Open Source Security mailing list
@oss_security
Followers
4,045
Following
11
Media
0
Statuses
22,597
@Openwall oss-security mailing list thread summaries, currently maintained by @solardiz . Originally setup and maintained as an automated feed by @eugeneteo .
Joined August 2009
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
HAPPY TRACKLIST
• 246368 Tweets
hobi
• 236273 Tweets
Rosé
• 234895 Tweets
Trudeau
• 215835 Tweets
Tuchel
• 168074 Tweets
Mutuse
• 129550 Tweets
Jimmy Carter
• 115025 Tweets
Polymarket
• 68049 Tweets
Taka
• 63081 Tweets
WELCOME BACK J-HOPE
• 60122 Tweets
JUNG HOSEOK IS BACK
• 55150 Tweets
Tyler
• 54844 Tweets
#السوبر_لمصالحه_الجمهور
• 54841 Tweets
STRAY KIDS COME TO PLAY
• 48161 Tweets
Genaro García Luna
• 47110 Tweets
Elisha Ongoya
• 43798 Tweets
Pina
• 27575 Tweets
Vargas
• 25955 Tweets
Toru
• 24988 Tweets
Cynthia
• 24478 Tweets
Lina
• 24319 Tweets
Hannah
• 21239 Tweets
Marra
• 16071 Tweets
Pablo Biró
• 14791 Tweets
HastalarınYeri CezaeviDeğildir
• 13617 Tweets
Kemal Kılıçdaroğlu
• 12549 Tweets
ソロデビュー
• 11370 Tweets
Gary Barlow
• 11035 Tweets
Backdoor in upstream xz/liblzma leading to ssh server compromise
7
303
498
Re: double-free vulnerability in OpenSSH server 9.1 (CVE-2023-25136): Posted by Qualys Security Advisory on Feb 13Hi all,
Quick update: we were able to gain arbitrary control of the "rip"
register through this bug (i.e., we can jump wherever we want…
2
66
256
CVE-2024-31497: PuTTY: Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces
Affected Products
- PuTTY 0.68 - 0.80
- FileZilla 3.24.1 - 3.66.5
- WinSCP 5.9.5 - 6.3.2
- TortoiseGit 2.4.0.2 - 2.15.0
- TortoiseSVN 1.10.0 - 1.14.6
1
50
124
CVE-2018-6954: systemd-tmpfiles root privilege escalation by following non-terminal symlinks: Posted by Michael Orlitzky on Dec 21Product: systemd (tmpfiles) Versions-affected: 239 and earlier Author: Michael Orlitzky Fixed-in: v240 Bug-report:…
2
56
93
zlib memory corruption on deflate (i.e. compress): Posted by Tavis Ormandy on Mar 23Greetings list, I was recently trying to track down a reproducible crash
in a compressor. Believe it or not, it really was a bug in
zlib-1.2.11 when compressing (not…
1
17
92
CVE-2022-1972: out-of-bound write in Linux netfilter subsystem leads to local privilege escalation: Posted by 张子明(明程) on Jun 02Hello,
An out-of-bound write vulnerability was identified within the
netfilter subsystem
which can be exploited to…
0
22
77
OpenVPN CVE-2017-12166: remote buffer overflow: Posted by Guido Vranken on Sep 28This concerns a remote buffer…
0
67
60
Re: Linux Kernel eBPF Improper Input Validation Vulnerability: Posted by tr3e wang on Jun 07Hi,
The exploit code can be found at
Alexander, thanks for the update and for helping me post the exploit
code, I suffered from…
0
23
53
CVE-2024-0582: Linux kernel use-after-free vulnerability in io_uring, writeup and exploit strategy
Just published a post on exploiting CVE-2024-0582, a vulnerability in the Linux kernel that remained unpatched in Ubuntu for over two months. Hope you enjoy it!
1
96
243
0
16
48
Linux Kernel: Race Condition in snd_pcm_hw_free leading to use-after-free: Posted by Hu Jiahui on Mar 28This is the original report about CVE-2022-1048.
