Gentoo Linux Security Advisory 202312-14 - Multiple vulnerabilities have been discovered in FFmpeg, the worst of which could lead to code execution. Versions greater than or equal to 6.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202312-14  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: FFmpeg: Multiple Vulnerabilities  
     Date: December 23, 2023  
     Bugs: #795696, #842267, #881523, #903805  
       ID: 202312-14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilitiies have been discovered in FFmpeg, the worst of  
which could lead to code execution

Background  
=========  
FFmpeg is a complete solution to record, convert and stream audio and  
video.

Affected packages  
================  
Package             Vulnerable    Unaffected  
------------------  ------------  ------------  
media-video/ffmpeg  < 6.0         >= 6.0

Description  
==========  
Multiple vulnerabilities have been discovered in FFmpeg. Please review  
the CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All FFmpeg 4 users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=media-video/ffmpeg-4.4.3"

All FFmpeg 6 users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=media-video/ffmpeg-6.0"

References  
=========  
[ 1 ] CVE-2021-33815  
      https://nvd.nist.gov/vuln/detail/CVE-2021-33815  
[ 2 ] CVE-2021-38171  
      https://nvd.nist.gov/vuln/detail/CVE-2021-38171  
[ 3 ] CVE-2021-38291  
      https://nvd.nist.gov/vuln/detail/CVE-2021-38291  
[ 4 ] CVE-2022-1475  
      https://nvd.nist.gov/vuln/detail/CVE-2022-1475  
[ 5 ] CVE-2022-3964  
      https://nvd.nist.gov/vuln/detail/CVE-2022-3964  
[ 6 ] CVE-2022-3965  
      https://nvd.nist.gov/vuln/detail/CVE-2022-3965  
[ 7 ] CVE-2022-48434  
      https://nvd.nist.gov/vuln/detail/CVE-2022-48434

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202312-14

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202312-14

Gentoo Linux Security Advisory 202312-13 - Multiple vulnerabilities have been discovered in Gitea, the worst of which could result in information leakage. Versions greater than or equal to 1.20.6 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202312-13  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Low  
    Title: Gitea: Multiple Vulnerabilities  
     Date: December 23, 2023  
     Bugs: #887825, #891983, #905886, #918674  
       ID: 202312-13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been discovered in Gitea, the worst of  
which could result in information leakage.

Background  
=========  
Gitea is a painless self-hosted Git service.

Affected packages  
================  
Package         Vulnerable    Unaffected  
--------------  ------------  ------------  
www-apps/gitea  < 1.20.6      >= 1.20.6

Description  
==========  
Multiple vulnerabilities have been discovered in Gitea. Please review  
the CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All Gitea users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=www-apps/gitea-1.20.6"

References  
=========  
[ 1 ] CVE-2023-3515  
      https://nvd.nist.gov/vuln/detail/CVE-2023-3515

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202312-13

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202312-13

Gentoo Linux Security Advisory 202312-12 - Several vulnerabilities have been found in Flatpack, the worst of which lead to privilege escalation and sandbox escape. Versions greater than or equal to 1.14.4 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202312-12  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Flatpak: Multiple Vulnerabilities  
     Date: December 23, 2023  
     Bugs: #775365, #816951, #831087, #901507  
       ID: 202312-12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Several vulnerabilities have been found in Flatpack, the worst of which  
lead to privilege escalation and sandbox escape.

Background  
=========  
Flatpak is a Linux application sandboxing and distribution framework.

