Home Tags Marvel

Tag: Marvel

Power Rangers film would’ve been better as a CW series

A phenomenal teen-acting ensemble gets screwed by feature-length aspirations, bad VFX.

First trailer for Netflix’s Iron Fist series is oddly bland

So far it's not breaking out of the mold like Jessica Jones and Luke Cage did.

Avengers-like team of Square Enix devs are making next Avengers game

Deal marks beginning of “multi-game” deal with Marvel.

D-Link DWR-932 B owner? Trash it, says security bug-hunter

More than 20 vulns in SOHOpeless LTE gateway If you've got a D-Link DWR-932 B LTE router, you might want to fire it into the sun – or hope that a firmware upgrade lands soon. Following the consumer broadband industry's consistently lackadaisical attitude to security, the device suffers from everything from backdoor accounts to default credentials, leaky credentials, firmware upgrade vulns and insecure UPnP. Pierre Kim outlines the litany of SOHOpelessness here, noting that many of the vulns are inherited from the Quanta LTE device that forms the basis of the badge-engineered marvel. The messes Kim found include: SSH and the telnet daemon are enabled by default, with two backdoor accounts (admin:admin, and root:1234); If an attacker sends a crafted UDP string to the appmgr program, it will launch telnetd; The Wi-Fi Protected Setup (WPS) has a hard-coded PIN (28296607); Should a user decide to generate a different temporary WPS PIN, Kim writes, it's a weak PIN because it's based on srand(time(0)); The HTTP daemon, qmiweb is a horror that inherits five vulnerabilities from the Quanta device; Its remote firmware over-the-air update mechanism uses hardcoded credentials (qdpc:qdpc, qdpe:qdpe and qdp:qdp); and For the full set of steak knives: the UPnP configuration allows any user on the LAN to add their own port forwarding rules. There's more, but the killer Kim points out is that the router has a big processor and lots of memory, and is so badly secured it would be trivial to recruit it into a botnet. Kim says he contacted D-Link in June, and with no update forthcoming, he says he obtained CERT's advice to publish the vulns. ®

RHSA-2016:1943-2: Important: kvm security update

An update for kvm is now available for Red Hat Enterprise Linux 5.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. KVM (for Kernel-based Virtual Machine) is a full virtualization solution forLinux on x86 hardware. Using KVM, one can run multiple virtual machines runningunmodified Linux or Windows images.

Each virtual machine has private virtualizedhardware: a network card, disk, graphics adapter, etc.Security Fix(es):* An out-of-bounds read/write access flaw was found in the way QEMU's VGAemulation with VESA BIOS Extensions (VBE) support performed read/writeoperations using I/O port methods.

