Skip to main content
Tag

Linux

||

Top Linux Vulnerabilities for November 2021

By NewsNo Comments

Top Linux Vulnerabilities for November 2021

Explore the top Linux vulnerabilities for November 2021 and find out the best solution for managing these threats.

[vc_empty_space]
[vc_single_image image=”341970″ img_size=”full”]

1. Buffer overflow in Golang (<1.16.9)

Severity: Critical         CVSS Score: 9.8

This is a validation flaw in Golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments can cause portions of the module to be overwritten with data from the arguments.

The highest threat from this vulnerability is to integrity.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-38297

 

[dt_divider style=”thin” /]

 

2. Apache HTTP server vulnerability

Severity: Critical         CVSS Score: 9.8

This is a path transversal and remote code execution flaw in Apache HTTP Server 2.4.49 and 2.4.50, which a remote attacker could use to map URLs to files outside the directories configured by Alias-like directives. This flaw could also leak the source of interpreted files like CGI scripts.

If files outside of the mentioned directories are not protected by the usual default configuration “require all denied”, the attacker’s requests can succeed. If CGI scripts are also enabled for these aliased paths, this could result in remote code execution.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

 Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-42013

 

[dt_divider style=”thin” /]

 

3. Insufficiently restricted permissions in Containerd (< 1.4.11)

Severity: Important    CVSS Score: 7.8

It is a flaw in Containerd where container root directories and some plugins had insufficiently restricted permissions. Unprivileged Linux users can exploit this vulnerability to traverse directory contents and execute programs.

This vulnerability has been fixed in Containerd 1.4.11 and Containerd 1.5.7. Users should update to one of these versions when they are released and may restart containers or update directory permissions to mitigate the vulnerability. Users unable to update should limit access to the host to trusted users.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-41103

 

[dt_divider style=”thin” /]

 

4. Integer overflow in strongSwan (< 5.9.4 )

Severity: Important   CVSS Score: 7.5

The is a remote integer overflow in the in-memory certificate cache in strongSwan. The overflow happens upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries.

The attempts of code to select a less-often-used cache entry by generating random numbers don’t give results. Remote code execution might be a slight possibility.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-41991

 

[dt_divider style=”thin” /]

 

5. OpenJDK vulnerability affecting Red Hat Enterprise Linux 8

Severity: Medium       CVSS Score: 6.8

This is an easily exploitable flaw that allows a low-privileged attacker with network access via Kerberos to compromise Java SE, Oracle GraalVM Enterprise Edition. To be successful, attacks require human interaction from a person other than the attacker.

While the vulnerability is in Java SE, Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products and lead to unauthorized access to critical data or complete access to all Java SE, Oracle GraalVM Enterprise Edition accessible data.

The highest threat from this vulnerability is to data confidentiality.

Syxscore Risk Alert

This vulnerability has a moderate risk as though this requires some privileges and user interaction to be exploited, it can be exposed over any network, with a low complexity attack. Besides, this vulnerability allows a lateral attack to be made, due to the changed jump point.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: Required
  • Scope (Jump Point): Changed

CVE Reference(s): CVE-2021-35567

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_single_image image=”37252″ img_size=”full” css=”.vc_custom_1612806115444{padding-right: 150px !important;padding-left: 150px !important;}”]
||

Linux Vulnerabilities of the Week: November 1, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: November 1, 2021

See this week's top Linux issues and keep your IT environment protected from the latest October Linux vulnerabilities.

1. Unsafe deserialization of Xalan xsltc.trax.TemplatesImpl in XStream

Severity: Important    CVSS Score: 8.8

XStream is a simple library, used to serialize objects to XML and back again. This is a flaw in the mentioned library that allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. Users who followed the recommendation to set up XStream’s security framework with a whitelist limited to the minimal required types are not affected.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, low privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-39139

2. A heap buffer overflow in Redis

Severity: Important    CVSS Score: 8.8

This is a heap buffer overflow in Redis, an open-source, in-memory database that persists on disk. In all versions of Redis with Lua scripting support, starting from 2.6, specially crafted Lua scripts can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result in heap corruption and potentially remote code execution.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, low privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-32626

3. Insufficiently restricted permissions in Containerd (< 1.4.11)

Severity: Important    CVSS Score: 7.8

It is a flaw in Containerd where container root directories and some plugins had insufficiently restricted permissions. Unprivileged Linux users can exploit this vulnerability to traverse directory contents and execute programs.

