Skip to main content
News

Linux Vulnerabilities of the Week: January 10, 2022

By January 10, 2022June 24th, 2022No Comments
||

Linux Vulnerabilities of the Week: January 10, 2022

See this week's top Linux issues and keep your IT environment protected from the latest January 2022 Linux vulnerabilities.

1. Mozilla iframe sandbox rules vulnerability

Severity: Critical         CVSS Score: 10.0

Due to incorrect application of iframe sandbox rules to XSLT stylesheets, an iframe can bypass restrictions such as executing scripts or navigating the top-level frame. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction. Besides, this vulnerability allows a lateral attack to be made, due to the changed jump point.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Changed

CVE Reference(s): CVE-2021-38503

2. Possible buffer overflow in the mod_lua multipart parser affecting Red Hat Enterprise Linux 7 and 8

Severity: Important    CVSS Score: 9.8

A buffer overflow flaw in httpd’s Lua module could allow an out-of-bounds write. The Apache httpd team is not aware of an exploit for the vulnerability though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-44790

3. Remote code execution in Log4j 1.x affecting Red Hat Enterprise Linux 8

Severity: Important    CVSS Score: 7.5

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker’s JNDI LDAP endpoint.

This issue only affects Log4j 1.2 when specifically configured to use JMSAppender, which is not the default. Apache Log4j 1.2 reached the end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this requires a complex attack to be exploited, it can be exposed over any network, with low privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-4104

4. Read buffer overruns processing ASN.1 strings in OpenSSL

Severity: Important    CVSS Score: 7.4

It was found that OpenSSL assumed ASN.1 strings to be NUL terminated. An attacker may be able to force an application into calling OpenSSL function with a specially crafted, non-NUL terminated string to deliberately hit this bug, which may result in a crash of the application, causing a Denial-of-Service attack, or possibly, memory disclosure.

The highest threat from this vulnerability is to data confidentiality and system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this requires a complex attack to be exploited, it can be exposed over any network, with no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3712

5. Python-lxml’s HTML flaw affecting Red Hat Enterprise Linux 8

Severity: Important    CVSS Score: 7.1

There’s a flaw in python-lxml’s HTML Cleaner component, which is responsible for sanitizing HTML and JavaScript.

An attacker who can submit a crafted payload to a web service using python-lxml’s HTML Cleaner may be able to trigger script execution in clients such as web browsers.

The highest threat from this vulnerability is to integrity.

Syxscore Risk Alert

This vulnerability has a major risk as although this requires user interaction to be exploited, it can be exposed over any network, with a low complexity attack, and without privileges. Besides, this vulnerability allows a lateral attack to be made, due to the changed jump point.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Changed

CVE Reference(s): CVE-2021-43818

Leave a Reply