Show newer

@lupyuen sadly it is difficult to audit the code you will use in case of complexe libraries :( still system hardening is a good practice. I will have a look at this one and see what / if some can be done to prevent such leaks from the host machine.

@lupyuen the vulnerability appears to be in the emulated e1000 card. This makes the impact of this issue much less critical since this driver is rarely used.

"Bhyve is a hypervisor for FreeBSD. This blogpost will describe how a limited OOB write vulnerability in an Adapter Emulator can be turned into code execution allowing to escape from the guest machine"

synacktiv.com/publications/esc

Singapore-based Crypto firm BitKeep hit by Dec 26 hack, more than $8 million lost ... "hacker had done so by hijacking and installing code on version 7.2.9 of the APK files available for download on the website"

straitstimes.com/singapore/sin

Show older
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.