Top Linux Vulnerabilities for January

1. Samba update for Amzn2 (Amazon AWS), Red Hat Enterprise 7 and Oracle Linux 7

Vendor Severity: Critical
CVSS Score: 10

A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker. (CVE-2020-14318)

A null pointer dereference flaw was found in Samba’s winbind service. This flaw allows a local user to crash the winbind service, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-14323)

A flaw was found in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), where it reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This flaw allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and possibly obtain domain administrator privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-1472)

CVE Reference(s): CVE-2020-14318, CVE-2020-14323, CVE-2020-1472.

 

2. Kernel update for Oracle Linux 6 & 7

Vendor Severity: Moderate
CVSS Score: 9.8

A heap-based buffer overflow was discovered in the Linux kernel. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices’ country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.

CVE Reference(s): CVE-2019-14895, CVE-2020-10711, CVE-2020-12464, CVE-2020-12652, CVE-2019-19447, CVE-2019-19037, CVE-2020-14305, CVE-2020-25668, CVE-2020-28915, CVE-2020-28974, CVE-2019-20934, CVE-2020-15436, CVE-2020-14351, CVE-2020-25705.

 

3. Security update for SUSE Manager Client Tools

Vendor Severity: Moderate
CVSS Score: 9.8

In SaltStack through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.

CVE Reference(s): CVE-2020-25592

 

4. Security update for python36 on SUSE Linux Enterprise Server 12-SP5

Vendor Severity: Important
CVSS Score: 9.8

Python testsuite calls eval () on content received via HTTP. If an attacker can compromise the pythontest.net server, they gain arbitrary code execution on all buildbots.

If an attacker has control over the network connection of a machine running the Python test suite, they gain arbitrary code execution to the entire system.

CVE Reference(s): CVE-2019-18348, CVE-2019-20916, CVE-2020-27619

 

5. Libproxy update for Ubuntu 20.10, 20.04 LTS, 18.04 LTS and 16.04 LTS

Vendor Severity: Medium
CVSS Score: 9.8

libproxy incorrectly handled certain PAC files delivered from a Windows 10 device. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

CVE Reference(s): CVE-2020-26154

 

6. Security update for Mozilla Thunderbird for SUSE Linux Enterprise Workstation Extension 15-SP2 and Red Hat Enterprise 5,6,7 and 8

Vendor Severity: Critical
CVSS Score: 8.8

When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable.

CVE Reference(s): CVE-2020-16042, CVE-2020-26970, CVE-2020-26971, CVE-2020-26973, CVE-2020-26974, CVE-2020-26978, CVE-2020-35111, CVE-2020-35112, CVE-2020-35113.

Experience the Power of Syxsense

Syxsense is a cloud-based solution that helps organizations manage and secure their endpoints with ease. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.