PRESS RELEASE

ATLANTA, July 16, 2024 /PRNewswire/ -- Secureworks® (NASDAQ: SCWX), a global leader in cybersecurity, today announced the launch of Taegis™ ManagedXDR Plus, a new Managed Detection and Response (MDR) offering that liberates the mid-market from indistinct, cookie cutter security solutions that don't meet their unique security requirements. Today's announcement means that this market sector will no longer be forced to use homogenous cybersecurity solutions that don't align to unique environments or the AI-fueled attacks that target them. Taegis ManagedXDR Plus empowers companies with the tailored use cases, compliance reports, and alerting they need to tackle the rising tide of cyberattacks and regulations with limited budget and people.

Nearly one in three (30%) mid-market companies experienced at least one ransomware attack in 20231 highlighting the need for organizations to strengthen their cyber resiliency with a proactive approach, tailored to their environment. Taegis ManagedXDR Plus addresses the evolving needs of this market sector with greater customization and flexibility on alerting, workflows, and reports to address their specific environment, industry regulations, and risk profile. These personalized configurations are supported by expanded threat hunting and access to proactive services to further increase their vigilance against threats. Organizations can see more, detect better, and respond faster by leveraging Secureworks security operations expertise and threat intelligence to fortify their cyber resiliency and exposure management.

"Until today, the mid-market has had to make do with security solutions that do little to bolster their cyber posture. Yet as the economic driving force for countries around the world, the butterfly effect of a cyberattack on organizations in this sector can often be felt far and wide, testing the digital resilience of the wider global economy. It is imperative for our collective defense that organizations of all sizes have access to cybersecurity that improves their security posture within the reality of their budget," said Kyle Falkenhagen, Chief Product Officer, Secureworks. "The cost of building a SOC in-house quickly escalates when you consider the breadth and depth of expertise required for these advanced challenges, let alone the costs of hiring, training and retaining a robust staff for 24/7 coverage. Taegis ManagedXDR Plus enables mid-market customers to take full advantage of the Taegis platform and our in-house experts to up-level their security to an enterprise level without breaking their budget."

Delivered using the Secureworks Taegis XDR platform, Taegis ManagedXDR Plus expands upon the capabilities of Secureworks Taegis ManagedXDR solution in several areas:

*   Tailored AI Enriched Use Cases: Taegis ManagedXDR Plus customers can leverage customization options tailored to their specific needs.
    
*   Expanded Threat Hunting: This new tier quadruples the number of AI assisted threat hunts available as part of Taegis ManagedXDR, and allows for customized requests to more rapidly uncover emerging and undiscovered threat actors targeting their environments.
    
*   Premium Support with Named Experts: Customers can also tap into the knowledge of Secureworks experts to further optimize Taegis in their environment, including 1x1 guidance to help efficiently build their security posture over time.
    
*   Proactive Security Services: Customers can select from a range of proactive security services to further raise their resiliency, identify gaps in posture, and deepen Taegis knowledge.
    

Secureworks now offers three tiers within its Taegis ManagedXDR portfolio - Taegis ManagedXDR, Taegis ManagedXDR Plus and Taegis ManagedXDR Enhanced - delivering on the company's commitment to meet customers wherever they are on their security journey. Regardless of the tier, Taegis ManagedXDR customers enjoy transparent pricing in an inclusive model which includes direct access to security experts within 90 seconds, one year of log retention to assist in threat hunting and compliance needs, hundreds of integrations to unify their existing ecosystem, and more to provide mid-market customers peace of mind and predictability in their cybersecurity budget.

"In an increasingly sophisticated cybersecurity landscape, enterprises find it challenging to handle security operations by themselves. These organizations have distinct needs. Secureworks acknowledges this and provides increased flexibility with Taegis ManagedXDR Plus," said Lucas Ferreyra, cybersecurity industry analyst, Frost & Sullivan. "This new MDR service tier delivers additional capabilities that multiply the value of Secureworks MDR service, further enhancing prevention, detection and response, and showing why Secureworks is one of the leaders in the MDR space."

