Sept. 19, 2023, 10:20 p.m. |

Ubuntu security notices

Daniel Moghimi discovered that some Intel(R) Processors did not properly
clear microarchitectural state after speculative execution of various
instructions. A local unprivileged user could use this to obtain to
sensitive information. (CVE-2022-40982)

Yang Lan discovered that the GFS2 file system implementation in the Linux
kernel could attempt to dereference a null pointer in some situations. An
attacker could use this to construct a malicious GFS2 image that, when
mounted and operated on, could cause a denial of service (system crash). …

clear cve daniel file file system implementation information intel kernel lan linux linux kernel local processors sensitive sensitive information speculative execution state system usn vulnerabilities

Business Information Security Officer

@ Metrolink | Los Angeles, CA

Senior Security Engineer

@ Freedom of the Press Foundation | Remote, 4 hour time zone overlap with New York City

Security Engineer

@ ChartMogul | Remote, EU

Senior Threat Engineer

@ Zscaler | Tel Aviv-Yafo, Israel

Information Security Communication Specialist

@ MicroStrategy | Mumbai, India

Principal Software Engineer (Network Security - SASE)

@ Palo Alto Networks | Santa Clara, CA, United States