Aggregator

Этот маршрутизатор переживёт любые атаки и эксперименты.

为防御方提供了宝贵情报

Red Hat announced Red Hat OpenShift 4.18, the latest version of the hybrid cloud application platform powered by Kubernetes. Red Hat OpenShift 4.18 introduces new features and capabilities designed to streamline operations and security across IT environments and deliver greater consistency to all applications, from cloud-native and AI-enabled to virtualized and traditional. According to the Gartner press release Top Trends Impacting Infrastructure and Operations for 2025, revirtualization/devirtualization is one of the top I&O trends for … More →

The post Red Hat OpenShift 4.18 enhances security across IT environments appeared first on Help Net Security.

Experts Say First Class Action Claim Under State's Privacy Law Won't Be the Last
A proposed class action lawsuit alleges that Amazon is unlawfully collecting and tracking mobile users' data - including sensitive geolocation - in violation of Washington's My Health My Data Act. It's the first such lawsuit filed since the data privacy law went into effect last year.

Experts Say First Class Action Claim Under State's Privacy Law Won't Be the Last
A proposed class action lawsuit alleges that Amazon is unlawfully collecting and tracking mobile users' data - including sensitive geolocation - in violation of Washington's My Health My Data Act. It's the first such lawsuit filed since the data privacy law went into effect last year.

The Cybersecurity Maturity Model Certification (CMMC) process is just around the corner and is expected by most to go into effect early next year. This is why defense tech companies need to act today to start their compliance journey.

The post It’s Time for Defense Tech Companies to Get Ahead of CMMC Before They Get Left Behind    appeared first on Security Boulevard.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.18.2. This affects the function devm_reset_control_get_exclusive of the component qcom-qmp. The manipulation leads to Privilege Escalation. This vulnerability is uniquely identified as CVE-2022-49396. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.18.3. Affected by this vulnerability is the function stub_probe. The manipulation leads to path traversal. This vulnerability is known as CVE-2022-49389. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.17.14/5.18.3. It has been declared as problematic. This vulnerability affects unknown code of the component watchdog: rzg2l_wdt. The manipulation of the argument timer_cycle_us leads to Privilege Escalation. This vulnerability was named CVE-2022-49387. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.121/5.15.46/5.17.14/5.18.3. It has been classified as problematic. This affects the function of_get_child_by_name/am65_cpsw_init_cpts/am65_cpsw_nuss_probe. The manipulation leads to improper update of reference count. This vulnerability is uniquely identified as CVE-2022-49386. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.15.45/5.17.13/5.18.2 and classified as problematic. Affected by this vulnerability is the function io_acct_set. The manipulation leads to double free. This vulnerability is known as CVE-2022-49384. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.17.14/5.18.3. Affected is the function clk_prepare_enable of the component watchdog: rzg2l_wdt. The manipulation leads to denial of service. This vulnerability is traded as CVE-2022-49383. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.18.3. This issue affects the function of_node_put of the component rockchip_grf_init. The manipulation leads to improper update of reference count. The identification of this vulnerability is CVE-2022-49382. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 5.10.121/5.15.46/5.17.14/5.18.3. This vulnerability affects unknown code of the component sfc. The manipulation of the argument efx_separate_tx_channels=1 leads to improper initialization. This vulnerability was named CVE-2022-49378. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.15.46/5.17.14/5.18.3. This affects the function blk_mq_run_hw_queues of the component blk_mq_get_sq_hctx. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2022-49377. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.121/5.15.46/5.17.14/5.18.3. It has been rated as problematic. Affected by this issue is the function sd_probe. The manipulation of the argument sdkp->device leads to null pointer dereference. This vulnerability is handled as CVE-2022-49376. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.