Patch: () suse de/
#t
---------- Forwarded message ---------
发件人:…
0
9
45
CVE-2022-1462: Linux kernel: A race condition vulnerability in drivers/tty/tty_buffers.c: Posted by 一只狗 on May 27this vulnerability comes from commit(
)
this commit suggest do tty_flip_buffer_push without port->lock in…
0
20
44
Re: Our learnings from 42 Linux kernel exploits, we are limiting io_uring: Posted by Marcus Meissner on Jul 25Hi,
has been updated with exploit information.
I tried to backtrack through kernel git to find the exact commit…
0
9
44
Linux Kernel use-after-free write in netfilter: Posted by EDG EDG on May 31Hello,
A use-after-free write vulnerability was identified within the
netfilter subsystem
which can be exploited to achieve privilege escalation to root.
In order to…
0
19
46
Re: Linux kernel: Netfilter heap buffer overflow in nft_set_elem_init: Posted by Marcus Meissner on Jul 04Hi,
Mitre has assigned CVE-2022-34918 to this issue.
Ciao, Marcus
0
17
44
Mayhem: Targeted Corruption of Register and Stack Variables by
@canertol
et al. A novel application of Rowhammer.
A mitigation is suggested. Susceptible are at least OpenSSH, OpenSSL, MySQL, sudo (CVE-2023-42465, patched in 1.9.15).
0
18
43
CVE-2023-20593: A use-after-free in AMD Zen2 Processors: Posted by Tavis Ormandy on Jul 24Hello, this is CVE-2023-20593, a use-after-free in AMD Zen2 processors.
Yes, you read that right :)
This includes at least the following products:
- AMD…
2
15
38
Our learnings from 42 Linux kernel exploits, we are limiting io_uring: Posted by Tamás Koczka on Jun 17Hello everyone,
We've posted the following article to the Google Security Blog which
contains some of our learnings from 42 Linux kernel exploits…
0
9
38
Re: Denial of service in GnuPG: Posted by Demi Marie Obenour on Jul 04It has come to my attention that my original post caused at least two
mail clients to hang. Sorry about that; I did not expect any mail
client to eagerly parse the attachments. This…
1
10
39
Update on the distro-backdoor-scanner effort
Unpacked and scanned:
~11k EndeavourOS/Arch packages
~40k Debian packages
~19k Gentoo packages
~9k Rocky/RPM packages
So far no other backdoors like xz's found. Plans for more checks and scans. Help wanted.
Search for other potential compromises by the xz backdoor actors
PGP keys and
All packages in Gentoo, Debian, Rocky Linux
Detecting code injections in packages through debug infos
0
2
8
0
17
33
New reverse-engineering results shared by
@FiloSottile
: the hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system()
1
12
32
Linux kernel: net: mctp: A Use-After-Free bug in mctp_sk_unhash in net/mctp/af_mctp.c: Posted by butt3rflyh4ck on Oct 22Hi, there is a Use-After-Free bug in mctp_sk_unhash in
net/mctp/af_mctp.c in the last Linux kernel upstream. An unprivileged
the…
2
2
28
[CVE-2023-32233] Linux kernel use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary reads and writes in kernel memory: Posted by Piotr Krysiuk on May 08An issue has been discovered in the Linux kernel…
0
7
27
[CVE-2023-42753] Array Indexing error in Linux kernel: Posted by Kyle Zeng on Sep 22Hi there,
I recently found an array indexing vulnerability in the netfilter
ipset subsystem in Linux, which I believe is exploitable in some
systems because of its…
0
5
26
Code Execution through a variety Java (Un-)Marshallers: Posted by Moritz Bechler on May 22Hi, (As per list policy I…
0
17
27
CVE-2020-15859 QEMU: net: e1000e: use-after-free while sending packets: Posted by P J P on Jul 21 Hello, A use-after-free issue was found in the INTEL 82574 NIC (e1000e) emulator of the QEMU. It could occur while sending packets if the guest user set the…
0
8
25
Out-of-bounds read & write in the glibc's qsort(),
@Qualys
Security Advisory.
For the algorithm lovers: Nontransitive comparison functions lead to out-of-bounds read & write in glibc's qsort().
