Linux Vulnerabilities of the Week: November 15, 2021

Linux Vulnerabilities of the Week: November 15, 2021

1. Possible trojan source attacks in the Unicode Specification (through 14.0)

Severity: Critical         CVSS Score: 9.8

This is a flaw in the way Unicode standards are implemented in the context of development environments, which have specialized requirements for rendering text.

An attacker could use this to deceive a human reviewer by creating a malicious patch containing well-placed BiDi characters. The special handling and rendering of those characters can be then used in an attempt to hide unexpected and potentially dangerous behavior from the reviewer.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-42574

2. A heap-based buffer overflow in vim

Severity: Important    CVSS Score: 7.8

This is a flaw in vim. An attacker can exploit a possible heap-based buffer overflow to input a specially crafted file leading to a system crash or code execution.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device and requires user interaction, it can be exposed by an unprivileged user with a low complexity attack.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3778

3. The Linux kernel (< 5.13.13) vulnerability

Severity: Important    CVSS Score: 7.8

The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.

The Linux kernel (< 5.13.13) vulnerability

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, it can be exposed with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-42008

4. Memory overwrite in the Linux kernel (<5.14.6) with potential privileges execution

Severity: Important    CVSS Score: 7.8

This is a flaw in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in Aspeed Low Pin Count (LPC) Bus Controller in the Linux kernel.

A local attacker can exploit a miss in the sanity check to bypass the boundary check, and map pages that are located outside the memory region reserved by the driver, potentially executing privileges, aka CID-b49a0e69a7b1.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, it can be exposed with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-42252

5. Heap buffer overflow in FireDTV media card driver affecting Red Hat Enterprise Linux 7 and 8

Severity: Important    CVSS Score: 7.8

This is a heap-based buffer overflow flaw in the Linux kernel (through  5.14.13) FireDTV media card driver, where the user calls the CA_SEND_MSG ioctl. Exploiting this vulnerability a local user of the host machine can crash the system or escalate privileges.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, it can be exposed with a low complexity attack, low privileges, and without user interaction.

and no user interaction required.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-42739

Recent Posts

Topics

Related Posts

In the News: Why 92% of Security Professionals Worry About Generative AI

In the News: Why 92% of Security Professionals Worry About Generative AI

April 16, 2024
In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

March 29, 2024
In the News: Navigating the new landscape: Understanding and implementing NIST CSF 2.0

In the News: Navigating the new landscape: Understanding and implementing NIST CSF 2.0

March 27, 2024
Syxsense Selected for 2024 CRN Partner Program Guide

Syxsense Selected for 2024 CRN Partner Program Guide

March 25, 2024