 10 月观察到针对医院和市政当局等多个以色列组织的网络钓鱼活动中，钓鱼电子邮件甚至显示从网络安全公司 ESET 在以色列的合作商发出，其中包含新创建的SameCoin Wiper 版本，该版本也曾在今年早些时候针对以色列的攻击中部署。 除了用随机字节覆盖文件外，最新版本的 SameCoin 擦除器还会修改受害者系统的背景，以显示带有哈马斯军事分支 Al-Qassam Brigades 名称的图像。SameCoin 是一种以安全更新为幌子分发的定制擦除器，于 2024 年 2 月被发现，被哈马斯附属的攻击者用来破坏 Windows 和 Android 设备。 据 HarfangLab 称，Windows 加载程序样本（“INCD-SecurityUpdate-FEB24.exe”）的时间戳被更改为 2023 年 10 月 7 日，即哈马斯对以色列发动突然攻势的日期。而初始访问媒介据信是一封冒充以色列国家网络局 （INCD） 的电子邮件。 “尽管中东冲突持续，但该组织坚持开展多项活动，展示了一个多功能工具包，其中包括用于间谍和破坏活动的擦除器、后门和网络钓鱼页面，”Check Point 在报告中总结道。       转自Freebuf，原文链接：https://www.freebuf.com/news/415238.html 封面来源于网络，如有侵权请联系删除

Red Hat announced Red Hat Enterprise Linux 9.5. Red Hat Enterprise Linux helps organizations deploy applications and workloads more quickly and with greater reliability, enabling them to lower costs and more effectively manage workloads across hybrid cloud deployments while mitigating IT risks, from the datacenter to public clouds to the edge. According to IDC, “Organizations continue to find themselves at odds with striking the balance between maintaining their Linux operating system environments and the workloads … More →

The post Red Hat Enterprise Linux 9.5 helps organizations simplify operations appeared first on Help Net Security.