Updates on technologies, trends, and tools
VMware Patches Critical Vulnerabilities
VMware has patched (https://nakedsecurity.sophos.com/2019/04/02/vmware-patches-pwn2own-flaws/) five critical vulnerabilities in its products. The affected products/families include vSphere ESX-i, VMware Workstation Pro/Player, and VMware Fusion Pro/Fusion.
A team of hackers called Fluoroacetate demonstrated exploitation of two flaws at the CanSecWest cybersecurity conference, which took place in Canada.
These two flaws exploited out-of-bounds read/write vulnerability and a time-of-check/time-of-use (TOCTOU) vulnerability in the virtual universal host controller interface used by ESXi, Workstation, and Fusion.
"An attacker must have access to a virtual machine with a virtual USB controller present, the advisory said, adding that it could allow a guest VM to execute code on the host system," said VMware in a security advisory. The good news is that an attacker needs access to a virtual machine with a virtual USB controller present to execute code on the host system.
Two other issues allow code execution on the host from a guest. The fifth vulnerability, which affects the Fusion product, allows an unauthenticated application programming interface (API) access to an application menu through a web socket.
If you use any of these VMware products, please update them now.
More Online
Linux Magazine
Linux Administration Focus
http://www.linux-magazine.com/tags/view/administration
Network Sleuth * Ken Hess
When it comes to network recon, arp-scan allows you to collect device intel quickly and stealthily.
The Eye of Sauron * Mayank Sharma
Use Zabbix to keep tabs on all your machines across the network.
ADMIN HPC
http://www.admin-magazine.com/HPC/
OpenMP * Jeff Layton
The HPC world is racing toward Exascale, resulting in systems with a very large number of cores and accelerators.
Porting Code to OpenACC * Jeff Layton
In previous articles, I talked about how OpenACC can help you parallelize your code and gave a few simple examples of how to use OpenACC directives, but I didn't discuss how to go about porting your code.
ADMIN Online
http://www.admin-magazine.com/
Web Perfect * Andreas Möller
Web Components let you define your own HTML tags to restructure monolithic web pages into smaller services and simplify maintenance and servicing.
Mesh Design * Abe Sharp
Enable free service mesh functionality on your Kubernetes microservice apps with Istio.
Cloud Creator * Grzegorz Juszczak
Today's OpenStack has become a mature product with automated asset configuration tools, including cloud-init, a powerful script that saves time by automatically configuring a large number of virtual servers in the cloud.
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Direct Download
Read full article as PDF:
Price $2.95
News
-
The First Point Release For Ubuntu 22.04 is Now Available
Canonical has released the first point upgrade for Jammy Jellyfish which includes important new toolchains and fixes.
-
Kali Linux 2022.3 Released
From the creators of the most popular penetration testing distributions on the planet, comes a new release with some new tools and a community, real-time chat option.
-
The 14" Pinebook Pro Linux Laptop is Shipping
After a considerable delay, the 14" version of the Pinebook Pro laptop is, once again, available for purchase.
-
OpenMandriva Lx ROME Technical Preview Released
OpenMandriva’s rolling release distribution technical preview has been released for testing purposes and adds some of the latest/greatest software into the mix.
-
Linux Mint 21 is Now Available
The latest iteration of Linux Mint, codenamed Vanessa, has been released with a new upgrade tool and other fantastic features.
-
Firefox Adds Long-Anticipated Feature
Firefox 103 has arrived and it now includes a feature users have long awaited…sort of.
-
System76 Refreshes Their Popular Oryx Pro Laptop with a New CPU
The System76 Oryx Pro laptop has been relaunched with a 12th Gen CPU and more powerful graphics options.
-
Elive Has Released a New Beta
The Elive team is proud to announce the latest beta version (3.8.30) of its Enlightenment-centric Linux distribution.
-
Rocky Linux 9 Has Arrived
The latest iteration of Rocky Linux is now available and includes a host of new features and support for new architecture.
-
Slimbook Executive Linux Ultrabook Upgrading Their CPUs
The Spanish-based company, Slimbook, has made available their next generation Slimbook Executive Linux ultrabooks with a 12th Gen Intel Alder Lake CPU.