Marcus Meissner
By: Marcus Meissner

September 17, 2020 1:37 pm

835 views

SUSE Addresses “ZeroLogon” Vulnerability

On September 11, Secura research published a new software vulnerability called “ZeroLogon”, which exploits a protocol weakness in the SMB Netlogon protocol. This vulnerability may affect users of SUSE Linux Enterprise Server running Samba servers in older or non-standard configurations. Attackers could use it to bypass access control to the domain controller. A workaround […]

Read More


Marcus Meissner
By: Marcus Meissner

July 27, 2020 8:39 am

9,879 views

SUSE addresses BootHole security exposure

Security researchers from Eclypsium have published an attack called BootHole today. This attack requires root access to the bootloader used in Linux operating systems, GRUB2. It bypasses normal Secure Boot protections to persistently install malicious code which cannot be detected by the operating system. Given the need for root access to the bootloader, the described […]

Read More


Marcus Meissner
By: Marcus Meissner

June 9, 2020 4:39 pm

2,224 views

SUSE addresses Special Register Buffer Data Sampling (SRBDS) aka CrossTalk attack

Today Intel and security researchers published a number of security issues covering various Intel hardware and software components in their IPU 2020.1 release. One of those issues is a side-channel information leak attack against special registers, like the Intel CPU random register. Memory can not be read out, only previously generated random values could […]

Read More


Marcus Meissner
By: Marcus Meissner

May 7, 2020 3:18 pm

1,389 views

Critical security issue in Salt Stack

Security reseachers have identified a critical security vulnerability in the salt stack management framework. If your salt "master" was reachable over the network by attackers, attackers could inject code into your salt managed hosts. At this time there are already reports of exploits in the wild. SUSE has released security updates for its salt […]

Read More


Marcus Meissner
By: Marcus Meissner

November 11, 2019 10:14 am

1,979 views

SUSE addresses Transactional Asynchronous Abort and Machine Check Error on Page Size Changes issues

Today Intel and security researchers published a number of security issues covering various Intel hardware and software components. Intel has published an overview of those issues in a blog article. SUSE is providing updates to mitigate two new Intel CPU issues out of the above list. Machine Check Error on Page Size Changes / CVE-2018-12207 […]

Read More


Marcus Meissner
By: Marcus Meissner

June 24, 2019 10:14 am

1,915 views

Removal of IBRS mitigation for Spectre Variant2

As the Meltdown and Spectre attacks were published begin of January 2018, several mitigations were planned and implemented for Spectre Variant 2. What is Spectre Variant2? Spectre Variant 2 describes an issue where the CPUs branch prediction can be poisoned, so the CPU speculatively executes code it usually would never try to. For instance userspace […]

Read More


Marcus Meissner
By: Marcus Meissner

June 18, 2019 1:43 pm

1,294 views

SUSE address the SACK panic tcp remote denial of service attacks

The page has changed due to adjustments to a new location: SUSE addresses the “SACK Panic” TCP remote denial of service attacks[…]

Read More


Marcus Meissner
By: Marcus Meissner

June 17, 2019 12:40 pm

3,187 views

SUSE addresses the “SACK Panic” TCP remote denial of service attacks

Security researchers from Netflix have identified three new remote denial of service attacks against the Linux TCP stack. These can be all exploited remotely as soon as a TCP port is open to the public in default settings. There are three distinct issues: CVE-2019-11477: Also known as "SACK Panic". A integer overflow when SACK […]

Read More


Marcus Meissner
By: Marcus Meissner

May 13, 2019 3:08 pm

4,808 views

SUSE addresses Microarchitectural Data Sampling Vulnerabilities

Researchers have identified new CPU side channel information leak attacks against various microarchitectural buffers used in Intel CPUs. These attacks allows local attackers to execute code to read out portions of recently read or written data by using speculative execution. Local attackers can be on the same OS or running code on the same thread […]

Read More


Marcus Meissner
By: Marcus Meissner

January 10, 2019 3:25 pm

2,612 views

Stack clashing systemd aka “System Down”

One and a half year ago the security research company Qualys reported a new attack class against common operating systems called "Stack Clash". We documented this in our TID 7020973. The core security problem is that variable sized stack allocations could be used to overwrite heap memory as stack and heap grow towards each […]

Read More