#aws

Cybersecurity researchers have disclosed multiple critical security flaws in the TorchServe tool for serving and scaling PyTorch models that could be chained to achieve remote code execution on affected systems. Israel-based runtime application security company Oligo, which made the discovery, has coined the vulnerabilities ShellTorch. "These vulnerabilities [...] can lead to a full chain Remote

An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-20593: A flaw was found in hw, in “Zen 2” CPUs. This issue may allow an attacker to access sensitive information under specific microarchitectural circumstances. * CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configurat...

An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-35001: An out-of-bounds (OOB) memory access flaw was found in the Netfilter module in the Linux kernel's nft_byteorder_eval in net/netfilter/nft_byteorder.c. A bound check failure allows a local attacker with CAP_NET_ADMIN access to cause a local privilege escalation issue due to incorrect data alignment.

## Impact **Remote Server-Side Request Forgery (SSRF)** **Issue**: TorchServe default configuration lacks proper input validation, enabling third parties to invoke remote HTTP download requests and write files to the disk. This issue could be taken advantage of to compromise the integrity of the system and sensitive data. This issue is present in versions `0.1.0` to `0.8.1`. **Mitigation**: The user is able to load the model of their choice from any URL that they would like to use. The user of TorchServe is responsible for configuring both the [allowed_urls](https://github.com/pytorch/serve/blob/b3eced56b4d9d5d3b8597aa506a0bcf954d291bc/docs/configuration.md?plain=1#L296) and specifying the model URL to be used. A pull request to warn the user when the default value for `allowed_urls` is used has been merged - https://github.com/pytorch/serve/pull/2534. TorchServe release `0.8.2` includes this change. ## Patches ## TorchServe release 0.8.2 includes fixes to address the previou...

## Impact **Use of Open Source Library potentially exposed to RCE** **Issue**: Use of a version of the SnakeYAML `v1.31 `open source library with multiple issues that potentially exposes the user to unsafe deserialization of Java objects. This could allow third parties to execute arbitrary code on the target system. This issue is present in versions `0.3.0` to `0.8.1`. **Mitigation**: A pull request to address this issue has been merged - https://github.com/pytorch/serve/pull/2523. TorchServe release `0.8.2` includes this fix. ## Patches ## TorchServe release 0.8.2 includes fixes to address the previously listed issue: https://github.com/pytorch/serve/releases/tag/v0.8.2 **Tags for upgraded DLC release** User can use the following new image tags to pull DLCs that ship with patched TorchServe version 0.8.2: x86 GPU * v1.9-pt-ec2-2.0.1-inf-gpu-py310 * v1.8-pt-sagemaker-2.0.1-inf-gpu-py310 x86 CPU * v1.8-pt-ec2-2.0.1-inf-cpu-py310 * v1.7-pt-sagemaker-2.0.1-inf-cpu-py310 G...

LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as initial access into an environment with the goal of stealing Intellectual Property (IP) for extortion. LUCR-3 targets Fortune 2000 companies across various sectors, including but not limited to Software, Retail, Hospitality,

Red Hat—the world’s leading provider of open source solutions—is excited to announce the successful completion of the Infosec Registered Assessors Program (IRAP) assessment of Red Hat OpenShift Service on AWS (ROSA). IRAP is managed by the Australian Signals Directorate (ASD). ASD endorses qualified cybersecurity professionals to provide relevant security assessment services which aim to secure broader industry and Australian government systems and data. The IRAP assessment rigorously evaluated ROSA controls and has provided assurance that ROSA aligns with the Australian Information S

An update for openshift-gitops-kam is now available for Red Hat OpenShift GitOps 1.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-37788: A flaw was found in goproxy, which is vulnerable to a denial of service caused by improper input validation. This flaw allows a remote attacker can cause the goproxy server to crash by sending a specially crafted HTTP request to the HTTPS page, replacing the path "/" with an asterisk "*".

A Server-Side Request Forgery issue in the OpenID Connect Issuer in LemonLDAP::NG before 2.17.1 allows authenticated remote attackers to send GET requests to arbitrary URLs through the request_uri authorization parameter. This is similar to CVE-2020-10770.

Ubuntu Security Notice 6396-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information.