For more information, please visit the Taegis ManagedXDR Plus web page.

About Secureworks

Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world detection data, security operations expertise, and threat intelligence and research. Taegis is embedded in the security operations of thousands of organizations around the world who use its advanced, AI-driven capabilities to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

Secureworks Elevates State of Cybersecurity for Mid-Market Customers With Managed Detection and Response Offering

PRESS RELEASE

NEW YORK, July 15, 2024 /PRNewswire/ -- BlueVoyant, an industry-leading cybersecurity company, today announced the launch of its innovative Cyber Defense Platform. The platform integrates internal, external, and supply chain defense solutions into a single, cloud-native platform designed to measure and strengthen cyber defense posture in a cost-effective manner.

The mission of security operations teams has expanded from protecting the organization's internal networks to also include external threats from supply chain vendors, the digital fraudsters, and the dark web. However, multiple point solutions introduce complexity in management and provide a fragmented view of cyber posture.

BlueVoyant's Cyber Defense Platform provides AI-powered, next-generation security operations across enterprises' entire attack surface. It processes data and alerts from internal networks, supply chains, and the clear, deep, and dark web. This all leads to improvements in scalability, productivity, and enterprises' cyber risk posture.

The platform offers a variety of products and services to strengthen and manage an organization's cyber defense, including:

1.  Detection & Response:  Bolster internal network defenses by utilizing Managed Extended Detection & Response (MXDR) across the entire security stack from endpoints and SIEM (security information and event management) to the cloud, with integrated Digital Forensics and Incident Response (DFIR) for added protection
    
2.  Supply Chain Defense: Manage and respond to risks from suppliers, vendors, and other third parties
    
3.  Digital Risk Protection: Detect and respond to external cyber risks, such as brand impersonation, phishing, stolen data, and more
    
4.  Proactive Defense: Proactive approach to attack surface management that includes vulnerability management, external attack surface management, penetration testing, phishing awareness, dark web threat research, and configuration management
    
5.  Cyber Posture Management: Continuously assess, manage, and improve your organization's security posture to reduce cyber risk by leveraging the guidance provided by the NIST Cyber Security Framework (CSF)
    

"The BlueVoyant Cyber Defense Platform is a leap forward in the cybersecurity landscape," said James Rosenthal, CEO and co-founder of BlueVoyant. "We understand the escalating demands that security operations teams face in detecting and responding to threats swiftly. Our platform harnesses the power of AI to respond to those challenges with next-generation security operations across the entire attack surface. The result is improved scalability, enhanced productivity, and a stronger cyber risk posture, all based on cutting-edge technology."        

BlueVoyant boasts more than 1,000 customers, and recently announced the acquisition of Conquest Cyber, a cyber defense company renowned for its innovative SaaS technology. In addition, Microsoft recently named BlueVoyant the prestigious 2024 Worldwide Security Partner of the Year, which recognizes that BlueVoyant is on the forefront of cybersecurity. The company is also a member of the Microsoft Copilot for Security Design Council.

BlueVoyant recently unveiled a new Security Operations (SOC) and Customer Experience Center in Leeds, England, which joins BlueVoyant's existing SOC in Hungary. An additional EU SOC will be opening in Ireland later in 2024. The company's SOCs complement existing global security operations centers and provide additional in-time-zone support for European clients. 

To learn more about the BlueVoyant Cyber Defense Platform, visit the BlueVoyant website.

About BlueVoyant  
BlueVoyant delivers a comprehensive cloud-native security operations platform that provides real-time threat monitoring for networks, endpoints, and supply chains, extending to the clear, deep, and dark web. The platform integrates advanced AI technology with expert human insight to offer extensive protection and swift threat mitigation, ensuring enterprise cybersecurity. Trusted by more than 1,000 clients globally, and the 2024 Microsoft Worldwide Security Partner of the Year, BlueVoyant sets the standard for modern cyber defense solutions.

