Linux Vulnerabilities of the Week: May 10, 2021
1. Resource exhaustion because of receiving an invalid large TLS frame in Eclipse Jetty
Severity: Important CVSS Score: 7.5
This is a vulnerability in Eclipse Jetty. When using SSL/TLS with Jetty, the server may receive an invalid large TLS frame that will be incorrectly handled, causing the situation that CPU usage reaches 100%.
The highest threat from this vulnerability is to service availability.
Syxscore Risk Alert
This vulnerability has a high risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope (Jump Point): Unchanged
CVE Reference(s): CVE-2021-28165
2. The Bind 9 vulnerability
Severity: Important CVSS Score: 7.5
This is a flaw in Bind due to which an assertion check fails when answering queries for DNAME records that require the DNAME to be processed to resolve itself.
The highest threat from this flaw is to system availability.
Syxscore Risk Alert
This vulnerability has a high risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope (Jump Point): Unchanged
CVE Reference(s): CVE-2021-25215
3. A SMLLexer infinite loop flaw affecting Red Hat Enterprise Linux 8
Severity: Important CVSS Score: 7.5
This is an infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 that may lead to denial of service when performing syntax highlighting of an SML source file, as demonstrated by the input that only contains the “exception” keyword.
The highest threat from this flaw is to system availability.
Syxscore Risk Alert
This vulnerability has a high risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope (Jump Point): Unchanged
CVE Reference(s): CVE-2021-20270
4. Unauthorized global ID reuse in Ceph (<2.20)
Severity: Important CVSS Score: 7.2
This is an authentication flaw in ceph. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn’t sanitize other_keys, allowing key reuse.
As ceph does not force the reuse of old keys to generate new ones, when an attacker requests a global_id, they can exploit the ability of any user to request a global_id that was associated with another user before.
The highest threat from this vulnerability is to data confidentiality and system availability.
Syxscore Risk Alert
This vulnerability has a high risk as though its exploitation requires high privileges, this can be exposed over any network, with low complexity, and without user interaction.
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: High
- User Interaction: None
- Scope (Jump Point): Unchanged
CVE Reference(s): CVE-2021-20288
5. Possible request smuggling in HTTP/2 in Netty (<1.60.Final)
Severity: Medium CVSS Score: 5.9
This is a vulnerability in Netty that allows an attacker to smuggle requests inside the application’s body as it gets downgraded from HTTP/2 to HTTP/1.1
Syxscore Risk Alert
This vulnerability has a moderate risk as though it requires a complex attack it can be exposed over any network with no privileges and without user interaction.
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: None
- Scope (Jump Point): Unchanged
CVE Reference(s): CVE-2021-21295
Try Linux Patching with Syxsense
Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.