1
14
24
Re: [CVE-2023-32233] Linux kernel use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary reads and writes in kernel memory: Posted by Piotr Krysiuk on May 15Per the announcement above, we are publishing…
0
5
24
Re: CVE-2019-18960: Firecracker v0.18.0 and v0.19.0 vsock buffer overflow: Posted by Solar Designer on Sep 11Hi,
FWIW, Valentina Palmiotti
@chompie1337
and her colleagues at Grapl have
recently looked into exploiting the below vulnerability, and…
2
5
23
Linux kernel: UAF, null-ptr-deref and double-free vulnerabilities in nfcmrvl module: Posted by duoming on Jun 05Hello there,
There are double-free, use-after-free(write,read), null-ptr-deref vulnerabilities
in drivers/nfc/nfcmrvl of linux that allow…
0
4
22
Privilege escalation with kill(-1, SIGKILL) in XNU kernel of macOS High Sierra: Posted by Shea Levy on Oct 11Hello…
1
9
20
Re: zgrep, xzgrep: arbitrary-file-write vulnerability: Posted by Levente Polyak on Apr 08CVE-2022-1271 has been assigned to this issue.
Cheers,
Levente
0
7
19
Follow-up on Exploiting "BadIRET" vulnerability (CVE-2014-9322): Hi,
The journey into CVE-2014-9322 is not st...
http://t.co/TeCHsYB9RF
0
12
21
Linux kernel: memory corruptions in IPv4/IPv6 TCP/SCTP/DCCP sockets: Posted by Andrey Konovalov on May 30A few CVEs…
1
20
20
"On PHP [this glibc bug led] to amazing results: a new exploitation technique that affects the whole PHP ecosystem, and the compromission of several applications."
2
6
19
CVE-2023-0122: Linux kernel: Pre-Auth Remote DoS in NVMe: Posted by Tal Lossos on Jan 12Hi all,
# Description
A NULL Pointer Dereference bug in nvmet_setup_auth
(drivers/nvme/target/auth.c) can be triggered remotely to cause a DoS.
Since the bug…
0
1
18
Telegram uses SOCKS5 to share user/creds: Posted by Dhiraj Mishra on Sep 27Telegram is supposedly is a secure messaging application but it uses SOCKS5 to transmit user credential's, neither traffic nor credentials are encrypted in the SOCKS5 protocol,…
0
13
19
CVE-2017-7541: Linux kernel: Memory corruption due to a buffer overflow in brcmf_cfg80211_mgmt_tx(): Posted by…
0
14
17
CVE-2019-14821 Kernel: KVM: OOB memory access via mmio ring buffer: Posted by P J P on Sep 20 Hello, An out-of-bounds access issue was found in the way Linux kernel's KVM hypervisor implements Coalesced MMIO write operation. It operates on a MMIO ring…
0
8
19
CVE-2022-2602 - Linux kernel io_uring UAF: Posted by Thadeu Lima de Souza Cascardo on Oct 18A local privilege escalation vulnerabilty involving Unix socket Garbage
Collection and io_uring was reported and fixed as:
…
0
3
18
Re: Linux kernel: Exploitable vulnerabilities in AF_VSOCK implementation: Posted by Alexander Popov on Apr 09Hello! I published a detailed article about exploiting CVE-2021-26708 in AF_VSOCK implementation: In this article I…
0
10
18
Re: Linux kernel: use-after-free in io_sqpoll_wait_sq: Posted by Xingyuan Mo on Dec 27CVE-2022-47946 has been assigned to this issue.
Regards,
Xingyuan Mo
0
5
18
[CVE-2023-42756] Linux kernel race condition in netfilter: Posted by Kyle Zeng on Sep 27Hi there,
I recently found a race condition bug in the Linux kernel between
IPSET_CMD_ADD and IPSET_CMD_SWAP in netfilter/ip_set, which can
lead to the…
0
7
17
CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog(),
@Qualys
Security Advisory.
1
16
17
Another suspicious commit in xz, a dot disabling Landlock sandboxing
Likely preparation to backdoor the Linux kernel
Statement by original upstream author
Change in libarchive reverted
1
8
16
After 15+ years of being a 100% volunteer effort,
@Openwall
's maintenance of oss-security and (linux-)distros is finally sponsored by
@OpenSSF
, a project of
@LinuxFoundation
. As part of the sponsored effort, we now have distros list statistics for 2023.
0
10
17
glibc: Stack-based buffer overflow in nscd (0-day, no CVE yet)
Initial upstream patches for this major issue and for related minor bugs still under review. The glibc security team will send a separate notification once official patches are ready.
