Tag
#amd
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-26341: A flaw was found in hw. This issue can cause AMD CPUs to transiently execute beyond unconditional direct branches. * CVE-2021-33655: An out-of-bounds write flaw was found in the Linux kernel’s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user to c...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-26341: A flaw was found in hw. This issue can cause AMD CPUs to transiently execute beyond unconditional direct branches. * CVE-2021-33655: An out-of-bounds write flaw was found in the Linux kernel’s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user t...
Categories: Threat Intelligence Tags: malvertising Tags: Aurora stealer Tags: loader Tags: Amadey Not all system updates mean well, and some will even trick you into installing malware. (Read more...) The post Fake system update drops Aurora stealer via Invalid Printer loader appeared first on Malwarebytes Labs.
<p>This article is the first in a six-part series in which we present various usage models for <strong>confidential computing</strong>, a set of technologies designed to protect data in use—for example by using memory encryption—and the requirements to get the expected security and trust benefits from the technology.</p> <p>In the series, we will focus on four primary use cases: confidential <em><strong>virtual machines</strong></em>, confidential <e
To protect its Confidential Computing cloud infrastructure and gain critical insights, Google leans on its relationships with chipmakers.
Ubuntu Security Notice 6027-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.
<p>In this article we will describe how Microsoft and Red Hat are collaborating in the open source community to show how Red Hat <a href="https://www.redhat.com/en/technologies/cloud-computing/openshift">OpenShift</a> can be deployed on <a href="https://aka.ms/azurecc">Azure Confidential Computing</a> for providing confidential container capabilities to its users. For this purpose, OpenShift uses the <a href="https://www.redhat.com/en/blog/learn-openshift-sandboxed-containe
Ubuntu Security Notice 6014-1 - Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.
<drupal-media data-align="center" data-entity-type="media" data-entity-uuid="86dcee13-494e-41e0-a1ed-419306586e5d"></drupal-media> <h3>What are Confidential Containers?</h3> <p><strong><a href="https://github.com/confidential-containers">Confidential Containers</a></strong> (CoCo) is a new sandbox project of the <a href="https://www.cncf.io/">Cloud Native Comput
Ubuntu Security Notice 6013-1 - Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.