BlueVoyant Unveils Edge Security Operations Platform

The gang already uses varied tools in its attacks, such as phishing, SIM swapping, and MFA fatigue.

Source: Stephen Street via Alamy Stock Photo

Octo Tempest, a threat actor also known as Scattered Spider, has added RansomHub and Qilin to its repository for use in attacks, Microsoft's Threat Intelligence Team is warning.

The gang, which first arrived on the scene in 2022, is known for its social engineering techniques, which Microsoft describes as sophisticated, as well as identity compromises, targeting of VMware ESXi servers, and deployment of BlackCat ransomware. It was also infamously behind the massive ransomware attacks on Caesars Palace and MGM Entertainment last year.

Other tactics, techniques, and procedures (TTPs) the group is known to use include impersonating IT employees to deceive company staff into providing credentials or gaining persistence using remote access tools, as well as phishing, MFA bombing, and SIM swapping.

Qilin ransomware also surfaced in 2022 under a different name, "Agenda," but quickly rebranded. The group is known to have targeted and claimed more than 130 companies, demanding ransoms from as low as $25,000 and well into millions, and is developing a customizable Linux encryptor to target VMware ESXi servers, according to Microsoft. RansomHub, meanwhile, is a ransomware-as-a-service (RaaS) offering that is becoming increasingly favored by threat actors, "making it one of the most widespread ransomware families today," the tech giant said via X.

Octo Tempest accounts for a significant number of the investigations that the Microsoft team covers, it said, and has dominated incident response engagements it has received since first gaining attention through its "oktapus" campaign, which targeted over 130 well-known organizations.

Microsoft: Scattered Spider Widens Web With RansomHub &amp; Qilin

### Impact

The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as `<`, `0` and `%>`.

If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities.

### Patches

The REXML gem 3.3.2 or later include the patches to fix these vulnerabilities.

### Workarounds

Don't parse untrusted XMLs.

### References

* https://github.com/ruby/rexml/security/advisories/GHSA-vg3r-rm7w-2xgh : This is a similar vulnerability
* https://www.ruby-lang.org/en/news/2024/07/16/dos-rexml-cve-2024-39908/

Skip to content

**Navigation Menu**

*   *   Actions
        
        Automate any workflow
        
    *   Packages
        
        Host and manage packages
        
    *   Security
        
        Find and fix vulnerabilities
        
    *   Codespaces
        
        Instant dev environments
        
    *   GitHub Copilot
        
        Write better code with AI
        
    *   Code review
        
        Manage code changes
        
    *   Issues
        
        Plan and track work
        
    *   Discussions
        
        Collaborate outside of code
        
    

*   Explore
    
    *   Learning Pathways
    *   White papers, Ebooks, Webinars
    *   Customer Stories
    *   Partners
    
*   *   GitHub Sponsors
        
        Fund open source developers
        
    
    *   The ReadME Project
        
        GitHub community articles
        
    
*   *   Enterprise platform
        
        AI-powered developer platform
        
    
*   Pricing

**Search code, repositories, users, issues, pull requests...**

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  CVE-2024-39908

**REXML denial of service vulnerability**

Moderate severity GitHub Reviewed Published Jul 16, 2024 in ruby/rexml

**Package**

**Affected versions**

< 3.3.2

**Description**

Published to the GitHub Advisory Database

Jul 16, 2024

**Severity**

**CVSS base metrics**

User interaction

Required

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

**Weaknesses**

**GHSA ID**

GHSA-4xqq-m2hx-25v8

**Source code**

GHSA-4xqq-m2hx-25v8: REXML denial of service vulnerability

### Summary
Vulnerability scan of fiona shows [CVE-2023-45853](https://nvd.nist.gov/vuln/detail/CVE-2023-45853)

### Details
fiona depends on madler-zlib 1.3.  MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.

### Impact
Unkown.  Please document if this vulnerability is exposed


Skip to content

**Navigation Menu**

*   *   Actions
        
        Automate any workflow
        
    *   Packages
        
        Host and manage packages
        
    *   Security
        
        Find and fix vulnerabilities
        
    *   Codespaces
        
        Instant dev environments
        
    *   GitHub Copilot
        
        Write better code with AI
        
    *   Code review
        
        Manage code changes
        
    *   Issues
        
        Plan and track work
        
    *   Discussions
        
        Collaborate outside of code
        
    

