#vulnerability

### Impact The server allow to create any user who can trigger a pipeline run malicious workflows: - Those workflows can either lead to a host takeover that runs the agent executing the workflow. - Or allow to extract the secrets who would be normally provided to the plugins who's entrypoint are overwritten. ### Patches https://github.com/woodpecker-ci/woodpecker/pull/3933 ### Workarounds _Is there a way for users to fix or remediate the vulnerability without upgrading?_ **Enable the "gated" repo feature and review each change upfront** ### References - https://github.com/woodpecker-ci/woodpecker/pull/3933 - https://github.com/woodpecker-ci/woodpecker-security/pull/11 - https://github.com/woodpecker-ci/woodpecker-security/issues/8 (info will be published later at https://github.com/woodpecker-ci/woodpecker/issues/3924) - https://github.com/woodpecker-ci/woodpecker-security/issues/9 (info will be published later at https://github.com/woodpecker-ci/woodpecker/issues/3924) - https://gi...

### Impact The server allow to create any user who can trigger a pipeline run malicious workflows: - Those workflows can either lead to a host takeover that runs the agent executing the workflow. - Or allow to extract the secrets who would be normally provided to the plugins who's entrypoint are overwritten. ### Patches https://github.com/woodpecker-ci/woodpecker/pull/3909 https://github.com/woodpecker-ci/woodpecker/pull/3934 ### Workarounds _Is there a way for users to fix or remediate the vulnerability without upgrading?_ **Enable the "gated" repo feature and review each change upfront of running** ### References - https://github.com/woodpecker-ci/woodpecker/pull/3909 - https://github.com/woodpecker-ci/woodpecker/pull/3934 - https://github.com/woodpecker-ci/woodpecker-security/issues/10 (info will be published later at https://github.com/woodpecker-ci/woodpecker/issues/3929) - https://github.com/woodpecker-ci/woodpecker/issues/3929 (info will be published later once we got adoptio...

After an extended period underground, the Chinese hackers have added a more sophisticated infection chain and additional EDR evasion techniques.

A defective CrowdStrike kernel driver sent computers around the globe into a reboot death spiral, taking down air travel, hospitals, banks, and more with it. Here’s how that’s possible.

Private sector organizations are "hesitant" to seek guidance from the Coast Guard, which isn't sufficiently equipped to help them yet.

As threat actors get smarter about how they target employees, the onus is on organizations to create a strong line of defense — and the human element is a critical component.

Ubuntu Security Notice 6896-4 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice 6898-3 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice 6895-3 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service.

Ubuntu Security Notice 6902-1 - It was discovered that the Apache HTTP Server incorrectly handled certain handlers configured via AddType. A remote attacker could possibly use this issue to obtain source code.