Skip to main content
News

Linux Vulnerabilities of the Week: July 5, 2021

By July 5, 2021November 11th, 2022No Comments
||

Linux Vulnerabilities of the Week: July 5, 2021

See this week's top Linux issues and keep your IT environment protected from the latest July Linux vulnerabilities.

1. Apache httpd mod_session heap overflow affecting Red Hat Enterprise Linux 8

Severity: Critical         CVSS Score: 9.8

In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow. The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-26691

  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-26691

2. A use-after-free in Libxml2 (< 2.9.11)

Severity: Important    CVSS Score: 8.8

There’s a flaw in libxml2. An attacker can submit a crafted file to be processed by an application linked with libxml2 to trigger a use-after-free. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although it requires user interaction, it can be exposed over any network, with a low complexity attack, and without privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3518

3. Apache Tomcat vulnerability (incomplete fix for CVE-2020-9484)

Severity: Important  CVSS Score: 7.0

This is a flaw in Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103. When using Apache Tomcat with a configuration edge case that was highly unlikely to be used, and creating a specifically crafted request, the attacker can  trigger remote code execution via deserialization of the file under their control. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a high risk as though it needs access to the same network as the device, requires some privileges, and a complex attack to be exploited, it can be exposed without user interaction.

  • Attack Vector: Local
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-25329

4. Mozilla OpenPGP secret keys flaw

Severity: Medium       CVSS Score: 4.3

OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user’s local disk. The master password protection was inactive for those keys. This vulnerability affects Thunderbird < 78.10.2. The highest threat from this vulnerability is to data confidentiality.

Syxscore Risk Alert

This vulnerability has a moderate risk as although it requires user interaction, it can be exposed over any network, with a low complexity attack, and without privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-29956

5. TELNET stack contents disclosure in curl affecting Red Hat Enterprise Linux 8

Severity: Low  CVSS Score: 3.1

This is a flaw in curl. The vulnerability in the option parser for sending NEW_ENV variables libcurl can pass uninitialized data from a stack-based buffer to the server. This issue leads to potentially revealing sensitive internal information to the server using a clear-text network protocol. The highest threat from this vulnerability is to data confidentiality.

Syxscore Risk Alert

This vulnerability has a low risk as though it can be exposed over any network with no privileges, it requires a complex attack and user interaction to be exploited.

  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-22898

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Leave a Reply