Affected packages  
================  
Package           Vulnerable    Unaffected  
----------------  ------------  ------------  
sys-apps/flatpak  < 1.14.4      >= 1.14.4

Description  
==========  
Multiple vulnerabilities have been discovered in Flatpak. Please review  
the CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All Flatpak users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=sys-apps/flatpak-1.14.4"

References  
=========  
[ 1 ] CVE-2021-21381  
      https://nvd.nist.gov/vuln/detail/CVE-2021-21381  
[ 2 ] CVE-2021-41133  
      https://nvd.nist.gov/vuln/detail/CVE-2021-41133  
[ 3 ] CVE-2021-43860  
      https://nvd.nist.gov/vuln/detail/CVE-2021-43860  
[ 4 ] CVE-2022-21682  
      https://nvd.nist.gov/vuln/detail/CVE-2022-21682  
[ 5 ] CVE-2023-28100  
      https://nvd.nist.gov/vuln/detail/CVE-2023-28100  
[ 6 ] CVE-2023-28101  
      https://nvd.nist.gov/vuln/detail/CVE-2023-28101  
[ 7 ] GHSA-67h7-w3jq-vh4q  
[ 8 ] GHSA-xgh4-387p-hqpp

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202312-12

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202312-12

Gentoo Linux Security Advisory 202312-11 - A vulnerability has been found in SABnzbd which allows for remote code execution. Versions greater than or equal to 4.0.2 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202312-11  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: SABnzbd: Remote Code Execution  
     Date: December 23, 2023  
     Bugs: #908032  
       ID: 202312-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
A vulnerability has been found in SABnzbd which allows for remote code  
execution.

Background  
=========  
Free and easy binary newsreader with web interface.

Affected packages  
================  
Package           Vulnerable    Unaffected  
----------------  ------------  ------------  
net-nntp/sabnzbd  < 4.0.2       >= 4.0.2

Description  
==========  
A vulnerability has been discovered in SABnzbd. Please review the CVE  
identifier referenced below for details.

Impact  
=====  
A design flaw was discovered in SABnzbd that could allow remote code  
execution. Manipulating the Parameters setting in the Notification  
Script functionality allows code execution with the privileges of the  
SABnzbd process. Exploiting the vulnerabilities requires access to the  
web interface. Remote exploitation is possible if users exposed their  
setup to the internet or other untrusted networks without setting a  
username/password. By default SABnzbd is only accessible from  
`localhost`, with no authentication required for the web interface.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All SABnzbd users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-nntp/sabnzbd-4.0.2"

References  
=========  
[ 1 ] CVE-2023-34237  
      https://nvd.nist.gov/vuln/detail/CVE-2023-34237

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202312-11

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202312-11

Gentoo Linux Security Advisory 202312-10 - A vulnerability has been found in Ceph which can lead to root privilege escalation. Versions greater than or equal to 17.2.6 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202312-10  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Ceph: Root Privilege Escalation  
     Date: December 23, 2023  
     Bugs: #878277  
       ID: 202312-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
A vulnerability has been found in Ceph which can lead to root privilege  
escalation.

Background  
=========  
Ceph is a distributed network file system designed to provide excellent  
performance, reliability, and scalability.

Affected packages  
================  
Package           Vulnerable    Unaffected  
----------------  ------------  ------------  
sys-cluster/ceph  < 17.2.6      >= 17.2.6

Description  
==========  
A vulnerability has been discovered in Ceph. Please review the CVE  
identifier referenced below for details.

Impact  
=====  
The ceph-crash.service runs the ceph-crash Python script as root. The  
script is operating in the directory /var/lib/ceph/crash which is  
controlled by the unprivileged ceph user (ceph:ceph mode 0750). The  
script periodically scans for new crash directories and forwards the  
content via `ceph crash post`.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All Ceph users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=sys-cluster/ceph-17.2.6"

References  
=========  
[ 1 ] CVE-2022-3650  
      https://nvd.nist.gov/vuln/detail/CVE-2022-3650

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202312-10

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202312-10

A list of topics we covered in the week of December 18 to December 24 of 2023

December 21, 2023 - Xfinity has notified customers that due to exploitation of the Citrix Bleed vulnerability, attackers were able to access personal data of almost 36 million customers.

December 21, 2023 - A researcher found two Microsoft vulnerabilities which could be combined to achieve zero-click remote code execution.

December 21, 2023 - Google has issued an emergency update for Chrome that fixes an actively exploited zero-day vulnerability in the WebRTC component.

December 21, 2023 - Pharmacy chain Rite Aid has been denied the right to run facial recognition systems in its stores for five years, by the FTC.

