Linux Vulnerabilities of the Week: August 9, 2021
1. Command injection vulnerability in RDoc 3.11 affecting Red Hat Enterprise Linux 8
Severity: Critical CVSS Score: 9.8
This is an operating system command injection in RDoc.
A remote unprivileged attacker can use the RDoc command to generate documentation for a malicious Ruby source code, and this can result in arbitrary commands execution with the privileges of the user running RDoc.
The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Syxscore Risk Alert
This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope (Jump Point): Unchanged
CVE Reference(s): CVE-2021-31799
2. A use-after-free vulnerability in WebKitGTK 2.30.4
Severity: Important CVSS Score: 8.8
Due to this flaw, if a remote attacker tricks a local user into visiting a specially crafted malicious webpage, it can result in a potential data leak and further memory corruption.
The highest threat from this vulnerability is to data confidentiality and integrity.
Syxscore Risk Alert
This vulnerability has a major risk as though it requires user interaction to be exploited, this can be exposed over any network, with a low complexity attack, and without privileges.
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope (Jump Point): Unchanged
CVE Reference(s): CVE-2021-21775
3. A heap out-of-bounds write in net/netfilter/x_tables.c affecting Red Hat Enterprise Linux 7 and 8
Severity: Important CVSS Score: 7.8
This is a flaw in processing setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) for 32-bit processes on 64-bit systems.
Exploiting this flaw, a local user can gain privileges or cause a DoS through username space. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled with CONFIG_USER_NS and CONFIG_NET_NS and the user is granted elevated privileges.
The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Syxscore Risk Alert
This vulnerability has a high risk as though it needs access to the same network as the device, and requires some privileges to be exploited, it can be exposed with a low complexity attack and without user interaction.
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope (Jump Point): Unchanged
CVE Reference(s): CVE-2021-22555
4. An out-of-bounds memory write flaw in the Linux kernel’s joystick devices subsystem
Severity: Important CVSS Score: 7.8
Exploiting this flaw, a local user can crash the system or escalate their privileges on the system.
The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Syxscore Risk Alert
This vulnerability has a high risk as though it needs access to the same network as the device, and requires some privileges to be exploited, it can be exposed with a low complexity attack and without user interaction.
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope (Jump Point): Unchanged
CVE Reference(s): CVE-2021-3612
5. An infinite loop in apache-commons-compress affecting Red Hat Enterprise Linux 7 and 8
Severity: Important CVSS Score: 7.5
When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This flaw allows the mounting of a denial-of-service attack against services that use Compress’ SevenZ package.
The highest threat from this vulnerability is to system availability.
Syxscore Risk Alert
This vulnerability has a major risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope (Jump Point): Unchanged
CVE Reference(s): CVE-2021-35515
Try Linux Patching with Syxsense
Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.