Monthly Archives: November 2009

CVE-2009-4031 (linux_kernel)

The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel before 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support.

Paul’s Security Weekly – Episode 176 Part 1 – November 19, 2009

In Part one of the episode we interview the CTO of Cenzic, Lars Ewe. Paul butchers the pronunciation of his last name, but Lars sticks around to talk shop, discuss web application vulnerabilities, same origin polices, and the recent controversey over the latest trends report.

Full Show Notes

Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand, Mick Douglas, Carlos "Dark0perator" Perez

Paul’s Security Weekly – Episode 174 Part 2 – November 5, 2009

Larry finishes up a tech segment on Mass 0wnage with Jaseger and complimentary tools, and we discuss the stories of the week, including why MS patch Tuesday is a bad idea and tons of other hacks, tips, ticks, and security fail.

Full Show Notes

Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand, Mick Douglas, Carlos "Dark0perator" Perez

Paul’s Security Weekly – Episode 173 Part 1 – October 29, 2009

Paul, Larry, John, Mick, and Carlos are joined by a wide array of guests, including Anthony Jacobin (talking about Barcrawl a tool for scouring pastebin for interesting stuff), the entire Security Justice crew, Jack Daniel, and last, but not least (at least that's what we tell him) intern Darren!

Full Show Notes

Hosts: Larry "HaxorTheMatrix" Pesce, Paul Asadoorian, John Strand, Mick Douglas, Carlos "Dark0perator" Perez