A privileged guest user could use this flawto execute arbitrary code on the host with the privileges of the host's QEMUprocess. (CVE-2016-3710)* Quick Emulator(QEMU) built with the virtio framework is vulnerable to anunbounded memory allocation issue.
It was found that a malicious guest usercould submit more requests than the virtqueue size permits. Processing a requestallocates a VirtQueueElement results in unbounded memory allocation on the hostcontrolled by the guest. (CVE-2016-5403)Red Hat would like to thank Wei Xiao (360 Marvel Team) and Qinghao Tang (360Marvel Team) for reporting CVE-2016-3710 and hongzhenhao (Marvel Team) forreporting CVE-2016-5403. For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258Note: The procedure in the Solution section must be performed before this updatewill take effect.RHEL Desktop Multi OS (v. 5 client) SRPMS: kvm-83-276.el5_11.src.rpm     MD5: 184ec1bd563381d705aece55ff297fc9SHA-256: bee01bdf5d0265082a898780154cfdccacdf5c08a77c1fbcc531f86fc0167bd9   x86_64: kmod-kvm-83-276.el5_11.x86_64.rpm     MD5: 0de0b74e24f36856154c36665a6f2bb2SHA-256: c66d341ccba983fdd9609806746975de54133b6ef8284a8aac343e33219d734a kmod-kvm-debug-83-276.el5_11.x86_64.rpm     MD5: 0731d90a6019acaff8f9a9b497ccd711SHA-256: f8efd16e180a182604754d74f56baa86989c66248dfe9539d1a37c5e03828b80 kvm-83-276.el5_11.x86_64.rpm     MD5: 15239f782cc51109aaa127ca836e6345SHA-256: 0bf2bbdcbe0b8f3dad3533a644eeb3b275087468c1044c46490d5510774108ae kvm-debuginfo-83-276.el5_11.x86_64.rpm     MD5: 3a83aa0ff0be3c22abbcab370567cf9dSHA-256: 4bef7af13a7f6bba4cc137211d2d50b082ed66dc6373cc1cea10332a464fda31 kvm-qemu-img-83-276.el5_11.x86_64.rpm     MD5: 73b60ef46a478029a6521be2731253f3SHA-256: bef7e25d66d9d2363932a464f7e9d9370bc15dc5f247eee02c49455d7bbb36fe kvm-tools-83-276.el5_11.x86_64.rpm     MD5: 65f02b3c895cdd864e3d6f3f279a8404SHA-256: e42334787afae25919b24ddba3228aa032ed5adf6b7e54b6ef07686f8883bc92   RHEL Virtualization (v. 5 server) SRPMS: kvm-83-276.el5_11.src.rpm     MD5: 184ec1bd563381d705aece55ff297fc9SHA-256: bee01bdf5d0265082a898780154cfdccacdf5c08a77c1fbcc531f86fc0167bd9   x86_64: kmod-kvm-83-276.el5_11.x86_64.rpm     MD5: 0de0b74e24f36856154c36665a6f2bb2SHA-256: c66d341ccba983fdd9609806746975de54133b6ef8284a8aac343e33219d734a kmod-kvm-debug-83-276.el5_11.x86_64.rpm     MD5: 0731d90a6019acaff8f9a9b497ccd711SHA-256: f8efd16e180a182604754d74f56baa86989c66248dfe9539d1a37c5e03828b80 kvm-83-276.el5_11.x86_64.rpm     MD5: 15239f782cc51109aaa127ca836e6345SHA-256: 0bf2bbdcbe0b8f3dad3533a644eeb3b275087468c1044c46490d5510774108ae kvm-debuginfo-83-276.el5_11.x86_64.rpm     MD5: 3a83aa0ff0be3c22abbcab370567cf9dSHA-256: 4bef7af13a7f6bba4cc137211d2d50b082ed66dc6373cc1cea10332a464fda31 kvm-qemu-img-83-276.el5_11.x86_64.rpm     MD5: 73b60ef46a478029a6521be2731253f3SHA-256: bef7e25d66d9d2363932a464f7e9d9370bc15dc5f247eee02c49455d7bbb36fe kvm-tools-83-276.el5_11.x86_64.rpm     MD5: 65f02b3c895cdd864e3d6f3f279a8404SHA-256: e42334787afae25919b24ddba3228aa032ed5adf6b7e54b6ef07686f8883bc92   (The unlinked packages above are only available from the Red Hat Network) 1331401 - CVE-2016-3710 qemu: incorrect banked access bounds checking in vga module1358359 - CVE-2016-5403 Qemu: virtio: unbounded memory allocation on host via guest leading to DoS These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Surprise! House Oversight report blames OPM leadership for breach of records

OPM officials did nearly everything wrong as far as security goes and then lied about it, House Oversight Committee Republicans said in a final report on the OPM breach.Photo illustration by Sean Gallagher, based on image by Colin Feds Under Attack: OPM Breach CIA officers pulled from China because of OPM breach US counter-intel czar to hack victims: “raise shields” against spearphishing China and Russia cross-referencing OPM data, other hacks to out US spies Obama administration decides not to blame China publicly for OPM hack Government IT official ran law enforcement data systems for years with faked degrees View more storiesreader comments 19 Share this story A report from the Republican majority on the House Oversight and Government Reform Committee published today places blame for the 2014 and 2015 data breaches at the Office of Personnel Management squarely on the OPM's leadership.

The report finds that the long-time network infiltration that exposed sensitive personal information on about 21.5 million individuals could have been prevented but for "the longstanding failure of OPM's leadership to implement basic cyber hygiene." "Tools were available that could have prevented the breaches, but OPM failed to leverage those tools to mitigate the agency's extensive responsibilities," the report concluded.

And the committee's majority report also asserted that former OPM Chief Information Officer Donna Seymour lied repeatedly during her testimony, misstating how the agency responded to the breach and misleading Congress and the public about the damage done by the attack.

Ars extensively covered the shortfalls in OPM's security last year. The House Oversight report reveals that there were two separate extensive breaches—one beginning as early as November of 2013, which went undiscovered until March 2014 and was finally shut down completely two months later, allowed attackers to obtain manuals and technical information about the types of data stored in OPM systems.

