Linux Vulnerabilities of the Week: February 1, 2021

Linux Vulnerabilities of the Week: February 1, 2021

1. Security update for rubygem-nokogiri for SUSE OpenStack Cloud Crowbar 8 & 9, and SUSE OpenStack Cloud 7

Vendor Severity: Important
CVSS Score: 9.8

This update for rubygem-nokogiri fixes the following issues:

  • Fixed a command injection vulnerability
  • Fixed an XXE vulnerability in Nokogiri::XML::Schema

Syxscore Risk Alert

This vulnerability has a significant risk as this can be exposed over any network, with low complexity and privileges without user interaction.  Although the latest CVE carries a CVSS score of 4.3, the previous CVSS of 9.8 should determine the importance of this update on your latest deployment cycle.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Requires: Low
  • User Interaction: None
  • Scope (Jump Point): No

CVE Reference(s): CVE-2019-5477, CVE-2020-26247

2. Xstream update for Amazon Linux 2

Vendor Severity: Important
CVSS Score: 8.8

XStream before version 1.4.14 is vulnerable to Remote Code Execution.  The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream.

Syxscore Risk Alert

This vulnerability has a significant risk as this can be exposed over any network, with low complexity and privileges without user interaction.  According to some GitHub articles, this vulnerability could be used as a jump point – which means once they expose the environment using this bug, they can move laterally within the OS.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Requires: Low
  • User Interaction: None
  • Scope (Jump Point): No

CVE Reference(s): CVE-2020-26217

3. Enterprise kernel update for Oracle Linux 7

Vendor Severity: Important
CVSS Score: 8.8

An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped

Syxscore Risk Alert

This vulnerability has a significant risk as this can be exposed over any network, with low complexity and privileges without user interaction.   The most serious of these risks is the Jump Point (scope), which allow a hack to move laterally within the OS, in this case anywhere outside of the OS Kernel.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Requires: Low
  • User Interaction: None
  • Scope (Jump Point): Yes

CVE Reference(s): CVE-2020-29568, CVE-2020-29569, CVE-2020-28374

4. libxstream-java update for Ubuntu 20.04 LTS and Ubuntu 18.04 LTS

Vendor Severity: Medium
CVSS Score: 8.8

A remote attacker could run arbitrary shell commands by manipulating the processed input stream. It was discovered that XStream was vulnerable to server-side forgery attacks.  A remote attacker could request data from internal resources that are not publicly available only by manipulating the processed input stream.

Syxscore Risk Alert

This vulnerability has a significant risk as this can be exposed over any network, with low complexity and privileges without user interaction.   The most serious of these risks is the Jump Point (scope) exposed by CVE-2020-26259 which allows a hacker to jump from Java to another OS component.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Requires: Low
  • User Interaction: None
  • Scope (Jump Point): Yes

CVE Reference(s): CVE-2020-26217, CVE-2020-26259, CVE-2020-26258

5. net-snmp security update for Red Hat Enterprise Linux 7.4, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.

Vendor Severity: Important
CVSS Score: 8.8

A flaw was found in Net-SNMP through version 5.73, where an Improper Privilege Management issue occurs due to SNMP WRITE access to the EXTEND MIB allows running arbitrary commands as root. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a significant risk although slightly less as local access would be needed to expose this bug.  It has low attack complexity and privileges without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Requires: Low
  • User Interaction: None
  • Scope (Jump Point): No

CVE Reference(s): CVE-2020-15862

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

Recent Posts

Topics

Related Posts

In the News: Why 92% of Security Professionals Worry About Generative AI

In the News: Why 92% of Security Professionals Worry About Generative AI

April 16, 2024
In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

March 29, 2024
In the News: Navigating the new landscape: Understanding and implementing NIST CSF 2.0

In the News: Navigating the new landscape: Understanding and implementing NIST CSF 2.0

March 27, 2024
Syxsense Selected for 2024 CRN Partner Program Guide

Syxsense Selected for 2024 CRN Partner Program Guide

March 25, 2024