1
4
17
CVE-2024-26925: Linux: nf_tables: locking issue in the nf_tables_abort() function
Yay! Just found out that Linux finally assigned CVE-2024-26925 to my first kernelCTF submission!
2
17
84
1
3
17
Elaborate analysis of the bash obfuscation part of the xz backdoor by
@gynvael
Some notes from analyzing the bash part obfuscation of the xz/liblzma part – link leads to the part I found most interesting – it was added in 5.6.1:
3
115
343
1
2
15
CVE-2023-1032 - Linux kernel io_uring IORING_OP_SOCKET double free: Posted by Thadeu Lima de Souza Cascardo on Mar 13A double-free vulnerability was found in the handling of IORING_OP_SOCKET
operation with io_uring on the Linux kernel.
It was fixed…
0
5
16
Make your own backdoor: CFLAGS code injection, Makefile injection, pkg-config
"I've chosen the Linux kernel as the target for the attack, and I want to do it without changing either the kernel source code or any release tarballs."
0
7
16
CVE-2014-1739: Kernel Infoleak vulnerability in,media_enum_entities(): Hi,
We found an infoleak vulnerability...
http://t.co/BN4XPcxEUI
0
7
15
Re: New Linux kernel NetFilter flaw gives attackers root privileges: Posted by Thadeu Lima de Souza Cascardo on May 10If users don't need user namespaces, they can disable it on Ubuntu kernels as a
mitigation by doing:
sysctl -w…
0
5
15
CVE-2022-2586 - Linux kernel nf_tables cross-table reference UAF: Posted by Thadeu Lima de Souza Cascardo on Aug 09CVE-2022-2586 - Linux kernel nf_tables cross-table reference UAF
It was discovered that a nft object or expression could reference a nft…
0
3
13
Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow: Posted by Tina Li on Oct 03Hi Peter, We are trying to follow your steps to reproduce the attack. Our host is Ubuntu 18.04.2 LTS. Guest is…
0
10
13
CVE-2022-2588 - Linux kernel cls_route UAF: Posted by Thadeu Lima de Souza Cascardo on Aug 09CVE-2022-2588 - Linux kernel cls_route UAF
It was discovered that the cls_route filter implementation in the Linux kernel
would not remove an old filter from…
1
5
13
Re: CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation: Posted by Solar Designer on Jun 30Hi all,
I'm attaching Norbert's exploit (lpe.c) that was attached to his May 12
notification to linux-distros. We're now…
0
8
12
CVE-2023-1281, CVE-2023-1829: Linux kernel: Vulnerabilities in the tcindex classifier: Posted by valis on Apr 11Hi,
I have recently discovered two security issues in the tcindex
classifier (part of the network QoS subsystem of the Linux kernel):
…
0
1
12
Firefox 124.0.1 fixes two critical JavaScript engine vulnerabilities
CVE-2024-29943: Out-of-bounds access via Range Analysis bypass
CVE-2024-29944: Privileged JavaScript Execution via Event Handlers
0
9
13
CVE request: libpng buffer overflow in png_set_PLTE: I request a CVE for a vulnerability in libpng, all versio...
0
13
13
[CVE-2023-42755] Linux kernel wild pointer access: Posted by Kyle Zeng on Sep 25Hi there,
I recently found a bug in the rsvp traffic classifier in the Linux kernel.
This classifier is already retired in the upstream but affects all stable
releases.…
0
4
13
CVE-2023-31248 - Linux kernel nf_tables UAF when using nft_chain_lookup_byid: Posted by Thadeu Lima de Souza Cascardo on Jul 05It was discovered that it was possible to refer to a deleted nf_tables
chain when using nft_chain_lookup_byid, leading to a…
1
1
13
CVE-2021-33656: Linux kernel: When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.(: Posted by Weigang (Jimmy) on Jul 19Fix has been released in Linux kernel stable tree:
.
0
3
13
CVE-2023-3439: Linux MCTP use-after-free in mctp_sendmsg: Posted by Lin Ma on Jul 02Hello,
We have found a concurrency use-after-free case in Linux kernel and assigned with CVE-2023-3439 by Red Hat Team.
Below is the details about this issue.