A second attack began shortly afterward, targeting background investigation data, personnel records, and fingerprint data.

These breaches were determined to be likely conducted by the "Axiom Group" and "Deep Panda," respectively, two China-based hacking groups alleged to have ties to the Chinese government.

The attacks used a series of domains—some with OPM-related names (opmsecurity.org and opmlearning.org) and registered under the names of Marvel superheroes Tony Stark (Iron Man) and Steve Rogers (Captain America)—to control malware and exfiltrate stolen data. Ironically, the tool that discovered the ongoing breach, CyFIR from CyTech Services, was never actually purchased by OPM.

Though Seymour told Congress OPM had purchased licenses after a trial in a segregated test network, the tool was actually demonstrated on OPM's live network, and no licenses were ever purchased. OPM officials returned the trial software after deleting images from OPM's own incident response—images that included "more than 11,000 files and directories" of forensic data, the report noted. "Documents and testimony show CyTech provided a service to OPM and OPM did not pay," the report found, noting that this violated federal law against accepting voluntary services. The report recommended that federal agencies "must ensure agency CIOs are empowered, accountable, competent, and retained for more than the current average of two years," and that agencies promptly provide justification to Congress for continuing to use systems when their "authority to operate" (ATO)—the certification that they are operating in compliance with federal information security regulations—lapses.

Eleven of OPM's systems had been operating without an ATO at the time of the breach, in some cases for over a year or more. The report also recommended that OMB and other federal agencies move toward a "zero trust IT security model" where users on the network are treated with the same level of security as users outside the network and that agencies reduce the use of Social Security numbers in identifying employees to reduce the risk of exposure of personal identifying information. Reuters reports that Rep.

Elijah Cummings (D-Md.), the ranking minority member of the House Oversight Committee, rejected the Republicans' report, claiming factual deficiencies. Rep.

Cummings also said that the errors made by OPM's contractors were not sufficiently taken into account in the assessment.

Two OPM contractors were involved in breaches of background investigation data.

RHSA-2016:1655-1: Moderate: qemu-kvm-rhev security update

An update for qemu-kvm-rhev is now available for Red Hat Enterprise LinuxOpenStack Platform 5.0 (Icehouse) for RHEL 7.Red Hat Product Security has rated this update as having a security impact ofModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linuxon AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-spacecomponent for running virtual machines using KVM in environments managed by RedHat Enterprise Virtualization Manager.Security Fix(es):* Quick Emulator(Qemu) built with the Block driver for iSCSI images support(virtio-blk) is vulnerable to a heap buffer overflow issue. It could occur whileprocessing iSCSI asynchronous I/O ioctl(2) calls. A user inside guest could usethis flaw to crash the Qemu process resulting in DoS or potentially leverage itto execute arbitrary code with privileges of the Qemu process on the host.(CVE-2016-5126)* Quick emulator(Qemu) built with the virtio framework is vulnerable to anunbounded memory allocation issue. It was found that a malicious guest usercould submit more requests than the virtqueue size permits. Processing a requestallocates a VirtQueueElement and therefore causes unbounded memory allocation onthe host controlled by the guest. (CVE-2016-5403)Red Hat would like to thank hongzhenhao (Marvel Team) for reportingCVE-2016-5403. For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258After installing this update, shut down all running virtual machines. Once allvirtual machines have shut down, start them again for this update to takeeffect.Red Hat OpenStack 5.0 for RHEL 7 SRPMS: qemu-kvm-rhev-2.3.0-31.el7_2.21.src.rpm     MD5: 388489747503bf7e5679a1334e8edea8SHA-256: a94c0e89ace45eac3032f11f18d6d39953a42c6ee261d2d578600b9a38452dff   x86_64: libcacard-devel-rhev-2.3.0-31.el7_2.21.x86_64.rpm     MD5: b69cefdcf266192b300525fa2a55db44SHA-256: 757414615b1d96df3cea8c01a62ef66975eadfce01f344d8cb4205cd83e6087b libcacard-rhev-2.3.0-31.el7_2.21.x86_64.rpm     MD5: 236884551ff81b5f896399f128998d0bSHA-256: 7c50554554d757cfed5786d347bd66191825effa36184875b0ebcf6c4a39ad79 libcacard-tools-rhev-2.3.0-31.el7_2.21.x86_64.rpm     MD5: cc5e87b0e239b613dcba8c3d52de17f4SHA-256: 60d6c5f595b58134b837fcbfc38e4124c7bb7ff66bc95779a45cd6e9d89c9d3e qemu-img-rhev-2.3.0-31.el7_2.21.x86_64.rpm     MD5: 2528cc222087bd4ee7c9a4ac8bf85d70SHA-256: 4cde725205c07e2397f86948aba8a34258d6a0200abe5e19f4825e86759962ab qemu-kvm-common-rhev-2.3.0-31.el7_2.21.x86_64.rpm     MD5: ff206f645105d15a1cd85c48c5962482SHA-256: 70516a1ac8707862fd95d32ecf8f4f1552f91e509bfc20e6b5570109068d00f6 qemu-kvm-rhev-2.3.0-31.el7_2.21.x86_64.rpm     MD5: 8a92dd969c8696e7531b22fe5e1ed68fSHA-256: f3a9662980f6687eeb37e52174a0cdfed256cc38092dee7d6fbd33a764399926 qemu-kvm-rhev-debuginfo-2.3.0-31.el7_2.21.x86_64.rpm     MD5: 9b5e3c480f49bf2eb5912bdd23b16307SHA-256: e3e9eeb357e7fb33f425308913b12601252caa00f863ba7fd36875ead3bc4e48 qemu-kvm-tools-rhev-2.3.0-31.el7_2.21.x86_64.rpm     MD5: 88d1ebfc3d8e0d7de2110c02e4cabb33SHA-256: 334203df05dafc3e9a043320a0a48a09bcd7bf4f0c1c5e3b1275ff0d118e52ef   (The unlinked packages above are only available from the Red Hat Network) 1340924 - CVE-2016-5126 Qemu: block: iscsi: buffer overflow in iscsi_aio_ioctl1358359 - CVE-2016-5403 Qemu: virtio: unbounded memory allocation on host via guest leading to DoS These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

RHSA-2016:1654-1: Moderate: qemu-kvm-rhev security update

An update for qemu-kvm-rhev is now available for Red Hat Enterprise LinuxOpenStack Platform 6.0 (Juno) for RHEL 7.Red Hat Product Security has rated this update as having a security impact ofModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linuxon AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-spacecomponent for running virtual machines using KVM in environments managed by RedHat Enterprise Virtualization Manager.Security Fix(es):* Quick Emulator(Qemu) built with the Block driver for iSCSI images support(virtio-blk) is vulnerable to a heap buffer overflow issue. It could occur whileprocessing iSCSI asynchronous I/O ioctl(2) calls. A user inside guest could usethis flaw to crash the Qemu process resulting in DoS or potentially leverage itto execute arbitrary code with privileges of the Qemu process on the host.(CVE-2016-5126)* Quick emulator(Qemu) built with the virtio framework is vulnerable to anunbounded memory allocation issue. It was found that a malicious guest usercould submit more requests than the virtqueue size permits. Processing a requestallocates a VirtQueueElement and therefore causes unbounded memory allocation onthe host controlled by the guest. (CVE-2016-5403)Red Hat would like to thank hongzhenhao (Marvel Team) for reportingCVE-2016-5403. For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258After installing this update, shut down all running virtual machines. Once allvirtual machines have shut down, start them again for this update to takeeffect.Red Hat OpenStack 6.0 for RHEL 7 SRPMS: qemu-kvm-rhev-2.3.0-31.el7_2.21.src.rpm     MD5: 388489747503bf7e5679a1334e8edea8SHA-256: a94c0e89ace45eac3032f11f18d6d39953a42c6ee261d2d578600b9a38452dff   x86_64: libcacard-devel-rhev-2.3.0-31.el7_2.21.x86_64.rpm     MD5: b69cefdcf266192b300525fa2a55db44SHA-256: 757414615b1d96df3cea8c01a62ef66975eadfce01f344d8cb4205cd83e6087b libcacard-rhev-2.3.0-31.el7_2.21.x86_64.rpm     MD5: 236884551ff81b5f896399f128998d0bSHA-256: 7c50554554d757cfed5786d347bd66191825effa36184875b0ebcf6c4a39ad79 libcacard-tools-rhev-2.3.0-31.el7_2.21.x86_64.rpm     MD5: cc5e87b0e239b613dcba8c3d52de17f4SHA-256: 60d6c5f595b58134b837fcbfc38e4124c7bb7ff66bc95779a45cd6e9d89c9d3e qemu-img-rhev-2.3.0-31.el7_2.21.x86_64.rpm     MD5: 2528cc222087bd4ee7c9a4ac8bf85d70SHA-256: 4cde725205c07e2397f86948aba8a34258d6a0200abe5e19f4825e86759962ab qemu-kvm-common-rhev-2.3.0-31.el7_2.21.x86_64.rpm     MD5: ff206f645105d15a1cd85c48c5962482SHA-256: 70516a1ac8707862fd95d32ecf8f4f1552f91e509bfc20e6b5570109068d00f6 qemu-kvm-rhev-2.3.0-31.el7_2.21.x86_64.rpm     MD5: 8a92dd969c8696e7531b22fe5e1ed68fSHA-256: f3a9662980f6687eeb37e52174a0cdfed256cc38092dee7d6fbd33a764399926 qemu-kvm-rhev-debuginfo-2.3.0-31.el7_2.21.x86_64.rpm     MD5: 9b5e3c480f49bf2eb5912bdd23b16307SHA-256: e3e9eeb357e7fb33f425308913b12601252caa00f863ba7fd36875ead3bc4e48 qemu-kvm-tools-rhev-2.3.0-31.el7_2.21.x86_64.rpm     MD5: 88d1ebfc3d8e0d7de2110c02e4cabb33SHA-256: 334203df05dafc3e9a043320a0a48a09bcd7bf4f0c1c5e3b1275ff0d118e52ef   (The unlinked packages above are only available from the Red Hat Network) 1340924 - CVE-2016-5126 Qemu: block: iscsi: buffer overflow in iscsi_aio_ioctl1358359 - CVE-2016-5403 Qemu: virtio: unbounded memory allocation on host via guest leading to DoS These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

RHSA-2016:1652-1: Moderate: qemu-kvm-rhev security update

An update for qemu-kvm-rhev is now available for Red Hat Enterprise LinuxOpenStack Platform 5.0 (Icehouse) for RHEL 6.Red Hat Product Security has rated this update as having a security impact ofModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linuxon AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-spacecomponent for running virtual machines using KVM in environments managed by RedHat Enterprise Virtualization Manager.Security Fix(es):* Quick emulator(Qemu) built with the virtio framework is vulnerable to anunbounded memory allocation issue. It was found that a malicious guest usercould submit more requests than the virtqueue size permits. Processing a requestallocates a VirtQueueElement and therefore causes unbounded memory allocation onthe host controlled by the guest. (CVE-2016-5403)Red Hat would like to thank hongzhenhao (Marvel Team) for reporting this issue. For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258After installing this update, shut down all running virtual machines. Once allvirtual machines have shut down, start them again for this update to takeeffect.Red Hat OpenStack 5.0 for RHEL 6 SRPMS: qemu-kvm-rhev-0.12.1.2-2.491.el6_8.3.src.rpm     MD5: 8c1eccc7104b05002873b3878162d968SHA-256: d4647df0eae12399431cfbed9970101576f0356b581fe3ee001c3342c9ff9378   x86_64: qemu-img-rhev-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: 70bb255dc71aa02be4083e62cc817107SHA-256: 9a1daad0b7dcb7a29ce40bfd6de03b3662dae3a3111815539cfe69485942d902 qemu-kvm-rhev-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: ee56349e8709765e9f5011ba2f3409a4SHA-256: 4b5c377626441343a78763b75717dc267baa5fffe1a631f390df268d97571048 qemu-kvm-rhev-debuginfo-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: 1e3698ca942da1bfd944b8aa735b6e31SHA-256: d46df1ca84c21fe43c43fed13ea343a336d553046b7d6b3ed94d837e728b69e6 qemu-kvm-rhev-tools-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: 1678171a69d510a9c031b5e11a93b94bSHA-256: 684c5348555013a4dfb3fb504988e1ff563114eaf66073d8828de3a3e04c7c0c   (The unlinked packages above are only available from the Red Hat Network) 1358359 - CVE-2016-5403 Qemu: virtio: unbounded memory allocation on host via guest leading to DoS These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

RHSA-2016:1585-1: Moderate: qemu-kvm security update

An update for qemu-kvm is now available for Red Hat Enterprise Linux 6.Red Hat Product Security has rated this update as having a security impact ofModerate.

A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linuxon AMD64 and Intel 64 systems.

The qemu-kvm packages provide the user-spacecomponent for running virtual machines using KVM.Security Fix(es):* Quick emulator(Qemu) built with the virtio framework is vulnerable to anunbounded memory allocation issue.
It was found that a malicious guest usercould submit more requests than the virtqueue size permits. Processing a requestallocates a VirtQueueElement and therefore causes unbounded memory allocation onthe host controlled by the guest. (CVE-2016-5403)Red Hat would like to thank hongzhenhao (Marvel Team) for reporting this issue. For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258After installing this update, shut down all running virtual machines. Once allvirtual machines have shut down, start them again for this update to takeeffect.Red Hat Enterprise Linux Desktop (v. 6) SRPMS: qemu-kvm-0.12.1.2-2.491.el6_8.3.src.rpm     MD5: f8cd3ce588eb83994ae2f2b8981e282eSHA-256: ca3f8f44f8609b995fd07cf50644c76342c74d47c6355f41ca693614b1921cea   IA-32: qemu-guest-agent-0.12.1.2-2.491.el6_8.3.i686.rpm     MD5: 4e15c40e35e31cd27c445d58fd186da4SHA-256: 2149c7573a99c3e9186ee9924f387629d2d892e9d4b0a7d05e33409ff2c5d798 qemu-kvm-debuginfo-0.12.1.2-2.491.el6_8.3.i686.rpm     MD5: e1a5aae09a580819696f20b37e884324SHA-256: d7d6f64a9a98fa9c41386b4b855fa30e64e14c14f783e780adc44527db61d841   x86_64: qemu-guest-agent-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: 53243b0a902a37e2c01e75adfbb74426SHA-256: cba5db5ce7f3aacf7afe8f86350d21918be4e57273981519d0009099a8716b5d qemu-img-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: 0b76fd6f32d28cc96181cef0167a9d21SHA-256: fe5db5a73b20bf808d78c2e4e275de779a347099220a09baeeac0fb4d3d2010b qemu-kvm-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: f3e511253678e620fffc002673376ec3SHA-256: ccdb5dcd010cef5d077ddb4d60ecaada5485631f8a180d7bc782e3093fcbc71e qemu-kvm-debuginfo-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: aa5b126bc514d589678ea78b6a533d9aSHA-256: f08a0915f4a4b4e0102e47deb731e0d72488da7cc6cd2a460780661002d2ba9f qemu-kvm-tools-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: 3640fed27890a9cc206eb842bf90b749SHA-256: c611ff7f35d3fb2fd1744b12f70f56184b8512460a959a0d8f45160b72f5e9ba   Red Hat Enterprise Linux HPC Node (v. 6) SRPMS: qemu-kvm-0.12.1.2-2.491.el6_8.3.src.rpm     MD5: f8cd3ce588eb83994ae2f2b8981e282eSHA-256: ca3f8f44f8609b995fd07cf50644c76342c74d47c6355f41ca693614b1921cea   x86_64: qemu-guest-agent-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: 53243b0a902a37e2c01e75adfbb74426SHA-256: cba5db5ce7f3aacf7afe8f86350d21918be4e57273981519d0009099a8716b5d qemu-img-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: 0b76fd6f32d28cc96181cef0167a9d21SHA-256: fe5db5a73b20bf808d78c2e4e275de779a347099220a09baeeac0fb4d3d2010b qemu-kvm-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: f3e511253678e620fffc002673376ec3SHA-256: ccdb5dcd010cef5d077ddb4d60ecaada5485631f8a180d7bc782e3093fcbc71e qemu-kvm-debuginfo-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: aa5b126bc514d589678ea78b6a533d9aSHA-256: f08a0915f4a4b4e0102e47deb731e0d72488da7cc6cd2a460780661002d2ba9f qemu-kvm-tools-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: 3640fed27890a9cc206eb842bf90b749SHA-256: c611ff7f35d3fb2fd1744b12f70f56184b8512460a959a0d8f45160b72f5e9ba   Red Hat Enterprise Linux Server (v. 6) SRPMS: qemu-kvm-0.12.1.2-2.491.el6_8.3.src.rpm     MD5: f8cd3ce588eb83994ae2f2b8981e282eSHA-256: ca3f8f44f8609b995fd07cf50644c76342c74d47c6355f41ca693614b1921cea   IA-32: qemu-guest-agent-0.12.1.2-2.491.el6_8.3.i686.rpm     MD5: 4e15c40e35e31cd27c445d58fd186da4SHA-256: 2149c7573a99c3e9186ee9924f387629d2d892e9d4b0a7d05e33409ff2c5d798 qemu-kvm-debuginfo-0.12.1.2-2.491.el6_8.3.i686.rpm     MD5: e1a5aae09a580819696f20b37e884324SHA-256: d7d6f64a9a98fa9c41386b4b855fa30e64e14c14f783e780adc44527db61d841   PPC: qemu-guest-agent-0.12.1.2-2.491.el6_8.3.ppc64.rpm     MD5: aa3cbf8ad7cccb0ebd0c9bab9676fbc7SHA-256: 9ced1c1d6e4a4f0b4f66ee35a2bbc342acb0c9ecb82dfdafbecd788fee0d19be qemu-kvm-debuginfo-0.12.1.2-2.491.el6_8.3.ppc64.rpm     MD5: 432b563eaadd5947a40fe780eee701a2SHA-256: 180c82ac22f639bfb1845ca9cbb2dfa3fdc5c2733f99c12c7b29da7ff59d43fe   x86_64: qemu-guest-agent-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: 53243b0a902a37e2c01e75adfbb74426SHA-256: cba5db5ce7f3aacf7afe8f86350d21918be4e57273981519d0009099a8716b5d qemu-img-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: 0b76fd6f32d28cc96181cef0167a9d21SHA-256: fe5db5a73b20bf808d78c2e4e275de779a347099220a09baeeac0fb4d3d2010b qemu-kvm-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: f3e511253678e620fffc002673376ec3SHA-256: ccdb5dcd010cef5d077ddb4d60ecaada5485631f8a180d7bc782e3093fcbc71e qemu-kvm-debuginfo-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: aa5b126bc514d589678ea78b6a533d9aSHA-256: f08a0915f4a4b4e0102e47deb731e0d72488da7cc6cd2a460780661002d2ba9f qemu-kvm-tools-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: 3640fed27890a9cc206eb842bf90b749SHA-256: c611ff7f35d3fb2fd1744b12f70f56184b8512460a959a0d8f45160b72f5e9ba   Red Hat Enterprise Linux Workstation (v. 6) SRPMS: qemu-kvm-0.12.1.2-2.491.el6_8.3.src.rpm     MD5: f8cd3ce588eb83994ae2f2b8981e282eSHA-256: ca3f8f44f8609b995fd07cf50644c76342c74d47c6355f41ca693614b1921cea   IA-32: qemu-guest-agent-0.12.1.2-2.491.el6_8.3.i686.rpm     MD5: 4e15c40e35e31cd27c445d58fd186da4SHA-256: 2149c7573a99c3e9186ee9924f387629d2d892e9d4b0a7d05e33409ff2c5d798 qemu-kvm-debuginfo-0.12.1.2-2.491.el6_8.3.i686.rpm     MD5: e1a5aae09a580819696f20b37e884324SHA-256: d7d6f64a9a98fa9c41386b4b855fa30e64e14c14f783e780adc44527db61d841   x86_64: qemu-guest-agent-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: 53243b0a902a37e2c01e75adfbb74426SHA-256: cba5db5ce7f3aacf7afe8f86350d21918be4e57273981519d0009099a8716b5d qemu-img-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: 0b76fd6f32d28cc96181cef0167a9d21SHA-256: fe5db5a73b20bf808d78c2e4e275de779a347099220a09baeeac0fb4d3d2010b qemu-kvm-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: f3e511253678e620fffc002673376ec3SHA-256: ccdb5dcd010cef5d077ddb4d60ecaada5485631f8a180d7bc782e3093fcbc71e qemu-kvm-debuginfo-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: aa5b126bc514d589678ea78b6a533d9aSHA-256: f08a0915f4a4b4e0102e47deb731e0d72488da7cc6cd2a460780661002d2ba9f qemu-kvm-tools-0.12.1.2-2.491.el6_8.3.x86_64.rpm     MD5: 3640fed27890a9cc206eb842bf90b749SHA-256: c611ff7f35d3fb2fd1744b12f70f56184b8512460a959a0d8f45160b72f5e9ba   (The unlinked packages above are only available from the Red Hat Network) 1358359 - CVE-2016-5403 Qemu: virtio: unbounded memory allocation on host via guest leading to DoS These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

RHSA-2016:1224-1: Important: qemu-kvm-rhev security update

An update for qemu-kvm-rhev is now available for RHEV-H and Agents for RHEL-6.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linuxon AMD64 and Intel 64 systems.

The qemu-kvm-rhev package provides the user-spacecomponent for running virtual machines using KVM in environments managed by RedHat Enterprise Virtualization Manager.Security Fix(es):* An out-of-bounds read/write access flaw was found in the way QEMU's VGAemulation with VESA BIOS Extensions (VBE) support performed read/writeoperations using I/O port methods.

A privileged guest user could use this flawto execute arbitrary code on the host with the privileges of the host's QEMUprocess. (CVE-2016-3710)Red Hat would like to thank Wei Xiao (360 Marvel Team) and Qinghao Tang (360Marvel Team) for reporting this issue. For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258After installing this update, shut down all running virtual machines. Once allvirtual machines have shut down, start them again for this update to takeeffect.Red Hat Enterprise Virtualization 3 SRPMS: qemu-kvm-rhev-0.12.1.2-2.479.el6_7.5.src.rpm     MD5: 2afbf76aeaf500850ce21089ab0827a1SHA-256: ba4147116e4fa9d473aea1e976b11e06d762919a76e19738355578620a3925a6   x86_64: qemu-img-rhev-0.12.1.2-2.479.el6_7.5.x86_64.rpm     MD5: 6ed6deaf9832c5efffc0e9249aaae33aSHA-256: 641056376f8292abbdf13b1bd976a001a2c190418e2e9a3261cea6f05ab9405f qemu-kvm-rhev-0.12.1.2-2.479.el6_7.5.x86_64.rpm     MD5: 18ea43c052f77a41b0a8ef0d8b813b9aSHA-256: 47218c781001fa0042028408d2e379815d2a00ca462c1b05d615ee2f6153515e qemu-kvm-rhev-debuginfo-0.12.1.2-2.479.el6_7.5.x86_64.rpm     MD5: ca24aafcbe4329b96b9f9a6273dfbc7cSHA-256: df3eeed73a1354247f475a4a97ef809936eb958083fab5aca6e72322fa18ff16 qemu-kvm-rhev-tools-0.12.1.2-2.479.el6_7.5.x86_64.rpm     MD5: 5a16dca0d3a849a5405f59c6f1b8d605SHA-256: 36dd987e678c6a419afad88bb406d24d98722439930dd51e9ab056a2e44dd195   (The unlinked packages above are only available from the Red Hat Network) 1331401 - CVE-2016-3710 qemu: incorrect banked access bounds checking in vga module These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Cracker hacker 'edits' biggest subreddits

Defacer teaches r/howtohack how to hack with mass defacement spree A seemingly benign Twitter pest has popped what they claim is more than 100 Reddit subreddits including those devoted to the upcoming big ticket Battlefield One game, Marvel Studios, Star Wars, and Game of Thrones. Hugely popular subreddits including pics, and TIFU (today I f**ked up) were also defaced. In keystrokes of irony the hacker using the handle TehBVM (@TehBVM) popped the subreddit How to Hack. Their handiwork appears to be limited to defacements in which subreddit cover images and CSS are messed with to display the hacker's shout outs to other net users. hack teh pwanet https://t.co/Xiu7bdOG3O — BVM (@TehBVM) May 7, 2016 The hacker also appears to have offered moderator accounts on the hacked subreddits. Legitimate moderators have since clawed back control of their subreddits. r/StarWars: Great, kid.

Don't get cocky. No serious black hat activity that would result in compromise of users or disclosure of data appears to have occurred, making the attacks an entertaining lesson in the need for two factor authentication, a security feature that Reddit lacks. Reddit has flagged two factor authentication as a feature it aspires to implement, but is still to produce a beta. TehBVM did not reveal how he she or it compromised the accounts but denied it involved brute force attacks.
It is possible the hacker is testing breached passwords against the accounts to pop weak or reused credentials. The hacker is following in the wake of other Reddit miscreants who have punished the site for its lack of two factor authentication.

Big subreddits have been popped each year from 2013 thanks to poor and reused moderator passwords. ® Sponsored: Rise of the machines