Rewterz

Rewterz Threat Alert – IAmTheKing and the SlothfulMedia Malware – IoCs

October 19, 2020
Rewterz

Rewterz Threat Advisory – Node.js npm-user-validate module denial of service

October 20, 2020

Rewterz Threat Advisory – CVE-2020-27194 – Linux Kernel scalar32_min_max_or function denial of service

Severity

Medium

Analysis Summary

Linux Kernel is vulnerable to a denial of service, caused by the mishandling of bounds tracking in the scalar32_min_max_or function in kernel/bpf/verifier.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.

Impact

Denial of service

Affected Vendors

Linux

Affected Products

Linux Kernel 5.8.0

Remediation

Upgrade to the latest version of Linux Kernel (5.8.15 or later).

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.