Thursday, July 15th, 2021

Time	Event
12:49a	[$] LWN.net Weekly Edition for July 15, 2021 The LWN.net Weekly Edition for July 15, 2021 is available. (Comment on this)
12:46p	Nguyen: CVE-2021-22555: Turning \x00\x00 into 10000$ For those who appreciate detailed descriptions of how to exploit a kernel vulnerability, this report on a netfilter bug by Andy Nguyen should certainly satisfy. CVE-2021-22555 is a 15 years old heap out-of-bounds write vulnerability in Linux Netfilter that is powerful enough to bypass all modern security mitigations and achieve kernel code execution. It was used to break the kubernetes pod isolation of the kCTF cluster and won 10000$ for charity (where Google will match and double the donation to 20000$). (Comment on this)
1:36p	Security updates for Thursday Security updates have been issued by Debian (firefox-esr and php7.0), Fedora (firefox, mingw-djvulibre, and seamonkey), Gentoo (fluidsynth, openscad, and urllib3), openSUSE (ffmpeg, nodejs12, and sqlite3), Red Hat (firefox), and SUSE (ffmpeg, kernel, nodejs10, nodejs12, nodejs14, and sqlite3). (Comment on this)
2:22p	[$] GitHub is my copilot Your editor has worked in the computing field for rather longer than he cares to admit; for all of that time it has been said that a day will come when all that tedious programming work will no longer be necessary. Instead, we'll just say what we want and the computer will figure it out. Arguably, the announcement of GitHub Copilot takes us another step in that direction. On the way, though, it raises some interesting questions about copyright and free-software licensing. (Comment on this)

<< Previous Day

2021/07/15 [Calendar]

Next Day >>