*   Explore
    
    *   Learning Pathways
    *   White papers, Ebooks, Webinars
    *   Customer Stories
    *   Partners
    
*   *   GitHub Sponsors
        
        Fund open source developers
        
    
    *   The ReadME Project
        
        GitHub community articles
        
    
*   *   Enterprise platform
        
        AI-powered developer platform
        
    
*   Pricing

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  GHSA-q5fm-55c2-v6j9

**Fiona affected by CVE-2023-45853 related to MiniZip madler-zlib**

Critical severity GitHub Reviewed Published Jul 15, 2024 in Toblerity/Fiona • Updated Jul 16, 2024

**Affected versions**

< 1.10b1

**Description**

**Summary**

Vulnerability scan of fiona shows CVE-2023-45853

**Details**

fiona depends on madler-zlib 1.3. MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4\_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.

**Impact**

Unkown. Please document if this vulnerability is exposed

**References**

*   GHSA-q5fm-55c2-v6j9
*   https://nvd.nist.gov/vuln/detail/CVE-2023-45853
*   OSGeo/gdal@4aa7ca6
*   madler/zlib@73331a6

Published to the GitHub Advisory Database

Jul 16, 2024

Last updated

Jul 16, 2024

GHSA-q5fm-55c2-v6j9: Fiona affected by CVE-2023-45853 related to MiniZip madler-zlib

### Summary
Vulnerability scan of fiona shows [CVE-2020-14152](https://nvd.nist.gov/vuln/detail/CVE-2020-14152)

### Details
In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption.

### Impact
Unkown. Please document if this vulnerability is exposed


**Fiona affected by CVE-2020-14152 related to madler-zlib**

High severity GitHub Reviewed Published Jul 15, 2024 in Toblerity/Fiona • Updated Jul 16, 2024

GHSA-g4m4-9q4c-mfw6: Fiona affected by CVE-2020-14152 related to madler-zlib

As attackers set their sights on infrastructure, security teams need to reduce risk levels without compromising operational agility.

Amir Hirsh, SVP & General Manager of OT Security, Tenable

July 16, 2024

4 Min Read

Source: ElenaBs via Alamy Stock Photo

COMMENTARY

Hackers affiliated with the Chinese government have reportedly maintained access to US critical infrastructure for years, several agencies warned in February. The revelation is, at least on the surface, a heel-turn for Chinese cyber behavior — moving from espionage to the potential compromise or destruction of infrastructure via operational technology (OT). This includes the programmable systems and devices connected to physical environments.

Last December, a supply chain-focused attack against ShipManager software from maritime advisory company DNV reportedly disrupted operations for dozens of its clients — affecting as many as 1,000 vessels. In November, the Cybersecurity and Infrastructure Security Agency warned of Iranian actors actively exploiting Unitronics equipment used in water and wastewater systems, prompting a later warning from the Environmental Protection Agency (EPA) and the White House. The EPA also warned in May that a whopping 70% of US water systems fail its cybersecurity standards.

Similar OT systems have been connected to the Internet to enable remote monitoring and control, but that convenience has opened up avenues for attackers. These systems were often built for reliability before widespread connectivity. They are often implemented with niche solutions and can be difficult to audit and protect.

OT attacks, along with IT attacks on infrastructure supporting these operational environments, can take down customers' supply chains, damage equipment, and result in costly production disruptions: According to a study by ITC, four in 10 enterprise organizations said one hour of downtime can cost from $1 million to over $5 million.

