A security issue was discovered with interactions between the CNI (Container Networking Interface) portmap plugin versions prior to 0.7.5 and Kubernetes. The CNI portmap plugin is embedded into Kubernetes releases so new releases of Kubernetes are required to fix this issue.
Month: March 2019
ASA-2019-00161 – Kubernetes: Directory traversal vulnerability in kubectl
A security issue was discovered with the Kubernetes `kubectl cp` command that could enable a directory traversal replacing or deleting files on a user’s workstation.
ASA-2019-00160 – OpenBSD: GDT and IDT limits were improperly restored during VMM context switches
GDT and IDT limits were improperly restored during VMM context switches.
ASA-2019-00159 – OpenBSD: States in pf (packet filter) let ICMP and ICMP6 packets pass
States in pf (packet filter) let ICMP and ICMP6 packets pass if they have a packet in their payload that matches an exiting connection. It was not checked whether the outer ICMP packet has the same destination IP as the source IP of the inner protocol packet.
ASA-2019-00158 – GnuTLS: Use-after-free/double-free in certificate verification
A flaw was found in gnutls 3.5.8 or later. A use-after-free in multi-threaded-clients and a double-free vulnerability in single-threaded clients because _gnutls_x509_get_signature does not clear signature->data in the cleanup path.
ASA-2019-00157 – Barracuda: Privilege Escalation in VPN Client
The barracudavpn component of the Barracuda VPN Client prior to version 5.0.2.7 for Linux, macOS, and OpenBSD runs as a privileged process and can allow an unprivileged local attacker to load a malicious library, resulting in arbitrary code executing as root.
ASA-2019-00156 – Linux kernel: Object fsnotify_mark refcount leak in inotify_update_existing_watch()
In the Linux kernel since commit 4d97f7d53da7dc83 ("inotify: Add flag IN_MASK_CREATE for inotify_add_watch()"), the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak).
ASA-2019-00155 – Telegram: Internationalized domain name (IDN) homograph attacks
Telegram (tested on all mobile versions and Linux and Windows for desktop) is vulnerable to an IDN homograph attack when displaying messages containing URLs. Homograph attack is a security vulnerability that can deceive users into thinking they are visiting a certain website when in fact they are directed to a different, but homograph, domain name. This type of vulnerability can be used to weaponize social engineering, increasing the chances for a successful attack.