Security
Headlines
HeadlinesLatestCVEs

Tag

#amd

RHSA-2022:7110: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0494: kernel: information leak in scsi_ioctl() * CVE-2022-1353: Kernel: A kernel-info-leak issue in pfkey_register * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu:...

Red Hat Security Data
Open in Source
#vulnerability#linux#red_hat#intel#amd#ibm#sap
CVE-2022-36368: IPFire 2.27 - Core Update 170 released - The IPFire Blog

Multiple stored cross-site scripting vulnerabilities in the web user interface of IPFire versions prior to 2.27 allows a remote authenticated attacker with administrative privilege to inject an arbitrary script.

Debian Security Advisory 5257-2

Debian Linux Security Advisory 5257-2 - The security update announced as DSA 5257-1 caused regressions on certain systems using the amdgpu driver. Updated packages are now available to correct this issue.

Hardware Makers Standardize Server Chip Security With Caliptra

The new open source specification from Open Compute Project is backed by Google, Nvidia, Microsoft, and AMD.

Microsoft Secures Azure Enclaves With Hardware Guards

Microsoft highlighted emerging confidential computing offerings for Azure during its Ignite conference.

What is the Confidential Containers project?

Confidential Containers (CoCo) is a new sandbox project of the Cloud Native Computing Foundation (CNCF) that enables cloud-native confidential computing by taking advantage of a variety of hardware platforms and technologies.

How to Perform a Free Ubuntu Vulnerability Scan with OpenSCAP and Canonical’s Official OVAL Content

Hello everyone! Five years ago I wrote a blogpost about OpenSCAP. But it was only about the SCAP Workbench GUI application and how to use it to detect security misconfigurations. Alternative video link (for Russia): https://vk.com/video-149273431_456239104 This time, I will install the OpenSCAP command line tool on Ubuntu and use it to check for vulnerabilities […]

Chaos Malware Resurfaces With All-New DDoS & Cryptomining Modules

The previously identified ransomware builder has veered in an entirely new direction, targeting consumers and business of all sizes by exploiting known CVEs through brute-forced and/or stolen SSH keys.

CVE-2022-40082: fix: fix path-traversal bug by ruokeqx · Pull Request #229 · cloudwego/hertz

Hertz v0.3.0 ws discovered to contain a path traversal vulnerability via the normalizePath function.

Microsoft Brings Zero Trust to Hardware in Windows 11

A stacked combination of hardware and software protects the next version of Windows against the latest generation of firmware threats.