An issue exists in net/tipc/crypto.c in the Linux kernel prior to 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote malicious users to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
fedoraproject fedora 34 |
||
fedoraproject fedora 35 |
||
netapp h300s_firmware - |
||
netapp h500s_firmware - |
||
netapp h700s_firmware - |
||
netapp h300e_firmware - |
||
netapp h500e_firmware - |
||
netapp h700e_firmware - |
||
netapp h410s_firmware - |
Get our weekly newsletter Plus: Uncle Sam gets tough on patching, NIST needs you, and more
In brief A consortium of private equity types have stumped up $12bn in cash to acquire what's left of McAfee the company plus another couple of billion to pay off its debts. McAfee has been in and out of the stock market: it last went public in October 2020 with a valuation of $3.6bn. It then spun off its enterprise security business in March for $4bn in another cash deal, and now the consumer side of the business has been snapped up for $14bn total. “This transaction is a testament to McAfeeâ...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources ARPA-H joins the challenge, adds $20M to cash rewards
Interview As ransomware gangs target critical infrastructure – especially hospitals and other healthcare organizations – DARPA has added another government agency partner to its Artificial Intelligence Cyber Challenge (AIxCC). AIxCC is the two-year competition that DARPA announced last summer at Black Hat which challenges teams to build AI-based tools that automatically secure code used in critical infrastructure. The new government agency partner is the Advanced Research Projects Agency for...