Rewterz Threat Alert – Trickbot Malware – Active IOCs
June 7, 2022Rewterz Threat Advisory – Multiple Linux Kernel Vulnerabilities
June 8, 2022Rewterz Threat Alert – Trickbot Malware – Active IOCs
June 7, 2022Rewterz Threat Advisory – Multiple Linux Kernel Vulnerabilities
June 8, 2022Severity
High
Analysis Summary
CVE-2022-31026
GitHub Trilogy could allow a remote attacker to obtain sensitive information, caused by the use of uninitialized variable. By persuading a victim to connect to a specially-crafted server, an attacker could exploit this vulnerability to obtain up to 12 bytes of data from an uninitialized variable in stack memory, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2022-31026
Affected Vendors
GitHUB
Affected Products
GitHub Trilogy 2.1.0
Remediation
Upgrade to the latest version of Trilogy, available from the Trilogy Security Advisory.