December 21, 2023 - Learn how RaaS gangs use LOTL tactics in their attacks on organizations.

 A week in security (December 18 &#8211; December 24) 

By Owais Sultan
In the current high-tech age, consumer data is a business’s most important asset as they progressively shifts towards…
This is a post from HackRead.com Read the original post: Adobe Real-Time CDP: Personalized Customer Experience

Adobe Real-Time CDP: Personalized Customer Experience

Threat hunters have discovered a rogue WordPress plugin that's capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information.
The skimming activity is part of a Magecart campaign targeting e-commerce websites, according to Sucuri.
"As with many other malicious or fake WordPress plugins it contains some deceptive information at

Threat hunters have discovered a rogue WordPress plugin that's capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information.

The skimming activity is part of a Magecart campaign targeting e-commerce websites, according to Sucuri.

"As with many other malicious or fake WordPress plugins it contains some deceptive information at the top of the file to give it a veneer of legitimacy," security researcher Ben Martin said. "In this case, comments claim the code to be 'WordPress Cache Addons.'"

Malicious plugins typically find their way to WordPress sites via either a compromised admin user or the exploitation of security flaws in another plugin already installed on the site.

Post installation, the plugin replicates itself to the mu-plugins (or must-use plugins) directory so that it's automatically enabled and conceals its presence from the admin panel.

UPCOMING WEBINAR

Beat AI-Powered Threats with Zero Trust - Webinar for Security Professionals

Traditional security measures won't cut it in today's world. It's time for Zero Trust Security. Secure your data like never before.

Join Now

"Since the only way to remove any of the mu-plugins is by manually removing the file the malware goes out of its way to prevent this," Martin explained. "The malware accomplishes this by unregistering callback functions for hooks that plugins like this normally use."

The fraudulent also comes with an option to create and hide an administrator user account from the legitimate website admin to avoid raising red flags and have sustained access to the target for extended periods of time.

The ultimate objective of the campaign is to inject credit card stealing malware in the checkout pages and exfiltrate the information to an actor-controlled domain.

"Since many WordPress infections occur from compromised wp-admin administrator users it only stands to reason that they've needed to work within the constraints of the access levels that they have, and installing plugins is certainly one of the key abilities that WordPress admins possess," Martin said.

The disclosure arrives weeks after the WordPress security community warned of a phishing campaign that warns users of an unrelated security flaw and tricks them into installing a plugin under the guise of a patch. The plugin, for its part, creates an admin user and deploys a web shell for persistent remote access.

Sucuri said that the threat actors behind the campaign are leveraging the "RESERVED" status associated with a CVE identifier, which happens when it has been reserved for use by a CVE Numbering Authority (CNA) or security researcher, but the details are yet to be filled.

It also comes as the website security firm discovered another Magecart campaign that uses the WebSocket communications protocol to insert the skimmer code on online storefronts. The malware then gets triggered upon clicking a fake "Complete Order" button that's overlaid on top of the legitimate checkout button.

Europol's spotlight report on online fraud released this week described digital skimming as a persistent threat that results in the theft, re-sale, and misuse of credit card data. "A major evolution in digital skimming is the shift from the use of front-end malware to back-end malware, making it more difficult to detect," it said.

The E.U. law enforcement agency said it also notified 443 online merchants that their customers' credit card or payment card data had been compromised via skimming attacks.

Group-IB, which also partnered with Europol on the cross-border cybercrime fighting operation codenamed Digital Skimming Action, said it detected and identified 23 families of JS-sniffers, including ATMZOW, health\_check, FirstKiss, FakeGA, AngryBeaver, Inter, and R3nin, which were used against companies in 17 different countries across Europe and the Americas.

"In total, 132 JS-sniffer families are known, as of the end of 2023, to have compromised websites worldwide," the Singapore-headquartered firm added.

That's not all. Bogus ads on Google Search and Twitter for cryptocurrency platforms have been found to promote a cryptocurrency drainer named MS Drainer that's estimated to have already plundered $58.98 million from 63,210 victims since March 2023 via a network of 10,072 phishing websites.

