Top Linux Vulnerabilities for November 2021

Top Linux Vulnerabilities for November 2021

1. Buffer overflow in Golang (<1.16.9)

Severity: Critical         CVSS Score: 9.8

This is a validation flaw in Golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments can cause portions of the module to be overwritten with data from the arguments.

The highest threat from this vulnerability is to integrity.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-38297

2. Apache HTTP server vulnerability

Severity: Critical         CVSS Score: 9.8

This is a path transversal and remote code execution flaw in Apache HTTP Server 2.4.49 and 2.4.50, which a remote attacker could use to map URLs to files outside the directories configured by Alias-like directives. This flaw could also leak the source of interpreted files like CGI scripts.

If files outside of the mentioned directories are not protected by the usual default configuration “require all denied”, the attacker’s requests can succeed. If CGI scripts are also enabled for these aliased paths, this could result in remote code execution.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

 Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-42013

3. Insufficiently restricted permissions in Containerd (< 1.4.11)

Severity: Important    CVSS Score: 7.8

It is a flaw in Containerd where container root directories and some plugins had insufficiently restricted permissions. Unprivileged Linux users can exploit this vulnerability to traverse directory contents and execute programs.

This vulnerability has been fixed in Containerd 1.4.11 and Containerd 1.5.7. Users should update to one of these versions when they are released and may restart containers or update directory permissions to mitigate the vulnerability. Users unable to update should limit access to the host to trusted users.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-41103

4. Integer overflow in strongSwan (< 5.9.4 )

Severity: Important   CVSS Score: 7.5

The is a remote integer overflow in the in-memory certificate cache in strongSwan. The overflow happens upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries.

The attempts of code to select a less-often-used cache entry by generating random numbers don’t give results. Remote code execution might be a slight possibility.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-41991

5. OpenJDK vulnerability affecting Red Hat Enterprise Linux 8

Severity: Medium       CVSS Score: 6.8

This is an easily exploitable flaw that allows a low-privileged attacker with network access via Kerberos to compromise Java SE, Oracle GraalVM Enterprise Edition. To be successful, attacks require human interaction from a person other than the attacker.

While the vulnerability is in Java SE, Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products and lead to unauthorized access to critical data or complete access to all Java SE, Oracle GraalVM Enterprise Edition accessible data.

The highest threat from this vulnerability is to data confidentiality.

Syxscore Risk Alert

This vulnerability has a moderate risk as though this requires some privileges and user interaction to be exploited, it can be exposed over any network, with a low complexity attack. Besides, this vulnerability allows a lateral attack to be made, due to the changed jump point.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: Required
  • Scope (Jump Point): Changed

CVE Reference(s): CVE-2021-35567

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

Recent Posts

Topics

Related Posts

In the News: Why 92% of Security Professionals Worry About Generative AI

In the News: Why 92% of Security Professionals Worry About Generative AI

April 16, 2024
In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

March 29, 2024
In the News: Navigating the new landscape: Understanding and implementing NIST CSF 2.0

In the News: Navigating the new landscape: Understanding and implementing NIST CSF 2.0

March 27, 2024
Syxsense Selected for 2024 CRN Partner Program Guide

Syxsense Selected for 2024 CRN Partner Program Guide

March 25, 2024