
Linux Vulnerabilities of the Week: November 22, 2021
See this week's top Linux issues and keep your IT environment protected from the latest November Linux vulnerabilities.
1. Out-of-bounds write to memory in FreeRDP
 Severity: Important  CVSS Score: 8.8
This is a flaw in the FreeRDP, a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
In affected versions, a malicious server can send graphics updates to a client to cause an out-of-bounds write in client memory using a specially crafted input. Finally, this vulnerability could allow arbitrary code to be executed on the target system.
The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Syxscore Risk Alert
This vulnerability has a major risk as though it requires user interaction, this can be exposed over any network, with low complexity and without privileges.
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope (Jump Point): Unchanged
CVE Reference(s): CVE-2021-41160
2. SVM-nested virtualization issue in KVM
Severity: Important   CVSS Score: 8.8
This is a flaw in the KVM’s AMD code for supporting SVM-nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the “int_ctl” field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data, or potential guest-to-host escape.
The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Syxscore Risk Alert
This vulnerability has a major risk as although this needs access to the same network as the device, it can be exposed with a low complexity attack, low privileges, and without user interaction. Besides, this vulnerability allows a lateral attack to be made, due to the changed jump point.
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope (Jump Point): Changed
CVE Reference(s): CVE-2021-3653
3. Possible trojan source attacks in the Unicode Specification (through 14.0)
Severity: Important   CVSS Score: 8.3
This is a flaw in the way Unicode standards are implemented in the context of development environments, which have specialized requirements for rendering text.
An attacker could use this to deceive a human reviewer by creating a malicious patch containing well-placed BiDi characters. The special handling and rendering of those characters can be then used in an attempt to hide unexpected and potentially dangerous behavior from the reviewer.
The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Syxscore Risk Alert
This vulnerability has a major risk as although this requires a complex attack and user interaction to be exploited, it can be exposed over any network with no privileges. Besides, this vulnerability allows a lateral attack to be made, due to the changed jump point.
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope (Jump Point): Changed
CVE Reference(s): CVE-2021-42574
4. A heap-based buffer overflow in vim
Severity: Important   CVSS Score: 7.8
This is a flaw in vim. An attacker can exploit a possible heap-based buffer overflow to input a specially crafted file leading to a system crash or code execution.
The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Syxscore Risk Alert
This vulnerability has a major risk as although this needs access to the same network as the device and requires user interaction, it can be exposed with a low complexity attack and without privileges.
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope (Jump Point): Unchanged
CVE Reference(s): CVE-2021-3778
5. Remote crash in RSA decryption affecting Red Hat Enterprise Linux 8
Severity: Important   CVSS Score: 7.5
This is a flaw in the way nettle’s RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.
The highest threat from this vulnerability is to system availability.
Syxscore Risk Alert
This vulnerability has a high risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope (Jump Point): Unchanged
CVE Reference(s): CVE-2021-3580
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.