Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

Google’s Authenticator App Now Lets You Sync 2FA Codes Across Devices

You can now sync sign-in codes across devices—but they aren’t end-to-end encrypted.

Wired
Open in Source
#ios#android#mac#apple#google#microsoft#auth
Red Hat Security Advisory 2023-1903-01

Red Hat Security Advisory 2023-1903-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section.

Red Hat Security Advisory 2023-1978-01

Red Hat Security Advisory 2023-1978-01 - The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Issues addressed include a denial of service vulnerability.

Google Authenticator App Gets Cloud Backup Feature for TOTP Codes

Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords (TOTPs) codes to the cloud. "This change means users are better protected from lockout and that services can rely on users retaining access, increasing both convenience and security,"

Zimperium Launches Unified Mobile Security Platform for Threat Detection, Visibility, and Response

Integrated platform enables enterprises to seamlessly execute their mobile-first security strategy.

CVE-2023-31083: BUG: general protection fault in hci_uart_tty_ioctl

An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur.

CVE-2023-31085: Re: BUG: divide error in ubi_attach_mtd_dev

An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0.

CVE-2023-31084: BUG: WARNING in dvb_frontend_get_event - Yu Hao

An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_interruptible would put the process to sleep, and down(&fepriv->sem) may block the process.

CVE-2023-31082: BUG: sleeping function called from invalid context in __might_resched

An issue was discovered in drivers/tty/n_gsm.c in the Linux kernel 6.2. There is a sleeping function called from an invalid context in gsmld_write, which will block the kernel.

CVE-2023-31081: BUG: general protection fault in vidtv_mux_stop_thread

An issue was discovered in drivers/media/test-drivers/vidtv/vidtv_bridge.c in the Linux kernel 6.2. There is a NULL pointer dereference in vidtv_mux_stop_thread. In vidtv_stop_streaming, after dvb->mux=NULL occurs, it executes vidtv_mux_stop_thread(dvb->mux).