Dark Reading Article Boards - Message Boards posted ...

Hot Topics

Editors' Choice

6

Want Your Daughter to Succeed in Cyber? Call Her John

John De Santis, CEO, HyTrust, 5/16/2018

3

Don't Roll the Dice When Prioritizing Vulnerability Fixes

Ericka Chickowski, Contributing Writer, Dark Reading, 5/15/2018

2

Why Enterprises Can't Ignore Third-Party IoT-Related Risks

Charlie Miller, Senior Vice President, The Santa Fe Group, 5/14/2018

Live Events

Webinars

Improving Enterprise Authentication: Taming the Password Beast

Malicious Insiders: Real Defense for Real Businesses

Cloud & Security Risks: How to Discover and Manage Them

Webinar Archives

White Papers

Phishing Attack Bypasses Two-Factor Authentication

Mobile Devices: The New Support Frontier for IT (IDG Report)

Cyber-Attack Security Guide

Identity and Access Management Maturity Assessment

5 Phishing Predictions

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: "Security through obscurity"

Cartoon Archive

Current Issue

How to Cope with the IT Security Skills Shortage

Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

[Strategic Security Report] Navigating the Threat Intelligence Maze

Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.

Download Now!

[Strategic Security Report] Cloud Security's Changing Landscape

0 comments

The State of Ransomware

0 comments

The Dark Reading Security Spending Survey

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-11232
PUBLISHED: 2018-05-18

The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable.

CVE-2017-15855
PUBLISHED: 2018-05-17

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in u...

CVE-2018-3567
PUBLISHED: 2018-05-17

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages.

CVE-2018-3568
PUBLISHED: 2018-05-17

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur.

CVE-2018-5827
PUBLISHED: 2018-05-17

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event.