This vulnerability has been fixed in Containerd 1.4.11 and Containerd 1.5.7. Users should update to one of these versions when they are released and may restart containers or update directory permissions to mitigate the vulnerability. Users unable to update should limit access to the host to trusted users.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, this can be exposed with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-41103

4. Local privilege escalation via PHP-FPM affecting Red Hat Enterprise Linux 8

Severity: Important   CVSS Score: 7.8

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, this can be exposed with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-21703

5. Excessive memory allocation in RTFReader in OpenJDK affecting Red Hat Enterprise Linux 8

Severity: Medium       CVSS Score: 5.3

This is an easily exploitable flaw in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE that allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can lead to unauthorized ability to cause a partial denial of service of Java SE, Oracle GraalVM Enterprise Edition.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a moderate risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-35559

Watch the October Linux Webcast 2021

By VideoNo Comments

Watch the Webcast: October Linux Patching 2021

Watch this month's webcast to hear IT industry experts discuss strategies for tackling the biggest Linux updates.

[vc_empty_space]
[vc_single_image image=”365777″ img_size=”full” css_animation=”fadeIn”]
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

View the Webcast

What You Need to Know: Linux Patching October 2021

[ultimate_video video_type=”vimeo_video” vimeo_video_url=”https://vimeo.com/639239254″ vimeo_autoplay=”” vimeo_loop=”” vimeo_intro_title=”” vimeo_intro_portrait=”” vimeo_intro_byline=”” thumbnail=”custom” custom_thumb=”id^365930|url^https://www.syxsense.com/wp-content/uploads/2021/10/Linux-Patching.jpg|caption^null|alt^null|title^Linux Patching|description^null” play_source=”icon” play_size=”1″ icon_color=”rgba(255,255,255,0.01)”]
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense|||” css=”.vc_custom_1589385306732{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
||

Linux Vulnerabilities of the Week: October 25, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: October 25, 2021

See this week's top Linux issues and keep your IT environment protected from the latest October Linux vulnerabilities.

[vc_empty_space]
[vc_single_image image=”364537″ img_size=”full”]

1. Buffer overflow in Golang (<1.16.9)

Severity: Critical         CVSS Score: 9.8

This is a validation flaw in Golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments can cause portions of the module to be overwritten with data from the arguments.

The highest threat from this vulnerability is to integrity.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-38297

[vc_separator]

2. A buffer overflow in Ncurses (through v6.2-1)

Severity: Important    CVSS Score: 8.8

This is a heap-based buffer overflow in  _nc_captoinfo in captoinfo.c.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a high risk as though it requires user interaction, it can be exposed over any network, with low complexity, and no privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-39537

[vc_separator]

3. Integer overflow in strongSwan (< 5.9.4 )

Severity: Important   CVSS Score: 7.5

The is a remote integer overflow in the in-memory certificate cache in strongSwan. The overflow happens upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries.

The attempts of code to select a less-often-used cache entry by generating random numbers don’t give results. Remote code execution might be a slight possibility.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-41991

[vc_separator]

4. OpenJDK vulnerability affecting Red Hat Enterprise Linux 8

Severity: Medium       CVSS Score: 6.8

This is an easily exploitable flaw that allows a low-privileged attacker with network access via Kerberos to compromise Java SE, Oracle GraalVM Enterprise Edition. To be successful, attacks require human interaction from a person other than the attacker.

While the vulnerability is in Java SE, Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products and lead to unauthorized access to critical data or complete access to all Java SE, Oracle GraalVM Enterprise Edition accessible data.

The highest threat from this vulnerability is to data confidentiality.

Syxscore Risk Alert

This vulnerability has a moderate risk as though this requires some privileges and user interaction to be exploited, it can be exposed over any network, with a low complexity attack. Besides, this vulnerability allows a lateral attack to be made, due to the changed jump point.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: Required
  • Scope (Jump Point): Changed

CVE Reference(s): CVE-2021-35567

[vc_separator]

5. Memory disclosure in PostgreSQL

Severity: Medium       CVSS Score: 6.5

This is a flaw in PostgreSQL. Using an INSERT … ON CONFLICT … DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory.

