每日安全动态推送(7-2)

文章预览

Tencent Security Xuanwu Lab Daily News •  oss-security - CVE-2024-6387: RCE in OpenSSH's server, on glibc-based Linux systems: https://www.openwall.com/lists/oss-security/2024/07/01/3    ・   OpenSSH的服务器在基于glibc的Linux系统上存在CVE-2024-6387漏洞，可能导致远程代码执行  –  SecTodayBot •  Pixel Tablet Dock (korlan) Secure Boot Bypass: https://oddsolutions.github.io/Pixel-Tablet-Dock-Secure-Boot-Bypass/    ・   一系列漏洞利用链，用于在Google Pixel Tablet Dock上运行自定义操作系统/未签名代码  –  SecTodayBot •  Model Extraction from Neural Networks: https://www.schneier.com/blog/archives/2024/07/model-extraction-from-neural-networks.html    ・   使用差分密码分析技术从神经网络中提取模型权重的方法  –  SecTodayBot •  Automata in Action: New Vulnerabilities Discovered in HP UEFI: https://eclypsium.com/blog/automata-in-action-new-vulnerabilities-discovered-in-hp-uefi/     ………………………………