…
0
2
13
usbview polkit policy local root exploit (CVE-2022-23220): Posted by Matthias Gerstner on Jan 21Hello list,
this is to inform you about a local root exploit I found in usbview [1]
release 2.1. This finding was embargoed for 7 days on the…
0
9
12
Re: CVE-2015-1805 Linux kernel: pipe: iovec overrun leading to memory corruption:
And that's not the end of t...
0
10
12
RCE in Exim reported: Posted by Phil Pennock on Nov 24In Post-Thanksgiving mail-catchup, I see that the Exim…
0
9
12
Qualys Security Advisory - Buffer overflow in glibc's ld.so: Posted by Qualys Security Advisory on Dec 11Qualys Security Advisory Buffer overflow in glibc's ld.so ======================================================================== Contents…
0
14
12
CVE-2014-4943: Linux privilege escalation in ppp over l2tp sockets: CVE-2014-4943 is a flaw in the Linux kerne...
http://t.co/9FpWu5L9FP
0
18
12
Linux kernel: CVE-2017-18344: arbitrary-read vulnerability in the timer subsystem: Posted by Andrey Konovalov on Aug 02Hi! Syzkaller/syzbot found a global-out-of-bounds bug in the timer subsystem of the Linux kernel [1], that is exploitable and can be…
0
5
11
Re: CVE-2022-1972: out-of-bound write in Linux netfilter subsystem leads to local privilege escalation: Posted by Solar Designer on Aug 06[...]
Apparently, this vulnerability was also independently discovered by
Arthur Mongodin during an internship…
0
3
11
[SECURITY ADVISORY] curl: TLS certificate check bypass with mbedTLS/PolarSSL: TLS certificate check bypass wi...
0
11
11
Linux kernel: off-by-one in fl_set_geneve_opt: Posted by Hangyu Hua on Jun 06Hi guys,
I find a off-by-one bug in linux kernel's Flower
classifier(NET_CLS_FLOWER). It can cause denial-of-service and privilege
escalation.
# Details:
static int…
0
5
11
CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions: Posted by David Hildenbrand on Aug 08Hi,
I found a security issue (CVE-2022-2590) in the Linux kernel similar to
Dirty COW (CVE-2016-5195), however, restricted to…
0
5
11
Re: CVE-2016-7545 -- SELinux sandbox escape: Posted by Yves-Alexis Perez on Oct 25Hi,
it seems that firejail ...
0
6
11
CVE-2016-7545 -- SELinux sandbox escape: Posted by up201407890 on Sep 25Hi,
When executing a program via the ...
0
12
10
Xen Security Advisory 254 (CVE-2017-5753,CVE-2017-5715,CVE-2017-5754) - Information leak via side effects of speculative execution: Posted by Xen . org security team on Jan 03 Xen Security Advisory CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 / XSA-254…
0
12
10
[vs] CVE-2023-32324 heap buffer overflow in cupsd: Posted by Zdenek Dohnal on Jun 01Hi all,
there is currently embargoed CVE-2023-32324 in cups project:
Summary
A heap buffer overflow vulnerability would allow a remote attacker to
lauch a dos…
0
1
10
Linux kernel: multiple vulnerabilities in the USB subsystem x3: Posted by Andrey Konovalov on Dec 03Hi! More CVEs for bugs in Linux kernel USB drivers that can be triggered by an external malicious USB device. Found with syzkaller [1]. This time no…
0
10
10
CVE-2014-3471 Qemu: hw: pci: use after free triggered via guest: -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1...
http://t.co/bkF46g1lIH
0
17
10
Re: CVE-2023-0045: Linux Kernel: Bypassing Spectre-BTI User Space Mitigations: Posted by Rodrigo Branco on Feb 04Here is the original write-up:
I am already talking to Rafael from Google to get their version updated.
The…
0
4
9
Apache mod_dav off-by-one: Posted by Evgeny Legerov on Aug 09Hi,
How it happens that Apache process_if_header off-by-one, which has been
mentioned in
The Art of Software Security Assessment (page 420), still remains unpatched?