The highest threat from this vulnerability is to data confidentiality.

Syxscore Risk Alert

This vulnerability has a moderate risk as although an attacker requires some privileges to exploit it, this can be exposed over any network, with a low complexity attack, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-32028

Join Our October Linux Webcast

Explore the latest Linux updates for October 2021. We discuss the most urgent patches and priorities for the month.

[vc_btn title=”Save Your Seat” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Foctober-linux-patch-2021″ css=”.vc_custom_1633464485310{margin-top: 15px !important;}”][vc_single_image image=”37252″ img_size=”full” css_animation=”fadeIn” css=”.vc_custom_1611965477970{padding-right: 20px !important;padding-left: 20px !important;}”]
||

Linux Vulnerabilities of the Week: October 18, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: October 18, 2021

See this week's top Linux issues and keep your IT environment protected from the latest October Linux vulnerabilities.

[vc_empty_space]
[vc_single_image image=”364537″ img_size=”full”]

1. Apache HTTP server vulnerability

Severity: Critical         CVSS Score: 9.8

This is a path transversal and remote code execution flaw in Apache HTTP Server 2.4.49 and 2.4.50, which a remote attacker could use to map URLs to files outside the directories configured by Alias-like directives. This flaw could also leak the source of interpreted files like CGI scripts.

If files outside of the mentioned directories are not protected by the usual default configuration “require all denied”, the attacker’s requests can succeed. If CGI scripts are also enabled for these aliased paths, this could result in remote code execution.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

 Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-42013

[vc_separator]

2. SVM nested virtualization issue in KVM in the Linux kernel (<5.14-rc7)

Severity: Important    CVSS Score: 8.8

This is a flaw in the KVM’s AMD code for supporting SVM nested virtualization. It occurs when processing the virtual machine control block provided by the L1 guest to spawn/handle a nested guest (L2).

Due to improper validation of the “int_ctl” field, a malicious L1 can enable Advanced Virtual Interrupt Controller support for the L2 guest. As a result, the L2 guest would be able to read/write physical pages of the host, leading to a crash of the entire system, leak of sensitive data, or potential guest-to-host escape.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk — although this needs access to the same network as the device, it has low complexity, requires no privileges, and no user interaction. Besides, this vulnerability allows a lateral attack to be made, due to the changed jump point.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Changed

CVE Reference(s): CVE-2021-3653

[vc_separator]

3. A possible directory traversal in squashfs-tools affecting Red Hat Enterprise Linux 7 and 8

Severity: Important    CVSS Score: 8.1

This is a directory traversal flaw in squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5. During extraction, a file can use a symbolic link, and a regular file with an identical name to escape the destination directory. This flaw allows a specially crafted squashfs archive to install or overwrite files outside of the destination directory.

The highest threat from this vulnerability is to integrity and system availability.

Syxscore Risk Alert

This vulnerability has a major risk — although it requires user interaction, it can be exposed over any network, with an attack of low complexity and with no privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-41072

[vc_separator]

4. Possible data corruption or loss in the Linux kernel (< 5.13.4)

Severity: Important    CVSS Score: 7.8

In drivers/char/virtio_console.c in the Linux kernel, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk — although this needs access to the same network as the device, it can be exposed with a low complexity attack, with low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-38160

[vc_separator]

5. Insufficiently restricted permissions in Containerd (< 1.4.11)

Severity: Important    CVSS Score: 7.8

It is a flaw in Containerd where container root directories and some plugins had insufficiently restricted permissions. Unprivileged Linux users can exploit this vulnerability to traverse directory contents and execute programs.

This vulnerability has been fixed in Containerd 1.4.11 and Containerd 1.5.7. Users should update to one of these versions when they are released and may restart containers or update directory permissions to mitigate the vulnerability. Users unable to update should limit access to the host to trusted users.

Syxscore Risk Alert

This vulnerability has a major risk — although this needs access to the same network as the device it can be exposed with a low complexity attack, with low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-41103

Join Our October Linux Webcast

Explore the latest Linux updates for October 2021. We discuss the most urgent patches and priorities for the month.

