Updates on technologies, trends, and tools
VMware Patches Critical Vulnerabilities
VMware has patched (https://nakedsecurity.sophos.com/2019/04/02/vmware-patches-pwn2own-flaws/) five critical vulnerabilities in its products. The affected products/families include vSphere ESX-i, VMware Workstation Pro/Player, and VMware Fusion Pro/Fusion.
A team of hackers called Fluoroacetate demonstrated exploitation of two flaws at the CanSecWest cybersecurity conference, which took place in Canada.
These two flaws exploited out-of-bounds read/write vulnerability and a time-of-check/time-of-use (TOCTOU) vulnerability in the virtual universal host controller interface used by ESXi, Workstation, and Fusion.
"An attacker must have access to a virtual machine with a virtual USB controller present, the advisory said, adding that it could allow a guest VM to execute code on the host system," said VMware in a security advisory. The good news is that an attacker needs access to a virtual machine with a virtual USB controller present to execute code on the host system.
Two other issues allow code execution on the host from a guest. The fifth vulnerability, which affects the Fusion product, allows an unauthenticated application programming interface (API) access to an application menu through a web socket.
If you use any of these VMware products, please update them now.
More Online
Linux Magazine
Linux Administration Focus
http://www.linux-magazine.com/tags/view/administration
Network Sleuth * Ken Hess
When it comes to network recon, arp-scan allows you to collect device intel quickly and stealthily.
The Eye of Sauron * Mayank Sharma
Use Zabbix to keep tabs on all your machines across the network.
ADMIN HPC
http://www.admin-magazine.com/HPC/
OpenMP * Jeff Layton
The HPC world is racing toward Exascale, resulting in systems with a very large number of cores and accelerators.
Porting Code to OpenACC * Jeff Layton
In previous articles, I talked about how OpenACC can help you parallelize your code and gave a few simple examples of how to use OpenACC directives, but I didn't discuss how to go about porting your code.
ADMIN Online
http://www.admin-magazine.com/
Web Perfect * Andreas Möller
Web Components let you define your own HTML tags to restructure monolithic web pages into smaller services and simplify maintenance and servicing.
Mesh Design * Abe Sharp
Enable free service mesh functionality on your Kubernetes microservice apps with Istio.
Cloud Creator * Grzegorz Juszczak
Today's OpenStack has become a mature product with automated asset configuration tools, including cloud-init, a powerful script that saves time by automatically configuring a large number of virtual servers in the cloud.
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
US / Canada
UK / Australia
Direct Download
Read full article as PDF:
Price $2.95
News
-
Microsoft Brings procmon to Linux
The creators of Windows have brought the sysinternals procmon tool to the open source operating system.
-
New KDE Slimbook Available
The makers of the KDE Slimbook have released a Ryzen-4000 powered laptop.
-
PinePhone Now Offers a Convergence Package
The makers of the Linux PinePhone are now offering a model that makes desktop/mobile convergence a reality.
-
Flutter is Coming to Linux
Google and Canonical have joined forces to bring Flutter to the Linux desktop.
-
Purism Launches a Mini PC
The makers of the Librem line of Linux-based laptops have released a mini PC.
-
openSUSE Leap 15.2 Adds AI Machine Learning
With the new release of openSUSE Leap comes some exciting new features, including machine learning.
-
Google’s Nearby Sharing Could Work with Linux
Google’s answer to Apple’s AirDrop feature is rumored to work with the Linux desktop.
-
System76 Launches Ryzen-Powered Laptop
The new System76 Serval WS includes a powerful AMD Ryzen CPU.
-
Linux Mint Drops Snap
Linux Mint has officially dropped their support for Canonical’s snap packages.
-
Lenovo Upping Their Linux Support
Lenovo is now offering full certification and Linux preinstalled hardware.