Rewterz Threat Alert – ProLock RansomWare – IOCs
May 7, 2020Rewterz Threat Alert – Credit Card Skimmer Masquerades as Favicon
May 8, 2020Rewterz Threat Alert – ProLock RansomWare – IOCs
May 7, 2020Rewterz Threat Alert – Credit Card Skimmer Masquerades as Favicon
May 8, 2020Severity
Medium
Analysis Summary
A potential info leak of kernel private memory to userspace was found in the kernel’s implementation of core dumping userspace processes. An area of memory was allocated from free memory without being correctly initialized, this memory contents could contain kernel private information from previous executions and leak it to kernel space for any (probably local) user that is able to read the core dump. |
Impact
Exposure of sensitive data |
Affected Vendors
Linux
Affected Products
Linux Kernel
Remediation
A possible mitigation would be to disable core dumps system-wide by setting: * hard core 0 In the /etc/security/limits.conf file and restarting applications/services/processes which users may have access to or simply reboot the system. This disables core dumps. |