[vc_btn title=”Save Your Seat” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Foctober-linux-patch-2021″ css=”.vc_custom_1633464485310{margin-top: 15px !important;}”][vc_single_image image=”37252″ img_size=”full” css_animation=”fadeIn” css=”.vc_custom_1611965477970{padding-right: 20px !important;padding-left: 20px !important;}”]
||

Top Linux Vulnerabilities for October 2021

By NewsNo Comments

Top Linux Vulnerabilities for October 2021

Explore the top Linux vulnerabilities for October 2021 and find out the best solution for managing these threats.

[vc_empty_space]
[vc_single_image image=”341970″ img_size=”full”]

1. Missing input validation in domain names in Node.js

Severity: Critical         CVSS Score: 9.8

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to remote code execution, Cross-site scripting (XSS), application crashes due to missing input validation of hostnames returned by Domain Name Servers in the Node.js DNS library, which can lead to the output of wrong hostnames (leading to Domain hijacking) and injection vulnerabilities in applications using the library.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-22931

 

[dt_divider style=”thin” /]

 

2. Missing request length checks in LibX11 affecting Red Hat Enterprise Linux 8

Severity: Critical    CVSS Score: 9.8

This is a missing validation flaw in libX11 before 1.7.1. The libX11 XLookupColor request (intended for server-side colour lookup) contains a flaw allowing a client to send colour-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets).

This flaw allows a remote attacker to inject X11 protocol commands on X clients, and in some cases, also bypass, authenticate (via injection of control characters), or potentially execute arbitrary code with permissions of the application compiled with libX11.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-31535

 

[dt_divider style=”thin” /]

 

3. SM2 Decryption Buffer Overflow in OpenSSL

Severity: Critical    CVSS Score: 9.8

This is a miscalculation of buffer size in OpenSSL’s SM2 decryption function, allowing up to 62 arbitrary bytes to be written outside of the buffer.

This vulnerability allows a remote attacker to crash an application supporting SM2 signature or encryption algorithm, or, possibly, execute arbitrary code with the permissions of the user running that application.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3711

 

[dt_divider style=”thin” /]

 

4. WebKitGTK vulnerability affecting Red Hat Enterprise Linux 7 and 8

Severity: Important    CVSS Score: 8.8

This is a use-after-free issue in WebKitGTK. Processing maliciously crafted web content may lead to arbitrary code execution.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as though its exploitation requires user interaction, it can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-30858

 

[dt_divider style=”thin” /]

 

5. Lack of certain index validation in GoGo Protobuf (< 1.3.2)

Severity: Important    CVSS Score: 8.6

This flaw allows a remote attacker to send crafted protobuf messages, causing a denial of service. The highest threat from this vulnerability is to availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3121

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_single_image image=”37252″ img_size=”full” css=”.vc_custom_1612806115444{padding-right: 150px !important;padding-left: 150px !important;}”]
||

Linux Vulnerabilities of the Week: October 4, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: October 4, 2021

See this week's top Linux issues and keep your IT environment protected from the latest October Linux vulnerabilities.

[vc_empty_space]
[vc_single_image image=”364537″ img_size=”full”]

1. Apache HTTP Server (2.4.48 and earlier) vulnerability

Severity: Critical     CVSS Score: 9.8

ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party/external modules may.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-39275

[vc_separator]

2. Missing input validation in domain names in Node.js

Severity: Critical         CVSS Score: 9.8

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to remote code execution, Cross-site scripting (XSS), application crashes due to missing input validation of hostnames returned by Domain Name Servers in the Node.js DNS library, which can lead to the output of wrong hostnames (leading to Domain hijacking) and injection vulnerabilities in applications using the library.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector:             Network
  • Attack Complexity:     Low
  • Privileges Required:    None
  • User Interaction:         None
  • Scope (Jump Point):    Unchanged

CVE Reference(s): CVE-2021-22931

[vc_separator]

3. Kubernetes vulnerability

Severity: Important    CVSS Score: 8.1

Exploiting this flaw, an authorized user can create a container with subpath volume mounts to access files and directories outside of the volume, including on the host node’s filesystem.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, low privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-25741

[vc_separator]

4. aTFTP vulnerability (through 0.7.4)

Severity: Important    CVSS Score: 7.5

There is a buffer overflow in tftpd_file.c in aTFTP because buffer-size handling does not properly consider the combination of data, OACK, and other options.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-41054

[vc_separator]

Join Our October Linux Webcast

Explore the latest Linux updates for October 2021. We discuss the most urgent patches and priorities for the month.

