Skip to main content
News

Linux Vulnerabilities of the Week: November 30, 2021

By December 1, 2021November 11th, 2022No Comments
||

Linux Vulnerabilities of the Week: November 30, 2021

See this week's top Linux issues and keep your IT environment protected from the latest November Linux vulnerabilities.

1. A heap buffer overflow in Redis (>2.6)

Severity: Important    CVSS Score: 8.8

Redis is an open-source, in-memory database that persists on disk. In affected versions Specially crafted Lua scripts executing in Redis cause the heap-based Lua stack to overflow due to incomplete checks for this condition. This flaw allows a remote attacker to corrupt the heap and potentially trigger remote code execution.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, low privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-32626

2. Memory corruption in WebKitGTK affecting Red Hat Enterprise Linux 8

Severity: Important    CVSS Score: 7.8

This is a flaw in WebKitGTK. Processing maliciously crafted web content may lead to arbitrary code execution.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device and requires user interaction, it can be exposed by an unprivileged user with a low complexity attack.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-30846

3. Incorrect principal selection in OpenJDK

Severity: Medium       CVSS Score: 6.8

This is a vulnerability in the Java SE (8u301, 11.0.12, 17), Oracle GraalVM Enterprise Edition (20.3.3 and 21.2.0) product of Oracle Java SE (component: Libraries).

Exploiting this flaw, a low privileged attacker with network access via Kerberos can compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can lead to unauthorized access to critical data or complete access to all Java SE, Oracle GraalVM Enterprise Edition accessible data.

The highest threat from this vulnerability is to data confidentiality.

Syxscore Risk Alert

This vulnerability has a moderate risk as although requires user interaction to be exploited, it can be exposed over any network, with a low complexity attack, and low privileges. Besides, this vulnerability allows a lateral attack to be made, due to the changed jump point.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: Required
  • Scope (Jump Point): Changed

CVE Reference(s): CVE-2021-35567

4. Limited sandbox escape via VFS syscalls in WebKitGTK

Severity: Medium       CVSS Score: 5.3

BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace.

The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined.

Syxscore Risk Alert

This vulnerability has a moderate risk as although this needs access to the same network as the device, it can be exposed with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-42762

5. Server response processing flaw in Bind affecting Red Hat Enterprise Linux 8

Severity: Medium       CVSS Score: 5.3

This is a flaw in BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch.

The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely. This caching mechanism could be abused by an attacker to significantly degrade resolver performance.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a moderate risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-25219

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Leave a Reply