"By targeting specific audiences through Google search terms and the following base of X, they can select specific targets and launch continuous phishing campaigns at a very low cost," ScamSniffer said.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Rogue WordPress Plugin Exposes E-Commerce Sites to Credit Card Theft

By Waqas
Work from home or WFH is a blessing for employees, but it can be a disguise when it comes to data security. Protecting yourself and your work infrastructure at home from cyberattacks is crucial.
This is a post from HackRead.com Read the original post: Top Data Security Issues of Remote Work

The surge in remote work has brought about intense concerns regarding data security including unsecured home networks and the increased use of personal devices pose significant challenges.

You’re living in an era where traditional office spaces are rapidly becoming a thing of the past. The advent of technology and the internet has brought about a paradigm shift in the way you work. This shift, however, has also ushered in new challenges, especially concerning data security. Data is the lifeblood of modern businesses, and its security should be a top priority.

The shift to remote work has only increased the need for robust data security measures. With employees accessing confidential information from a variety of locations and devices, the risk of data breaches has never been higher. Therefore, it’s important to understand these risks and implement effective measures to mitigate them.

In this article, you’ll explore the top data security issues of remote work and how to manage them effectively. Let’s begin.

****The Growth of Remote Work****

While the return-to-office initiative is on the rise, many organizations still allow remote or hybrid work arrangements. In 2023 alone, 28.2% of full-time employees use a hybrid approach, while 12.7% work from home. The flexibility offered by remote work is a big draw for many employees, and businesses are finding that it can also lead to increased productivity and cost savings.

However, as the number of remote workers increases, so does the risk of data security issues. Working from home often means using less secure home networks and personal devices, which can be a goldmine for cybercriminals. Furthermore, the lack of direct supervision makes enforcing corporate policies and regulatory requirements harder.

****Top Remote Work Data Security Issues****

One of remote work’s most significant data security issues is the risk of data breaches. In a traditional office setting, physical security measures can prevent unauthorized access to sensitive data. However, in a remote work setting, these measures are often absent. Moreover, the increased use of cloud services for collaboration and data storage also presents additional risks.

Another major issue is the vulnerability of home networks, which frequently lack the security measures found in corporate environments. Home networks, unlike corporate networks, frequently lack strict firewalls and antivirus software, making them a prime target. Cybercriminals can easily exploit these security flaws, putting personal information and data at risk. As a result, strengthening home network security is critical.

Other security issues to keep in mind include:

*   **Use of Personal Devices**: Remote employees frequently use personal devices for work, which can jeopardize data security. These devices may lack the same level of security as company-supplied equipment, making them more vulnerable to cyber threats and data breaches.
*   **Enforcing Corporate Policies and Regulatory Requirements** – Enforcing corporate policies and regulatory requirements is another major challenge with remote work. Ensuring compliance with data security policies can be difficult without the physical presence of supervisors and IT staff.
*   **Increased Risk of Phishing, Malware, and Social Engineering** – Remote workers are also more susceptible to phishing, malware, and social engineering attacks. These attacks often exploit human error and can lead to significant data breaches. Therefore, educating remote workers about these threats and how to avoid them is essential.
*   **Inadequate Secure Wi-Fi Networks**: Remote workers typically connect to corporate networks through unsecured or public Wi-Fi networks, which poses a significant security risk. Cybercriminals can easily exploit these networks by intercepting data transmission or injecting malware, potentially resulting in data breaches or system compromises. 

****Managing the Data Security Issues of Remote Work****

Regardless of these challenges, there are ways to effectively manage the data security issues associated with remote work. Implementing a data protection platform and zero-trust security controls are two of the most effective solutions.

A data protection platform is an essential component of today’s cybersecurity strategies. It offers a comprehensive solution for safeguarding sensitive data while meticulously monitoring and controlling data access. Its sophisticated mechanisms ensure that only authorized individuals have access to sensitive data, preserving data integrity and confidentiality. This platform is vital for preventing data breaches, improving regulatory compliance, and providing businesses with a secure digital environment.

