Linux Vulnerabilities of the Week: November 1, 2021

Linux Vulnerabilities of the Week: November 1, 2021

1. Unsafe deserialization of Xalan xsltc.trax.TemplatesImpl in XStream

Severity: Important    CVSS Score: 8.8

XStream is a simple library, used to serialize objects to XML and back again. This is a flaw in the mentioned library that allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. Users who followed the recommendation to set up XStream’s security framework with a whitelist limited to the minimal required types are not affected.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, low privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-39139

2. A heap buffer overflow in Redis

Severity: Important    CVSS Score: 8.8

This is a heap buffer overflow in Redis, an open-source, in-memory database that persists on disk. In all versions of Redis with Lua scripting support, starting from 2.6, specially crafted Lua scripts can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result in heap corruption and potentially remote code execution.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, low privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-32626

3. Insufficiently restricted permissions in Containerd (< 1.4.11)

Severity: Important    CVSS Score: 7.8

It is a flaw in Containerd where container root directories and some plugins had insufficiently restricted permissions. Unprivileged Linux users can exploit this vulnerability to traverse directory contents and execute programs.

This vulnerability has been fixed in Containerd 1.4.11 and Containerd 1.5.7. Users should update to one of these versions when they are released and may restart containers or update directory permissions to mitigate the vulnerability. Users unable to update should limit access to the host to trusted users.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, this can be exposed with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-41103

4. Local privilege escalation via PHP-FPM affecting Red Hat Enterprise Linux 8

Severity: Important   CVSS Score: 7.8

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, this can be exposed with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-21703

5. Excessive memory allocation in RTFReader in OpenJDK affecting Red Hat Enterprise Linux 8

Severity: Medium       CVSS Score: 5.3

This is an easily exploitable flaw in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE that allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can lead to unauthorized ability to cause a partial denial of service of Java SE, Oracle GraalVM Enterprise Edition.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a moderate risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-35559

Recent Posts

Topics

Related Posts

In the News: Brute-force attacks surge worldwide, warns Cisco Talos

In the News: Brute-force attacks surge worldwide, warns Cisco Talos

April 17, 2024
In the News: Why 92% of Security Professionals Worry About Generative AI

In the News: Why 92% of Security Professionals Worry About Generative AI

April 16, 2024
In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

March 29, 2024
In the News: Navigating the new landscape: Understanding and implementing NIST CSF 2.0

In the News: Navigating the new landscape: Understanding and implementing NIST CSF 2.0

March 27, 2024