What am I…
0
0
9
CVE-2018-10853 kernel: kvm: guest userspace to guest kernel write: Posted by P J P on Sep 02 Hello, A flaw was found in the way Linux kernel KVM hypervisor emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL)…
0
10
9
Intel hyper-threading security issues: Posted by Loganaden Velvindron on Jun 19Hi all, OpenBSD has gone ahead and disabled Intel Hyper threading with a fairly detailed comment about the reasons behind: () openbsd org/msg99141.html…
0
6
9
Linux kernel io_uring out-of-bounds access to physical memory: Posted by Tobias Holl on May 08Hi all,
a bug in the fixed buffer registration code for io_uring
(io_sqe_buffer_register in io_uring/rsrc.c) allows out-of-bounds access
to physical memory…
0
1
9
SLAM: Spectre based on Linear Address Masking. A vulnerability in closed source CPUs which open source OSes may need to mitigate was disclosed today:
Disclosing
#SLAM
, aka how to combine Spectre and Intel LAM (& co.) to leak kernel memory on future CPUs (demo below). Thousands of exploitable "unmasked" (or pointer chasing) gadgets in the Linux kernel. Joint work by
@MatheHertogh
@SanWieb
@c_giuffrida
:
1
60
187
0
2
9
CVE-2015-8088: Heap Overflow Vulnerability in the HIFI Driver of Huawei Smart Phone: Hello everyone,
One month...
0
5
8
@fr0gger_
Update on xz backdoor
OpenSSH: systemd notifications without libsystemd, attack surface reduction
libsystemd: load libraries on demand
Backdoor: interactive sessions, disassembler
OpenJS Foundation "Failed Credible Takeover Attempt"
the xz sshd backdoor rabbithole goes quite a bit deeper. I was just able to trigger some harder to reach functionality of the backdoor. there's still more to explore.. 1/n
34
1K
5K
0
3
9
CVE-2023-38633 in librsvg: Arbitrary file read when xinclude href has special characters: Posted by Alan Coopersmith on Jul 27I haven't seen this go by yet, so for those who haven't seen it:
reports:
CVE-2023-38633:…
0
4
9
CVE-2017-14991 in the Linux Kernel: local infoleak via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0: Posted by…
0
8
8
Re: Type Confusion in Linux Kernel: Posted by Kyle Zeng on Jan 10Hi John,
A crash report is attached to this email. I hope this helps evaluate
the security implication of the bug.
Best,
Kyle Zeng
…
0
2
9
heap overflow in procmail: I noticed a heap overflow in procmail when parsing addresses with
unbalanced quotes...
http://t.co/fLTGGZSKEq
0
5
9
CVE-2024-2961: glibc: ISO-2022-CN-EXT: Out-of-bound writes when writing escape sequence
iconv() in glibc 2.39 and older may overflow the output buffer by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set
1
3
9
CVE request: remote heap overflow in linux networking stack: Posted by Jason A. Donenfeld on Apr 24Hello,…
0
4
9
CVE-2023-3338: Linux Kernel NULL Pointer Dereference in DECnet: Posted by Ornaghi Davide - Betrusted on Jun 24Hi all,
I'm reporting a Null Pointer Dereference vulnerability that I found while attempting to ping localhost by sending a
Hello message…
0
0
9
Strings the binary payload checks for
Ongoing further analysis of the payload
Scripted part of the backdoor illustrated by
@fr0gger_
systemd upstream stance
🤯 The level of sophistication of the XZ attack is very impressive! I tried to make sense of the analysis in a single page (which was quite complicated)!
I hope it helps to make sense of the information out there. Please treat the information "as is" while the analysis
102
3K
13K
1
3
9
Explanation on how and why xz/liblzma is loaded into sshd on many Linux distros, and what we can do about that and
.o file samples from 5.6.0 and 5.6.1
Mirror with working commit links
1
5
8
CVE-2023-35001 - Linux kernel nf_tables nft_byteorder_eval OOB read/write: Posted by Thadeu Lima de Souza Cascardo on Jul 05It was discovered that it was possible to cause an out-of-bounds read or
write when processing an nft_byteorder expression.
…
1
0
9
CVE-2022-4543: KASLR Leakage Achievable even with KPTI through Prefetch Side-Channel: Posted by Will on Dec 16I've discovered that KPTI has implementation issues, allowing any local attacker to easily, quickly, and reliably leak
KASLR base via prefetch…
0
1
9