CVE-2023-40661 - How OpenSC’s Card Enrollment Memory Bugs Can Be Exploited with Custom Devices
OpenSC is a popular suite used for smart card operations—everything from digital signature to user authentication. Notably, it features command line tools like pkcs15-init
CVE-2023-42670 - Samba AD DC Disruption via Multiple Competing RPC Listeners
When it comes to managing Windows networks in Linux environments, Samba is the go-to suite providing seamless interoperability between Unix/Linux and Windows systems. However,
CVE-2023-4693 - Out-of-Bounds Read in GRUB2 NTFS Driver – How Attackers Can Leak Memory via Evil USBs
---
Introduction
Bootloader vulnerabilities are rare and dangerous, especially when it comes to leaking memory right at the start of a system’s lifecycle. CVE-2023-4693
CVE-2023-4387 - How a Use-After-Free Bug in VMware’s vmxnet3 Linux Driver Can Crash Your System
In September 2023, a serious security flaw was disclosed in the Linux kernel’s VMware vmxnet3 ethernet driver. This vulnerability, tracked as CVE-2023-4387, is a
CVE-2023-4147 - How a Use-After-Free in Linux Netfilter Could Let Local Users Hijack Your System
In July 2023, security researchers uncovered a dangerous bug in the Linux kernel’s Netfilter subsystem. This vulnerability, tracked as CVE-2023-4147, exposes millions of users
Episode
00:00:00
00:00:00