#dos

Red Hat Security Advisory 2024-3345-03 - An update for.NET 8.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-3340-03 - An update for.NET 7.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation campaigns against enemies of Russia.

When a secure token parameter is provided to a SilverStripe site (such as isDev or flush) an empty token parameter can be provided in order to bypass normal authentication parameters. For instance, http://www.mysite.com/?isDev=1&isDevtoken will force a site to dev mode. Alternatively, "flush" could also be used in succession to cause excessive load on a victim site and risk denial of service. The fix in this case is to ensure that empty tokens fail the validation check.

### Impact There is a vulnerability in [GO managing malformed DNS message](https://groups.google.com/g/golang-announce/c/wkkO4P9stm0), which impacts Traefik. This vulnerability could be exploited to cause a denial of service. ### References - [CVE-2024-24788](https://www.cve.org/CVERecord?id=CVE-2024-24788) ### Patches - https://github.com/traefik/traefik/releases/tag/v2.11.3 - https://github.com/traefik/traefik/releases/tag/v3.0.1 ### Workarounds No workaround. ### For more information If you have any questions or comments about this advisory, please [open an issue](https://github.com/traefik/traefik/issues).

Ubuntu Security Notice 6777-4 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Ubuntu Security Notice 6783-1 - It was discovered that VLC incorrectly handled certain media files. A remote attacker could possibly use this issue to cause VLC to crash, resulting in a denial of service, or potential arbitrary code execution.

Red Hat Security Advisory 2024-3316-03 - Migration Toolkit for Applications 7.0.3 release. Issues addressed include denial of service and password leak vulnerabilities.

Red Hat Security Advisory 2024-3315-03 - Red Hat OpenShift Virtualization release 4.13.9 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-3314-03 - Red Hat OpenShift Virtualization release 4.15.2 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.