Linux Vulnerabilities of the Week: July 5, 2021

Linux Vulnerabilities of the Week: July 5, 2021

1. Apache httpd mod_session heap overflow affecting Red Hat Enterprise Linux 8

Severity: Critical         CVSS Score: 9.8

In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow. The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-26691

  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-26691

2. A use-after-free in Libxml2 (< 2.9.11)

Severity: Important    CVSS Score: 8.8

There’s a flaw in libxml2. An attacker can submit a crafted file to be processed by an application linked with libxml2 to trigger a use-after-free. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although it requires user interaction, it can be exposed over any network, with a low complexity attack, and without privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3518

3. Apache Tomcat vulnerability (incomplete fix for CVE-2020-9484)

Severity: Important  CVSS Score: 7.0

This is a flaw in Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103. When using Apache Tomcat with a configuration edge case that was highly unlikely to be used, and creating a specifically crafted request, the attacker can  trigger remote code execution via deserialization of the file under their control. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a high risk as though it needs access to the same network as the device, requires some privileges, and a complex attack to be exploited, it can be exposed without user interaction.

  • Attack Vector: Local
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-25329

4. Mozilla OpenPGP secret keys flaw

Severity: Medium       CVSS Score: 4.3

OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user’s local disk. The master password protection was inactive for those keys. This vulnerability affects Thunderbird < 78.10.2. The highest threat from this vulnerability is to data confidentiality.

Syxscore Risk Alert

This vulnerability has a moderate risk as although it requires user interaction, it can be exposed over any network, with a low complexity attack, and without privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-29956

5. TELNET stack contents disclosure in curl affecting Red Hat Enterprise Linux 8

Severity: Low  CVSS Score: 3.1

This is a flaw in curl. The vulnerability in the option parser for sending NEW_ENV variables libcurl can pass uninitialized data from a stack-based buffer to the server. This issue leads to potentially revealing sensitive internal information to the server using a clear-text network protocol. The highest threat from this vulnerability is to data confidentiality.

Syxscore Risk Alert

This vulnerability has a low risk as though it can be exposed over any network with no privileges, it requires a complex attack and user interaction to be exploited.

  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-22898

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

Recent Posts

Topics

Related Posts

In the News: Brute-force attacks surge worldwide, warns Cisco Talos

In the News: Brute-force attacks surge worldwide, warns Cisco Talos

April 17, 2024
In the News: Why 92% of Security Professionals Worry About Generative AI

In the News: Why 92% of Security Professionals Worry About Generative AI

April 16, 2024
In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

March 29, 2024
In the News: Navigating the new landscape: Understanding and implementing NIST CSF 2.0

In the News: Navigating the new landscape: Understanding and implementing NIST CSF 2.0

March 27, 2024