Zero-trust security controls, on the other hand, are founded on a fundamental principle: by default, trust no user or device. Because of this, each access request is thoroughly verified before it can be approved. It is not a case of being overly suspicious, but of being proactive in terms of security. By scrutinizing every request, these controls significantly reduce the likelihood of data breaches. This method is extremely effective in preventing unauthorized access while also maintaining the integrity and confidentiality of sensitive data.

Other benefits of using data security tools for remote work include:

*   **Improved Visibility and Control:** Data security tools provide real-time visibility into all data movement, allowing businesses to monitor and control data access effectively.
*   **Improved Compliance:** These tools help to meet regulatory requirements by ensuring that data is handled and stored in a compliant manner, lowering the risk of penalties.
*   **Data Loss Risk is Reduced:** Data protection tools include features like automatic backups and encryption, which reduce the risk of data loss due to accidents or cyber-attacks.
*   **Advanced Threat Detection:** Some tools use artificial intelligence and machine learning to detect suspicious activity or anomalies, preventing potential breaches.
*   **Increased Productivity:** In a secure environment, employees can focus on their work without being concerned about potential data breaches, resulting in increased productivity.
*   **Improved Remote Work Security**: Data security tools include features like secure VPNs and multi-factor authentication, significantly enhancing network security by making it more difficult for unauthorized individuals to access sensitive information.
*   **Cost-Effective**: Implementing these tools can lead to long-term cost savings by preventing costly data breaches and reducing the time and resources spent on recovery after a breach.

Ultimately, remote work presents distinct data security challenges. These challenges, however, can be effectively managed with the right strategies and tools. A solid data protection platform that provides a secure foundation for your digital assets is extremely important.

Coupled with zero-trust security controls, you can ensure solid safeguards for your valuable data. These safeguards are essential to maintaining business continuity, especially in this day and age when remote work is becoming more common. With careful planning and implementation, you can weather the storm of data security threats in a remote work scenario.

****_RELATED ARTICLES_****

1.  **Top 3 data security risks facing businesses**
2.  **Data Security: Key Steps When Transferring Your Digital Workspace**
3.  **Data Security Threats to Businesses: Strategies to Strengthen Defense**
4.  **Nexo Achieves Type 2 SOC 2 Audit, Reinforces Data Security Compliance**
5.  **How cloud data distracts businesses from correct data security practices**

Top Data Security Issues of Remote Work

Gentoo Linux Security Advisory 202312-9 - Multiple vulnerabilities have been discovered in NASM, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 2.16.01 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202312-09  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: NASM: Multiple Vulnerabilities  
     Date: December 22, 2023  
     Bugs: #686720, #903755  
       ID: 202312-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
=======  
Multiple vulnerabilities have been discovered in NASM, the worst of  
which could lead to arbitrary code execution.

Background  
=========  
NASM is a 80x86 assembler that has been created for portability and  
modularity. NASM supports Pentium, P6, SSE MMX, and 3DNow extensions. It  
also supports a wide range of objects formats (ELF, a.out, COFF, etc),  
and has its own disassembler.

Affected packages  
================  
Package        Vulnerable    Unaffected  
-------------  ------------  ------------  
dev-lang/nasm  < 2.16.01     >= 2.16.01

Description  
==========  
Multiple vulnerabilities have been discovered in NASM. Please review the  
CVE identifiers referenced below for details.

Impact  
=====  
Please review the referenced CVE identifiers for details.

Workaround  
=========  
There is no known workaround at this time.

Resolution  
=========  
All NASM users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">Þv-lang/nasm-2.16.01"

References  
=========  
[ 1 ] CVE-2019-8343  
      https://nvd.nist.gov/vuln/detail/CVE-2019-8343  
[ 2 ] CVE-2020-21528  
      https://nvd.nist.gov/vuln/detail/CVE-2020-21528  
[ 3 ] CVE-2022-44370  
      https://nvd.nist.gov/vuln/detail/CVE-2022-44370

Availability  
===========  
This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202312-09

Concerns?  
========  
Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
======  
Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Tag

#mac