CVE-2021-34392
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the tz_map_shared_mem function can bypass boundary checks, which might lead to denial of service.
Similar Posts
Hacker behind biggest ever cryptocurrency heist returns stolen funds
The threat actor who hacked Poly Network’s cross-chain interoperability protocol yesterday to steal over $600 million worth of cryptocurrency assets is now returning the stolen funds. As the Chinese decentralized finance (DeFi) platform Poly Network shared two hours ago, the hacker has already returned almost $260 million worth of stolen cryptocurrency. In total, the attacker…
CVE-2021-35474 – Alert Detail – Security Database
Executive Summary Informations Name CVE-2021-35474 First vendor Publication 2021-06-30 Vendor Cve Last vendor Modification 2021-06-30 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…
Irish Police ‘Significantly Disrupt’ Attackers’ Operations
Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service Conti Ransomware Attackers’ Infrastructure Targeted After Health Service Disruption Mihir Bagwe • September 6, 2021 GNCCB has deployed this splash screen on seized domains (Source: Garda.ie) Ireland’s cybercrime police, the Garda National Cyber Crime Bureau, have conducted a “significant disruption operation” targeting the IT infrastructure…
Microsoft says China-based hackers found bug to target U.S. firms
China-based government hackers have exploited a bug in Microsoft’s email server software to target U.S. organizations, the company said Tuesday. Microsoft said that a “highly skilled and sophisticated” state-sponsored group operating from China has been trying to steal information from a number of American targets, including universities, defence contractors, law firms and infectious-disease researchers. Microsoft…
New XcodeSpy malware targets iOS devs in supply-chain attack
A malicious Xcode project known as XcodeSpy is targeting iOS devs in a supply-chain attack to install a macOS backdoor on the developer’s computer. Xcode is a free application development environment created by Apple that allows developers to create applications that run on macOS, iOS, tvOS, and watchOS. Like other development environments, it is common…
At Least 10 APT Groups Exploiting Flaws
Cybercrime , Forensics , Fraud Management & Cybercrime Some Attacks Predate Microsoft Being Alerted to the Vulnerabilities, ESET Says Doug Olenick (DougOlenick) • March 11, 2021 Microsoft Exchange attack timeline (Source: ESET) Serious vulnerabilities in Microsoft Exchange have been exploited by at least 10 advanced persistent threat groups that have been collectively been…