Aggregator

ISC Stormcast For Wednesday, September 18th, 2024 https://isc.sans.edu/podcastdetail/9142

Als Russische drones in het luchtruim vliegen van bijvoorbeeld de Baltische staten, moet de NAVO die waar nodig kunnen neerhalen. Dat zei minister Ruben Brekelmans tijdens zijn bezoek aan de enhanced Forward Presence in Litouwen. Een overzicht van Defensieoperaties in de week van 11 tot en met 17 september 2024.

A vulnerability was found in tcpdump up to 4.8.x. It has been classified as critical. This affects the function frf15_print of the file print-fr.c of the component FRF.15 Parser. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2016-8574. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

抖音电商，想要治耐消品的「水土不服」。

Чтобы обмануть чат-бота, нужно мыслить, как чат-бот.

A vulnerability was found in Linux Kernel up to 6.10.9. It has been declared as problematic. This vulnerability affects the function MAX_RW_COUNT. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-46748. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.9. It has been declared as problematic. This vulnerability affects the function MAX_RW_COUNT. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-46748. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.9 and classified as problematic. Affected by this issue is the function cougar_report_fixup. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2024-46747. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.9. It has been classified as critical. This affects the function netem_dequeue. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2024-46800. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.6.50/6.10.9 and classified as critical. Affected by this vulnerability is the function btnxpuart_flush of the component Bluetooth. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-46749. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.9 and classified as problematic. Affected by this issue is the function cougar_report_fixup. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2024-46747. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.10.9. Affected is the function sys_rtas of the component Speculative Execution. The manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2024-46774. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.10.9. This issue affects the function of_irq_parse_raw. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2024-46743. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.10.9. This vulnerability affects the function pci_bus_lock of the file drivers/pci/pci.c. The manipulation leads to deadlock. This vulnerability was named CVE-2024-46750. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.10.9. This affects the function bpf_test_run. The manipulation leads to state issue. This vulnerability is uniquely identified as CVE-2024-46754. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.9. It has been rated as critical. Affected by this issue is the function get_stashed_dentry of the component libfs. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-46801. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.9. It has been declared as critical. Affected by this vulnerability is the function snd_pcm_suspend_all. The manipulation leads to use after free. This vulnerability is known as CVE-2024-46798. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.