Linux Vulnerabilities of the Week: September 27, 2021

Linux Vulnerabilities of the Week: September 27, 2021

1. Missing input validation in domain names in Node.js

Severity: Critical         CVSS Score: 9.8

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to remote code execution, Cross-site scripting (XSS), application crashes due to missing input validation of hostnames returned by Domain Name Servers in the Node.js DNS library, which can lead to the output of wrong hostnames (leading to Domain hijacking) and injection vulnerabilities in applications using the library.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-22931

2. WebKitGTK vulnerability affecting Red Hat Enterprise Linux 7 and 8

Severity: Important    CVSS Score: 8.8

This is a use-after-free issue in WebKitGTK. Processing maliciously crafted web content may lead to arbitrary code execution.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk. Although its exploitation requires user interaction, it can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-30858

3. The Linux kernel vulnerability affecting Red Hat Enterprise Linux 7 and 8

Severity: Important  CVSS Score: 7.8

This is an out-of-bounds memory write flaw in the Linux kernel’s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. Exploiting this flaw, a local user can crash the system or possibly escalate their privileges on the system.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk. It needs access to the same network as the device, the attack is low complexity, requires low privileges, and no user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3612

4. Possible heap buffer overflow in Vim

Severity: Important   CVSS Score: 7.8

This is a flaw in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk. Although this needs access to the same network as the device, the attack is of low complexity, needs low privileges, and no user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3770

5. Missing enforcement vulnerability in Xen

Severity: Important    CVSS Score: 7.8

Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1.

Freeing such pages requires that the hypervisor enforces that no parallel request can result in the addition of a mapping of such a page to a guest. Due to the missing enforcement, local guests can retain access to pages that were freed and perhaps re-used for other purposes.

Syxscore Risk Alert

This vulnerability has a major risk. Although this needs access to the same network as the device and can be exposed only with a complex attack, it needs low privileges and no user interaction. This vulnerability allows a lateral attack to be made, due to the changed jump point.

  • Attack Vector: Local
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Changed

CVE Reference(s): CVE-2021-28701

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

Recent Posts

Topics

Related Posts

In the News: Why 92% of Security Professionals Worry About Generative AI

In the News: Why 92% of Security Professionals Worry About Generative AI

April 16, 2024
In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

March 29, 2024
In the News: Navigating the new landscape: Understanding and implementing NIST CSF 2.0

In the News: Navigating the new landscape: Understanding and implementing NIST CSF 2.0

March 27, 2024
Syxsense Selected for 2024 CRN Partner Program Guide

Syxsense Selected for 2024 CRN Partner Program Guide

March 25, 2024