[vc_btn title=”Save Your Seat” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Foctober-linux-patch-2021″ css=”.vc_custom_1633464485310{margin-top: 15px !important;}”][vc_single_image image=”37252″ img_size=”full” css_animation=”fadeIn” css=”.vc_custom_1611965477970{padding-right: 20px !important;padding-left: 20px !important;}”]
||

Linux Vulnerabilities of the Week: September 27, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: September 27, 2021

See this week's top Linux issues and keep your IT environment protected from the latest September Linux vulnerabilities.

[vc_empty_space]
[vc_single_image image=”364537″ img_size=”full”]

1. Missing input validation in domain names in Node.js

Severity: Critical         CVSS Score: 9.8

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to remote code execution, Cross-site scripting (XSS), application crashes due to missing input validation of hostnames returned by Domain Name Servers in the Node.js DNS library, which can lead to the output of wrong hostnames (leading to Domain hijacking) and injection vulnerabilities in applications using the library.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-22931

[vc_separator]

2. WebKitGTK vulnerability affecting Red Hat Enterprise Linux 7 and 8

Severity: Important    CVSS Score: 8.8

This is a use-after-free issue in WebKitGTK. Processing maliciously crafted web content may lead to arbitrary code execution.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk. Although its exploitation requires user interaction, it can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-30858

[vc_separator]

3. The Linux kernel vulnerability affecting Red Hat Enterprise Linux 7 and 8

Severity: Important  CVSS Score: 7.8

This is an out-of-bounds memory write flaw in the Linux kernel’s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. Exploiting this flaw, a local user can crash the system or possibly escalate their privileges on the system.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk. It needs access to the same network as the device, the attack is low complexity, requires low privileges, and no user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3612

[vc_separator]

4. Possible heap buffer overflow in Vim

Severity: Important   CVSS Score: 7.8

This is a flaw in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk. Although this needs access to the same network as the device, the attack is of low complexity, needs low privileges, and no user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3770

[vc_separator]

5. Missing enforcement vulnerability in Xen

Severity: Important    CVSS Score: 7.8

Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1.

Freeing such pages requires that the hypervisor enforces that no parallel request can result in the addition of a mapping of such a page to a guest. Due to the missing enforcement, local guests can retain access to pages that were freed and perhaps re-used for other purposes.

Syxscore Risk Alert

This vulnerability has a major risk. Although this needs access to the same network as the device and can be exposed only with a complex attack, it needs low privileges and no user interaction. This vulnerability allows a lateral attack to be made, due to the changed jump point.

  • Attack Vector: Local
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Changed

CVE Reference(s): CVE-2021-28701

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”]
[vc_single_image image=”37252″ img_size=”full” css_animation=”fadeIn” css=”.vc_custom_1611965477970{padding-right: 20px !important;padding-left: 20px !important;}”]
||

Linux Vulnerabilities of the Week: September 20, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: September 20, 2021

See this week's top Linux issues and keep your IT environment protected from the latest September Linux vulnerabilities.

[vc_empty_space]
[vc_single_image image=”364537″ img_size=”full”]

1. Lack of certain index validation in GoGo Protobuf (< 1.3.2)

Severity: Important    CVSS Score: 8.6

This flaw allows a remote attacker to send crafted protobuf messages, causing a denial of service. The highest threat from this vulnerability is to availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3121

[vc_separator]

2. Out-of-bounds write in net/netfilter/x_tables.c affecting Red Hat Enterprise Linux 7

Severity: Important    CVSS Score: 7.8

This is a flaw in how setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) are processed for 32-bit processes on 64-bit systems.

Exploiting this flaw, a local user can gain privileges or cause a DoS (via heap memory corruption) through user name space.

The highest threat from this vulnerability is to data confidentiality, and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, it can be exposed with a low complexity attack, needs low privileges, and no user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-22555

[vc_separator]

3. Missing enforcement vulnerability in Xen

Severity: Important    CVSS Score: 7.8

Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1.