Keeping the lights on in these increasingly complex environments is no easy feat. OT needs even higher levels of protection than that afforded to IT, since a single OT breach can cascade across multiple systems. Here, I'll outline three key steps for defending these environments, which begins with understanding OT's cyber-physical impacts and complexities.

**1\. Eliminate Gaps Across Environments**

Convergence of security between IT and OT is accelerating, but the two cannot be completely independent workstreams. Managing OT security is not a "set it and forget it" or reactive process, and vulnerability management cannot be lax. An effective strategy meant to reduce OT risk and protect operational uptime requires full asset visibility, and oftentimes there is crossover with IT.

With greater visibility, defenders can gather accurate and continuous telemetry data. Acquiring it, however, will entail ongoing communication and collaboration with the IT teams who have traditionally overseen Internet-facing devices.

IT and OT defenders can establish cross-functional teams and carry out joint risk assessment exercises. This open line will generate a better understanding about how assets communicate with each other, which apps are running (and where), and how user privileges are configured. The visibility gives teams greater control over their organizational infrastructure and can inform critical decision-making processes.

**2\. Develop Comprehensive OT Playbooks**

Once assets are mapped and better understood, the next step is a standardization of security practices. Defenders should create or evolve OT security playbooks and consider a range of scenarios.

Plans should draw from the organization's existing knowledge base, outline step-by-step incident response protocols, and define reactive steps among all business units and executives — for instance, documenting which teams or partners must respond in the event of a sector-specific worst-case scenario, such as a critical pipeline being held for ransom.

OT defenders should also regularly monitor guidance disseminated by the National Institute of Standards and Technology (including the new governance pillar of the NIST CSF framework) and intelligence agencies, along with industry groups and vendors.

**3\. Implement Robust Controls**

With more systems coming online, the general widening of the OT attack surface necessitates powerful exposure management technology. In fact, this is a point my colleagues and I continue to raise in different forums, as threat actors, like China-backed entities, continue to shift their tactics.

Sophisticated advanced persistent threats (APTs), like China's Volt Typhoon, increasingly rely on living-off-the-land techniques — using legitimate, embedded services to carry out their crimes. This can cloak their network activity and make traditional indicators of compromise highly difficult to detect. This ultimately dilutes the impact of more traditional security technologies.

Defenders simply cannot overlook this threat. They must be able to contextualize data and resolve issues before they can be exploited, performing functions like high-speed asset discovery and malware detection.

**Moving Away From Reactive Policies**

Given the rise of ransomware attacks in OT environments — more than half of polled industrial firms confirming they've suffered a related incident — there is new urgency tied to this domain. In fact, these events have created space for security teams to advocate internally for more robust controls.

Luckily, as part of this effort, organizations are steadily moving away from the reactive policies that once guided OT and instead are looking more holistically at the intricate web of networks and devices across their operations.

By using these tips, security teams can effectively reduce risk levels without compromising operational agility. OT infrastructure demands time and attention, but greater security will help protect physical environments from the advances of prominent APTs.

**About the Author(s)**

SVP & General Manager of OT Security, Tenable

Amir Hirsh is a technological entrepreneur based in Israel with over 20 years of experience. He has been instrumental in the creation, growth and sale of numerous companies covering cyber, AI, and media.

Amir leads Tenable's platform, exposure management, and operational technology (OT) business units, driving continued product innovation and development to address both present and future market needs. He also oversees Tenable's go-to-market, marketing, and engineering teams. He is a creative thinker and an innovative tech and business leader with an execution-focused management style.

As a key leader at Tenable, Amir speaks regularly at various industry events and conferences, and his views on market trends and the technology innovation driving them have been covered in many media outlets.

Defending OT Requires Agility, Proactive Controls

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Where's a good tailwind when you need it? Come up with a clever cybersecurity-related caption to describe the scene above, and our favorite will win a $25 Amazon gift card.

