Initial Publication Date: 2022/04/19 14:30 PST CVE IDs: CVE-2021-3100, CVE-2021-3101, CVE-2022-0070, CVE-2022-0071 On December 12, 2021, Amazon publicly released a hotpatch for running Java VMs which disables the loading of the Java Naming and Directory Interface (JNDI) class. This hotpatch provides an immediate mitigation for critical issues within the open-source Apache “Log4j2" utility (CVE-2021-44228 and CVE-2021-45046) while allowing system administrators sufficient time to
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2022-006/
Linux vulnerabilities CVE-2022-0330 and CVE-2022-22942 Security Advisory Security Advisory Description CVE-2022-0330 A random memory access flaw was found in the Linux kernels GPU i915 kernel ...
More info:
https://support.f5.com/csp/article/K30914425?utm_source=f5support&utm_medium=RSS
More info:
https://www.oracle.com/security-alerts/cpuapr2022.html
Linux kernel vulnerability CVE-2022-0742 Security Advisory Security Advisory Description Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making ...
More info:
https://support.f5.com/csp/article/K68120526?utm_source=f5support&utm_medium=RSS
Linux kernel vulnerability CVE-2022-26354 Security Advisory Security Advisory Description A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached ...
More info:
https://support.f5.com/csp/article/K50401227?utm_source=f5support&utm_medium=RSS
Linux kernel vulnerabilities CVE-2022-26353 and CVE-2021-3748 Security Advisory Security Advisory Description CVE-2022-26353 A flaw was found in the virtio-net device of QEMU. This flaw was ...
More info:
https://support.f5.com/csp/article/K63714476?utm_source=f5support&utm_medium=RSS
BIG-IP APM OCSP vulnerability CVE-2021-23047 Security Advisory Security Advisory Description When BIG-IP APM performs Online Certificate Status Protocol (OCSP) verification of a certificate that ...
More info:
https://support.f5.com/csp/article/K79428827?utm_source=f5support&utm_medium=RSS
Over the years, I have seen some of the very best and worst of SOC operations. Having been involved in building or managing SOC’s in my days, and supporting major brands and public sector organizations across the world, it is fair to say I have seen some interesting things. First up, many people get confused … ContinuedThe post How Not to Build a SOC appeared first on VMware Security Blog.
More info:
https://blogs.vmware.com/security/2022/04/how-not-to-build-a-soc.html?utm_source=rss&utm_medium=rss&utm_campaign=how-not-to-build-a-soc
BIG-IP APM vulnerability CVE-2020-27716 Security Advisory Security Advisory Description When a BIG-IP APM virtual server processes traffic of an undisclosed nature, the Traffic Management ...
More info:
https://support.f5.com/csp/article/K51574311?utm_source=f5support&utm_medium=RSS
BIG-IP DNS vulnerability CVE-2021-23032 Security Advisory Security Advisory Description When a BIG-IP DNS system is configured with non-default Wide IP and pool settings, undisclosed DNS responses ...
More info:
https://support.f5.com/csp/article/K45407662?utm_source=f5support&utm_medium=RSS
