REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It will be held June 28th through the 30th, 2024, in Montreal, Canada.
682dca50c2c0835b200447e03653ce581b484302a66fa646092da85d05f86274Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. This is the LTS source code release.
0a86a6496320d91576037b33101119af6fd8d5b91060cd316a3a9c229e9604aaSuricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
ea0742d7a98783f1af4a57661af6068bc2d850ac3eca04b3204d28ce165e35ffKiTTY versions 0.76.1.13 and below suffer from buffer overflows related to ANSI escape sequences. Two exploits are included as proof of concepts as well as a full documented breakdown of the issues.
1f71c297de8e15269afccee5fe50775bb9e2e1ea8407831ab9883313d3078f04KiTTY versions 0.76.1.13 and below suffer from a command injection vulnerability when getting a remote file through scp. It appears to leverage an ANSI escape sequence issue which is quite an interesting vector of attack.
9f28adde33c5791a14e7705f8844a344ce30e9443338e16ab264e1393fd4e9a8Ubuntu Security Notice 6626-1 - Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service.
abb47a750300846b247f677ef4f175df1919ba753b831f8a512ec32984686bf4It was discovered that the SMB network file sharing protocol implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. Various other issues were discovered and addressed.
55bac94f220995e2504245406daa6739d0a8e896be555aa348a44bc0e7cc793aUbuntu Security Notice 6625-1 - Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service. Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service.
f216969201e4323ce6545b98d9b1f08db39bd8c3f06097ee0d2bd0d95e8ad152Debian Linux Security Advisory 5617-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
fc899430ebda7fcd3a6599b53dfe6281119ed904cdfca2a5fa83b6eeff455142Ubuntu Security Notice 6624-1 - Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service. Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service.
49de6bcbab59db57c8569fdb52fe4ace1e46659088c4f8553a5f53c1edba44e5Red Hat Security Advisory 2024-0733-03 - An update is now available for Red Hat Ansible Automation Platform 2.4. Issues addressed include an information leakage vulnerability.
4301b07bb66daa9946bd86b703da53703cd2aa1f73cce22018efee7abd5e089cRed Hat Security Advisory 2024-0729-03 - Red Hat Advanced Cluster Management for Kubernetes 2.7.11 General Availability release images, which provide security updates and fix bugs. Issues addressed include denial of service and traversal vulnerabilities.
a12e8426e9ba24b2cb539083e7ca8e043847a70e6e183c45b4ffd23a6af8e758Red Hat Security Advisory 2024-0725-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include null pointer, out of bounds access, out of bounds read, and use-after-free vulnerabilities.
cb1f979f02a027b72d48a5af112972191c6111af2e53d98447b255e55813dd05Red Hat Security Advisory 2024-0724-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include buffer overflow, bypass, denial of service, double free, memory leak, null pointer, privilege escalation, and use-after-free vulnerabilities.
5c463638a8edc5623216376f8dce92be65e11ef8ea1db023d0e820071520da83Red Hat Security Advisory 2024-0723-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include null pointer, out of bounds access, out of bounds read, and use-after-free vulnerabilities.
63cdd7557b1dd7d58b09484123a8d4d884f013eaef148a252418667378704061Red Hat Security Advisory 2024-0720-03 - Migration Toolkit for Runtimes 1.2.4 release. Issues addressed include an XML injection vulnerability.
d0e7a5b290d889905d5dead2b481b4e1c243b771751e073a30e40bb67ee32007Red Hat Security Advisory 2024-0719-03 - Migration Toolkit for Runtimes 1.2.4 release. Issues addressed include a denial of service vulnerability.
f6f01a149420349f1ff0690c46076ed5472c59413b8d494bd6480a399382479cRed Hat Security Advisory 2024-0717-03 - An update for runc is now available for Red Hat Enterprise Linux 7 Extras.
0428a975f49aacfc5e0ca8ba2dbacb6e0dc866697fa82edeb06a12f840ab7b5fRed Hat Security Advisory 2024-0716-03 - An update for gimp is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include buffer overflow and integer overflow vulnerabilities.
d2420792003b76c49d2b5d5ec554aa31b53fbeed0b82f46675e58d8038688491Red Hat Security Advisory 2024-0695-03 - Logging 5.6.16 - Red Hat OpenShift. Issues addressed include a denial of service vulnerability.
74f07508787f84105ad147f9d99eed265a1ae46522876bea704642f9c900dce0Red Hat Security Advisory 2024-0694-03 - Logging Subsystem 5.7.11 - Red Hat OpenShift. Issues addressed include a denial of service vulnerability.
bc780341516006dfe22629ea1841ef212f6080baffde270be2824e8b3b52ab6eRed Hat Security Advisory 2024-0660-03 - Red Hat OpenShift Container Platform release 4.13.32 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
d1deb804d0bf3831445ba66f8c6e6712dacebbb5bbdee193372f7a42944ed6fbRed Hat Security Advisory 2024-0642-03 - An update is now available for Red Hat OpenShift Container Platform 4.14. Issues addressed include denial of service and traversal vulnerabilities.
067c672d45f32da5faea03fc51d1c52b2b5db641ef22c66e5fb097dc8344f747Red Hat Security Advisory 2024-0641-03 - An update is now available for Red Hat OpenShift Container Platform 4.14. Issues addressed include denial of service and traversal vulnerabilities.
f65a82d6bfb3405225bcd60e381302fb4fed3d4e5a893e7aace0b5d7b521ee98The MediaTek WLAN driver has VFS read handlers that do not check buffer size leading to userland memory corruption.
e02f5b1f1d435ca3340b9ddef6433031cb241ad315800f041e8e425d3ac596dd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed