Preface: TEE is an area on the chipset that works like a TPM, but is not physically isolated from the rest of the chip.

Background: The Trusted Execution Environment (TEE) is a secure area within the main processor. As an isolation environment, it ensures that the code and data loaded in the TEE are protected from software attacks and vulnerabilities in the Rich Execution Environment (REE).
How Samsung Blockchain Keystore leverages TEE? Samsung Blockchain Keystore SDK allows your Android DApp to communicate directly with Samsung Blockchain Keystore, a preloaded feature on selected Galaxy devices.
Developers can use an API provided by the Samsung Blockchain Keystore to check if a user is ready to use Samsung Blockchain Keystore. If the user has not created a wallet yet, developers can direct the user to create a new wallet to leverage Samsung Blockchain Keystore features.

Vulnerability details: Out-of-bounds Read vulnerability while processing CMD_COLDWALLET_BTC_SET_PRV_UTXO in bc_core trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.

Official announcement: For details, please refer to the link – https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=05

Preface: In former design weakness, attacker can smuggle commands using backticks in the “Name” field of the SAML Server configuration page. These commands are then executed as the root user of the underlying operating system.
This article a speculation, since vendor do not have technical details provided in this CVE record.

Background: FortiADC is an advanced Application Delivery Controller (ADC) that ensures application availability, application security, and application optimization.

For example: Configure a SAML service provider
To configure an SP, you must have the required IDP metadata file imported into FortiADC ahead of time.

• Click User Authentication > SAML.
• Select the SAML Service Providers tab, if it is not selected.
• Click Create New to open the SAML Service Providers configuration editor.
• Configure the settings.

Vulnerability details: An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 7.2.0, 7.1.0 through 7.1.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.

Official Announcement: See the link below for details – https://cve.report/CVE-2023-27999

Preface: The product does not sufficiently track and release allocated memory after it has been used. Such design weakness will belongs to CWE-401.

Background: Snapdragon Heterogeneous Compute SDK: provides developers with the ability to allocate work to any of the three processors on Snapdragon. The SDK provides C++ API’s for the Kryo CPU and Adreno GPU, the latter of which interacts through OpenGL and OpenCL calls.

Vulnerability details: Improper Release of Memory Before Removing Last Reference (`Memory Leak`) in Graphics.

Solution: Official announcement, please refer to the link – https://git.codelinaro.org/clo/la/kernel/msm-4.19/-/commit/9968fcdd9d1c853d0c6472307510a81f5db398da

Preface: In order to avoid vulnerabilities, cloud service providers have their hands full!

Background: It will be open-sourced under the name of StreamX in April 2021, renamed StreamPark in August 2022, and then formally become an incubation project of the Apache Open Source Software Foundation through voting in September.
StreamPark is a streaming application development framework. Aimed at ease building and managing streaming applications, StreamPark provides development framework for writing streaming process application with Apache Flink and Apache Spark.
Apache Spark and Apache Flink are two of the most popular tools used for machine learning and data science.
Known for its speed and scalability, Apache Spark can handle a wide variety of workloads, including batch processing, stream processing, and machine learning. On the other hand, Apache Flink is designed for real-time data processing and optimized for low latency and high throughput.

Vulnerability details: Apache StreamPark (incubating): Logic error causing any account reset.

Affected products: Apache StreamPark 1.0.0 before 2.0.0

Official announcement: For details, please refer to the link – https://nvd.nist.gov/vuln/detail/CVE-2022-46365

Preface: Open source software fosters collaboration. As such, open source software will continue to play a key role in modern software development.

Background: cloud-init is a software package that automates the initialization of cloud instances during system boot. You can configure cloud-init to perform a variety of tasks. Cloud-init is a service used for customizing Linux-based operating systems in the cloud.
Cloud-init is the service that is installed inside the instance and cloud-config are a set of scripts that are executed as soon as the instance is started. Cloud-config is the language of the scripts that cloud-init knows to execute. cloud-init is developed and released as free software under both the GPLv3 open source license and the Apache License version 2.0.

Vulnerability details: Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege. (CVE-2023-1786)

Official announcement: For details, please refer to the relevant link – https://linux.oracle.com/errata/ELSA-2023-12298.html

Reference: With structured logging, your logs are relational data sets, like key/value pairs, rather than just text. Structured logging has the advantage of being more easily searched and analyzed. It can also help with keeping sensitive data out of your logs.
The most common structured logging format is JSON since it is the standard message format for every message parsing between systems and within applications.
Understand that, it is require tool convert Common Event Format (CEF) to JSON .
Perhaps there is other solution it can help. For example: Fix log file permissions.

Preface: If a website is hacked, cyber criminals don’t get access to your password. Instead, they just get access to the encrypted “hash” created by your password. Talking about hash algotithms, For example, MD5, SHA1, and so on.
The length of a hash is always a constant, irrespective of the length of the input. For example, if we use the MD5 algorithm and hash two strings like “Password123” and “HelloWorld1234”, the final hash will have a fixed length.
To enforce security and protect hashes from attacks, use strong passwords and salts before hashing passwords.

Background: Metal³ works as a Kubernetes application, it runs on Kubernetes and is managed through Kubernetes interfaces. Metal³ provides Platform9 uses a truly unified operating model by providing bare metal host provisioning integration for Kubernetes.

Bare Metal Operator

• Define and manage BareMetaHost as Custom Resource(CR) in Kubernetes
• Handles reconciling the BareMetaHost with Ironic API underneath

Reference:
The bmc fields contain the connection information for the BMC (Baseboard Management Controller) on the host.
The sub-fields are
• address — The URL for communicating with the BMC controller, based on the provider being used. See below for more details.
• credentialsName — A reference to a secret containing the username and password for the BMC.
• disableCertificateVerification — A boolean to skip certificate validation when true.