Here are four convenient ways to submit your ideas before the Aug. 14, 2024, deadline:

*   Via social media: X, Facebook, and LinkedIn. (If you win, we'll respond to you on the same platform, requesting your email address.)
    

**Last Month's Winner**

Congratulations, Joe Ayella, whose caption for last month's contest, "Future Shock," rose above a creative collection of contenders to capture first place. Your gift card is on the way. As always, we appreciate everyone who took the time to participate.

**About the Author(s)**

John Klossner has been drawing technology cartoons for more than 15 years. His work regularly appears in Computerworld and Federal Computer Week. His illustrations and cartoons have also been published in The New Yorker, Barron's, and The Wall Street Journal.

Name That Toon: Near Miss

The ransomware is rudimentary with basic functionalities, likely having been created by an inexperienced developer — but it's effective at locking up files and sucking up memory capacity.

Source: imageBROKER.com GmbH & Co. KG via Alamy Stock Photo

A ransomware strain coined "ShadowRoot" has been found targeting Turkish businesses through phishing attacks.

The phishing emails contain a PDF attachment disguised as an invoice with embedded malicious links. Upon user interaction, this triggers a download of a RootDesign.exe file hosted on a compromised GitHub account.

The downloaded file is a Delphi binary and, according to researchers at Forcepoint who analyzed the exe, it drops further payloads: "C:\\TheDream\\RootDesign.exe," "C:\\TheDream\\Uninstall.exe” and “C:\\TheDream\\Uninstall.ini".

"We have observed recursive self-process creation by RootDesign.exe, which causes the files to get encrypted multiple times, resulting in higher memory consumption," the researchers said. "It also drops many copies of encrypted files on the root."

They add that the ransomware appears "rudimentary" and likely the work belonging to an inexperienced developer.

In addition to user awareness for defense, the researchers recommend blocking the following email addresses to prevent being targeted by the Shadowroot threat actors:

