#wifi

Ubuntu Security Notice 5874-1 - It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service or possibly execute arbitrary code. It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice 5876-1 - It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service.

Ubuntu Security Notice 5875-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Sonke Huster discovered that a use-after-free vulnerability existed in the WiFi driver stack in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

How newly exposed security weaknesses in industrial wireless, cloud-based interfaces, and nested PLCs serve as a wake-up call for hardening the physical process control layer of the OT network.

The first guide of our two-part series helps consumers choose the best way to manage their login credentials

**How could an attacker exploit this vulnerability?** For an attacker to exploit this vulnerability, the following conditions must be met: * The attacker must be in physical proximity to the targeted victim. A remote attack is not possible because this vulnerability is at the Wi-Fi layer. * The victim must be using unprotected transports such as plain HTTP. If customers follow the security best practices outlined in the Executive Summary, this vulnerability would be difficult to exploit.

Categories: News Tags: android 14 Tags: developer preview Tags: apps Tags: malware Tags: download We take a look at what the Android 14 developer preview means for Android security moving forward. (Read more...) The post Android 14 developer preview highlights multiple security improvements appeared first on Malwarebytes Labs.

Categories: Personal Tags: love and passwords Tags: password sharing with partner Tags: privacy This Valentine’s Day, we ask the inevitable password question: is it okay to share passwords with your partner? (Read more...) The post Should you share passwords with your partner? appeared first on Malwarebytes Labs.

NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. This affects MR60 before 1.1.7.132, MS60 before 1.1.7.132, R6900P before 1.3.3.154, R7000P before 1.3.3.154, R7960P before 1.4.4.94, and R8000P before 1.4.4.94.