Friendica in Luxembourg

Search

Items tagged with: cve

Tinker ☀️

7 months ago

Tinker ☀️
7 months ago

Well this is fucking lovely....

Malicious code was discovered in the upstream tarballs of "xz" which then affects liblzma

Downstream there may be backdoors in various implementations of "sshd".

Versions Affected:

Fedora 41
Fedora Rawhide
openSUSE Tumbleweed
Debian testing, unstable, experimental distributions
Kali updates between March 26th and March 29th

Original notice here:
https://www.openwall.com/lists/oss-security/2024/03/29/4

Red Hat CVE: https://nvd.nist.gov/vuln/detail/CVE-2024-3094

Red Hat Security Blog Post: https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users

Arch Linux Security Post:

Urgent security alert for Fedora Linux 40 and Fedora Rawhide users

Red Hat Information Risk and Security and Red Hat Product Security learned that the latest versions of the “xz” tools and libraries contain malicious code that appears to be intended to allow unauthorized access.

^{, (Red Hat)}

#Linux #infosec #Hacking #FOSS #cve #cve20243094

Please wait

View in context

Alexandre Dulaunoy

1 year ago

Alexandre Dulaunoy
1 year ago

I maintain some notes about HTTP/2 ‘Rapid Reset’ DDoS attack - CVE-2023-44487

🔗 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088

#rapidreset #http2 #infosec #ddos #vulnerability #CVE-2023-44487

HTTP/2 Rapid Reset DDoS Attack

HTTP/2 Rapid Reset DDoS Attack. GitHub Gist: instantly share code, notes, and snippets.

^Gist

#infosec #ddos #Vulnerability #rapidreset #http2 #cve