all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Vulnerability Spotlight: Vulnerabilities in popular library affect Unix-based devices

Add to bookmarks
Sept. 22, 2022, 9 a.m. | Jon Munshaw (noreply@blogger.com)

Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com



Lilith >_> of Cisco Talos discovered these vulnerabilities. 

Cisco Talos recently discovered a memory corruption vulnerability in the uClibC library that could affect any Unix-based devices that use this library. uClibC and uClibC-ng are lightweight replacements for the popular gLibc library, which is the GNU Project's implementation of the C standard library. 

TALOS-2022-1517 (CVE-2022-29503 - CVE-2022-29504) is a memory corruption vulnerability in uClibC and uClibc-ng that can occur if a malicious user repeatedly creates threads. 

Many embedded devices utilize this …

devices library popular spotlight unix vulnerabilities vulnerability vulnerability spotlight

Visit resource

More from blog.talosintelligence.com / Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

Could the Brazilian Supreme Court finally hold people accountable for sharing disinformation? 12 hours ago | blog.talosintelligence.com
account blocked court disinformation +8
OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal 1 day, 18 hours ago | blog.talosintelligence.com
cisco cisco talos code confidential +20
Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials 2 days, 18 hours ago | blog.talosintelligence.com
attacks brute brute-force cisco +24
The internet is already scary enough without April Fool’s jokes 1 week ago | blog.talosintelligence.com
april backdoor community internet +7
Vulnerability in some TP-Link routers could lead to factory reset 1 week, 1 day ago | blog.talosintelligence.com
amd directx driver factory +10
April’s Patch Tuesday includes 150 vulnerabilities, 60 which could lead to remote code execution 1 week, 2 days ago | blog.talosintelligence.com
april code code execution critical +10
Starry Addax targets human rights defenders in North Africa with new malware 1 week, 2 days ago | blog.talosintelligence.com
activists actor africa cisco +18
There are plenty of ways to improve cybersecurity that don’t involve making workers return to … 2 weeks ago | blog.talosintelligence.com
actions april cybersecurity don +14
CoralRaider targets victims’ data and social media accounts 2 weeks ago | blog.talosintelligence.com
accounts actor calling cisco +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Cloud Security Engineer

@ Pacific Gas and Electric Company | Oakland, CA, US, 94612
View on infosec-jobs.com

Penetration Tester (Level 2)

@ Verve Group | Pune, Mahārāshtra, India
View on infosec-jobs.com

Senior Security Operations Engineer (Azure)

@ Jamf | US Remote
View on infosec-jobs.com

(Junior) Cyber Security Consultant IAM (m/w/d)

@ Atos | Berlin, DE, D-13353
View on infosec-jobs.com
View more jobs