*   Kurumsal\[.\]tasilat\[@\]internet\[.\]ru
    
*   ran\_master\_som\[@\]proton\[.\]me
    
*   lasmuruk\[@\]mailfence\[.\]com
    

**About the Author(s)**

Shadowroot Ransomware Lures Turkish Victims via Phishing Attacks

Debian Linux Security Advisory 5730-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5730-1                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
July 15, 2024                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : linux  
CVE ID         : CVE-2022-43945 CVE-2022-48772 CVE-2024-25741 CVE-2024-26629  
                 CVE-2024-27019 CVE-2024-31076 CVE-2024-33621 CVE-2024-33847  
                 CVE-2024-34027 CVE-2024-35247 CVE-2024-36014 CVE-2024-36015  
                 CVE-2024-36016 CVE-2024-36270 CVE-2024-36286 CVE-2024-36288  
                 CVE-2024-36489 CVE-2024-36894 CVE-2024-36971 CVE-2024-36974  
                 CVE-2024-36978 CVE-2024-37078 CVE-2024-37353 CVE-2024-37356  
                 CVE-2024-38381 CVE-2024-38546 CVE-2024-38547 CVE-2024-38548  
                 CVE-2024-38549 CVE-2024-38552 CVE-2024-38555 CVE-2024-38558  
                 CVE-2024-38559 CVE-2024-38560 CVE-2024-38565 CVE-2024-38567  
                 CVE-2024-38578 CVE-2024-38579 CVE-2024-38582 CVE-2024-38583  
                 CVE-2024-38586 CVE-2024-38587 CVE-2024-38589 CVE-2024-38590  
                 CVE-2024-38596 CVE-2024-38597 CVE-2024-38598 CVE-2024-38599  
                 CVE-2024-38601 CVE-2024-38605 CVE-2024-38607 CVE-2024-38612  
                 CVE-2024-38613 CVE-2024-38615 CVE-2024-38618 CVE-2024-38619  
                 CVE-2024-38621 CVE-2024-38627 CVE-2024-38633 CVE-2024-38634  
                 CVE-2024-38635 CVE-2024-38637 CVE-2024-38659 CVE-2024-38661  
                 CVE-2024-38662 CVE-2024-38780 CVE-2024-39276 CVE-2024-39292  
                 CVE-2024-39301 CVE-2024-39467 CVE-2024-39468 CVE-2024-39469  
                 CVE-2024-39471 CVE-2024-39475 CVE-2024-39476 CVE-2024-39480  
                 CVE-2024-39482 CVE-2024-39484 CVE-2024-39488 CVE-2024-39489  
                 CVE-2024-39493 CVE-2024-39495 CVE-2024-39499 CVE-2024-39501  
                 CVE-2024-39502 CVE-2024-39503 CVE-2024-39505 CVE-2024-39506  
                 CVE-2024-39509 CVE-2024-40901 CVE-2024-40902 CVE-2024-40904  
                 CVE-2024-40905 CVE-2024-40912 CVE-2024-40916 CVE-2024-40929  
                 CVE-2024-40931 CVE-2024-40932 CVE-2024-40934 CVE-2024-40941  
                 CVE-2024-40942 CVE-2024-40943 CVE-2024-40945 CVE-2024-40958  
                 CVE-2024-40959 CVE-2024-40960 CVE-2024-40961 CVE-2024-40963  
                 CVE-2024-40968 CVE-2024-40971 CVE-2024-40974 CVE-2024-40976  
                 CVE-2024-40978 CVE-2024-40980 CVE-2024-40981 CVE-2024-40983  
                 CVE-2024-40984 CVE-2024-40987 CVE-2024-40988 CVE-2024-40990  
                 CVE-2024-40993 CVE-2024-40995 CVE-2024-41000 CVE-2024-41004  
                 CVE-2024-41005 CVE-2024-41006

Several vulnerabilities have been discovered in the Linux kernel that  
may lead to a privilege escalation, denial of service or information  
leaks.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 5.10.221-1.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security  
tracker page at:  
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmaVfQRfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0QTQBAAjbkSAUDxfo/lXRTOhZ/6AB3rmZY9aTl99Xb1ylIxr2BYJDS1HqPeHtv9  
574sis7ZyHK6FfaTO0mgX1xvg4eVGtnMWkJrROOVX7DtbKeHAFzhw9tfB2Ed7Yw1  
kz9y+AOkIZe1Rua35FmgoYz5kgKtKUO2VN0Ku61x4CrzIPdhICE3/GDoJLlB5vnK  
lPFId3Gkki5oZn3vdIj22uph1RFrdMsZKippTHfRXYPJGGbwjr5oOdmuWhIlsZuN  
4M1mzVu9l0FkDwR1V3fTi7y5SdX0JOd9FxH0POiQ3udTAteeJC1Vh0YQHLVqIa/m  
xr6m+p8XUSf0bZt+SdnqcNhpWk4NaRUqqHjBISDpzHpIiRj6/c5WCzyxf+lhR/BH  
GsDXL2a8+pKGsJVd++GbmUp++2tv6b/DOT0OfIbgfpQdAemgpdGWhUcRUB650UaR  
jg+Z7hVDL1gAN3hL16eRfO99/OYakVcS35qXC2+b3fIggz2oer5qnLZI0svojkDt  
9oHiANpGFe4GZQjTfamRtG79uua3jyrtEg2qzopMtVdDokuOIHPuKqtraMbJ1JMx  
Mtu7sYOSUsOLDSBqEJaPVzZUFoDOfBJ1/uZZ1msXefxkiTR2hyb4YMcd6MnV6nX4  
NXAHKHsRChFeESP3b/z8Ca0alXQUrPUqb0U7fbW8mVYFnNT0R18=  
=IskL  
-----END PGP SIGNATURE-----

Latest News