Vulnerability details: Baremetal Operator (BMO) is a bare metal host provisioning integration for Kubernetes. Prior to version 0[.]3[.]0, ironic and ironic-inspector deployed within Baremetal Operator using the included deploy[.]sh store their [.]htpasswd files as ConfigMaps instead of Secrets. This causes the plain-text username and hashed password to be readable by anyone having a cluster-wide read-access to the management cluster, or access to the management cluster’s Etcd storage.

Solution:This issue is patched in baremetal-operator PR#1241, and is included in BMO release 0.3.0 onwards. As a workaround, users may modify the kustomizations and redeploy the BMO, or recreate the required ConfigMaps as Secrets per instructions in baremetal-operator PR#1241.

Official details: For details, please refer to the link – https://nvd.nist.gov/vuln/detail/CVE-2023-30841

Preface: In next generation of computing technology, perhaps this so called next generation has came. Any software or hardware design weakness will affected our daily life. It looks that man kind does not have choice, an intangible force push the world to that zone. The situations similar gravity in our earth.

Background: Parallel processing is a method in computing of running two or more processors (CPUs) to handle separate parts of an overall task. Breaking up different parts of a task among multiple processors will help reduce the amount of time to run a program. GPUs render images more quickly than a CPU because of its parallel processing architecture, which allows it to perform multiple calculations across streams of data simultaneously. The CPU is the brain of the operation, responsible for giving instructions to the rest of the system, including the GPU(s).

NVIDIA CUDA provides a simple C/C++ based interface. The CUDA compiler leverages parallelism built into the CUDA programming model as it compiles your program into code.
CUDA is a parallel computing platform and programming interface model created by Nvidia for the development of software which is used by parallel processors. It serves as an alternative to running simulations on traditional CPUs.

The CUDA Toolkit targets a class of applications whose control part runs as a process on a general purpose computing device, and which use one or more NVIDIA GPUs as coprocessors for accelerating single program, multiple data (SPMD) parallel jobs. Such jobs are self-contained, in the sense that they can be executed and completed by a batch of GPU threads entirely without intervention by the host process, thereby gaining optimal benefit from the parallel graphics hardware.

Vulnerability details (CVE[‑]2023[‑]25512, CVE[‑]2023[‑]25513 & CVE[‑]2023[‑]25514): NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by tricking a user into running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure.

Official announcement: Please refer to the supplier announcement for details – https://nvidia.custhelp.com/app/answers/detail/a_id/5456

Preface: The goal is to make internal adjustment to the design of security classes (including the SecurityManager and ClassLoader classes) to reduce the risks of creating subtle security holes in future programming.

Background: The Java Secure Socket Extension (JSSE) enables secure Internet communications. It provides a framework and an implementation for a Java version of the SSL and TLS protocols and includes functionality for data encryption, server authentication, message integrity, and optional client authentication.
JSSE provides both an application programming interface (API) framework and an implementation of that API. The JSSE API supplements the core network and cryptographic services defined by the java.security and java.net packages by providing extended networking socket classes, trust managers, key managers, SSL contexts, and a socket factory framework for encapsulating socket creation behavior. Because the SSLSocket class is based on a blocking I/O model, the Java Development Kit (JDK) includes a nonblocking SSLEngine class to enable implementations to choose their own I/O methods.

Vulnerability details: This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs.

Impact: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1.

Official announcement: Refer the link for details – https://nvd.nist.gov/vuln/detail/CVE-2023-21930

Preface: cURL command is an important Linux tool, commonly used for data transfer and connection troubleshooting.

Background: EC2 Instance – Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing capacity in the Amazon Web Services (AWS) Cloud. Using Amazon EC2 eliminates your need to invest in hardware up-front so that you can develop and deploy applications faster.
Best Practices for Building AMI:
Check port settings as follows:

• Linux-based AMIs – Ensure that a valid SSH port is open. The default SSH port is 22.
• Windows-based AMIs – Ensure that an RDP port is open. The default RDP port is 3389. Also, the WinRM port (5985 by default) must be open to 10.0.0.0/16.
  Ensure that your AMI meets all AWS Marketplace policies, including disabling root login.

Vulnerability details: An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.

Official details: For details, please refer to the link – https://nvd.nist.gov/vuln/detail/CVE-2023-27536

Preface: Every day on earth, there is a vulnerable presence in the digital world. This penguin make your life easily, sometimes it was not good. But this is the life cycle of our digital world.

Background: This driver (X-Gene SLIMpro I2C Driver) provides support for X-Gene SLIMpro I2C device access using the APM X-Gene SLIMpro mailbox driver.

Historical details: In November of 2016, AppliedMicro was acquired by MACOM.
On Jan 2021, X-Gene 3 has re-launched by Ampere under the eMAG family.
Ampere Computing LLC is an American fabless semiconductor company based in Santa Clara, California that develops cloud native server microprocessors (CNPs).

Third-generation of X-Gene processors were announced in 2016 and started sampling in 2017. X-Gene 3 processors are based on the Skylark microarchitecture and were fabricated on TSMC’s 16 nm process. AppliedMicro made large changed to the system architecture of the chip and some minor changes to the core. The chip design shifted from incorporating an array of accelerators on-die to offering a large set of I/O (mostly PCIe lanes) so that high-performance PCIe-based accelerators could be attached instead. In 2017 AppliedMicro sold the X-Gene assets to Ampere Computing and consequently discontinued the X-Gene line. X-Gene 3 has re-launched by Ampere under the eMAG family.

Vulnerability details: An out-of-bounds write vulnerability was found in the Linux kernel’s SLIMpro I2C device driver. The userspace “data->block[0]” variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.

Official details: Please refer to the link – https://github.com/torvalds/linux/commit/92fbb6d1296f