CVE-2023-4091 - How Samba’s VFS “acl_xattr” Module Let SMB Clients Wipe Read-Only Files
A serious bug was found in Samba that lets SMB clients delete (truncate) the contents of files—even if they only have read-only access! This
CVE-2023-38472 - Exploiting the Avahi avahi_rdata_parse() Reachable Assertion Vulnerability
If you’re managing Linux systems or networked devices, you’ve probably come across Avahi. Avahi is the go-to open source implementation for Zeroconf and
CVE-2023-1192 - Understanding the Use-After-Free Flaw in Linux Kernel’s CIFS Implementation
In early 2023, a critical vulnerability was found in the CIFS (Common Internet File System) protocol implementation in the Linux Kernel. Tracked as CVE-2023-1192, this
CVE-2023-5178 - Use-After-Free in Linux NVMe-oF/TCP Can Lead to Privilege Escalation & Remote Code Execution
A serious vulnerability, CVE-2023-5178, was recently discovered in the Linux kernel’s NVMe-oF/TCP subsystem. This is the layer in Linux that allows fast storage
CVE-2023-41175 - Exploiting Integer Overflows in libtiff’s raw2tiff.c for Remote Code Execution
---
Overview
On August 29, 2023, a security flaw was disclosed in libtiff, a widely used open-source library for reading and writing TIFF (Tagged Image
Episode
00:00:00
00:00:00