Skip to main content
News

Linux Vulnerabilities of the Week: November 1, 2021

By November 2, 2021November 11th, 2022No Comments
||

Linux Vulnerabilities of the Week: November 1, 2021

See this week's top Linux issues and keep your IT environment protected from the latest October Linux vulnerabilities.

1. Unsafe deserialization of Xalan xsltc.trax.TemplatesImpl in XStream

Severity: Important    CVSS Score: 8.8

XStream is a simple library, used to serialize objects to XML and back again. This is a flaw in the mentioned library that allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. Users who followed the recommendation to set up XStream’s security framework with a whitelist limited to the minimal required types are not affected.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, low privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-39139

2. A heap buffer overflow in Redis

Severity: Important    CVSS Score: 8.8

This is a heap buffer overflow in Redis, an open-source, in-memory database that persists on disk. In all versions of Redis with Lua scripting support, starting from 2.6, specially crafted Lua scripts can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result in heap corruption and potentially remote code execution.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, low privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-32626

3. Insufficiently restricted permissions in Containerd (< 1.4.11)

Severity: Important    CVSS Score: 7.8

It is a flaw in Containerd where container root directories and some plugins had insufficiently restricted permissions. Unprivileged Linux users can exploit this vulnerability to traverse directory contents and execute programs.

This vulnerability has been fixed in Containerd 1.4.11 and Containerd 1.5.7. Users should update to one of these versions when they are released and may restart containers or update directory permissions to mitigate the vulnerability. Users unable to update should limit access to the host to trusted users.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, this can be exposed with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-41103

4. Local privilege escalation via PHP-FPM affecting Red Hat Enterprise Linux 8

Severity: Important   CVSS Score: 7.8

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, this can be exposed with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-21703

5. Excessive memory allocation in RTFReader in OpenJDK affecting Red Hat Enterprise Linux 8

Severity: Medium       CVSS Score: 5.3

This is an easily exploitable flaw in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE that allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can lead to unauthorized ability to cause a partial denial of service of Java SE, Oracle GraalVM Enterprise Edition.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a moderate risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-35559

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Leave a Reply