Freeing such pages requires that the hypervisor enforces that no parallel request can result in the addition of a mapping of such a page to a guest. Due to the missing enforcement, local guests can retain access to pages that were freed and perhaps re-used for other purposes.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device and can be exposed only with a complex attack, it needs low privileges and no user interaction. Besides, this vulnerability allows a lateral attack to be made, due to the changed jump point.

  • Attack Vector: Local
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Changed

CVE Reference(s): CVE-2021-28701

[vc_separator]

4. Mishandling of ElGamal encryption in Libgcrypt that affects Red Hat Enterprise Linux 8

Severity: Important    CVSS Score: 7.5

This is a side-channel attack flaw in the way Libgcrypt implemented Elgamal encryption, which allows an attacker to decrypt parts of ciphertext encrypted using Elgamal, for instance, when using OpenPGP.

The highest threat from this vulnerability is to confidentiality.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-33560

[vc_separator]

5. Potential directory traversal via “admindocs“ in Django

Severity: Moderate    CVSS Score: 4.9

This is a flaw in Django. Staff members could use the Template Detail View to check the existence of arbitrary files. Moreover, if (and only if) the default admindocs templates have been customized by the developers to also expose the file contents, then not only the existence but also the file contents would have been exposed.

The highest threat from this vulnerability is to data confidentiality.

Syxscore Risk Alert

This vulnerability has a moderate risk as although it requires high privileges, it can be exposed with a low complexity attack without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-33203

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”]
[vc_single_image image=”37252″ img_size=”full” css_animation=”fadeIn” css=”.vc_custom_1611965477970{padding-right: 20px !important;padding-left: 20px !important;}”]
||

Top Linux Vulnerabilities for September 2021

By NewsNo Comments

Top Linux Vulnerabilities for September 2021

Explore the top Linux vulnerabilities for September 2021 and find out the best solution for managing these threats.

[vc_empty_space]
[vc_single_image image=”341970″ img_size=”full”]

1. Improper Input Validation in Node.js (<16.6.0, 14.17.4, and 12.22.4) affecting Red Hat Enterprise Linux 8

Severity: Critical         CVSS Score: 9.8

Node. js is vulnerable to remote code execution, Cross-site scripting (XSS), application crashes due to missing input validation of hostnames returned by Domain Name Servers in the Node.js DNS library, which can lead to the output of wrong hostnames (leading to Domain hijacking) and injection vulnerabilities in applications using the library.

The highest threat from this vulnerability is to data confidentiality, and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-22931

 

[dt_divider style=”thin” /]

 

2. SM2 Decryption Buffer Overflow in OpenSSL

Severity: Critical         CVSS Score: 9.8

This flaw was in OpenSSL. A miscalculation of a buffer size was found in OpenSSL’s SM2 decryption function, allowing up to 62 arbitrary bytes to be written outside of the buffer. Exploiting this flaw, a remote attacker could crash an application supporting SM2 signature or encryption algorithm, or possibly execute arbitrary code with the permissions of the user running that application.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3711

 

[dt_divider style=”thin” /]

 

3. Mozilla Thunderbird and Firefox vulnerability

Severity: Important    CVSS Score: 8.8

Uninitialized memory in a canvas object in Mozilla Thunderbird and Mozilla Firefox (< 78.13 and < 91) could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a high risk as though it requires user interaction, it can be exposed over any network, with low complexity, and no privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-29980

 

[dt_divider style=”thin” /]

 

4. A heap buffer overflow in libsndfile 1.0.30 affecting Red Hat Enterprise Linux 7 and 8

Severity: Important    CVSS Score: 8.8

This is a heap buffer overflow in libsndfile, exploiting which an attacker can execute arbitrary code via a crafted WAV file.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as though it requires user interaction to be exploited, this can be exposed over any network, with a low complexity attack and no privileges.

  • Attack Vector:             Network
  • Attack Complexity:     Low
  • Privileges Required:    None
  • User Interaction:         Required
  • Scope (Jump Point):    Unchanged

 

CVE Reference(s): CVE-2021-3246

 

[dt_divider style=”thin” /]

 

5. A use-after-free vulnerability in WebKitGTK 2.30.4

Severity: Important    CVSS Score: 8.8

Due to this flaw, if a remote attacker tricks a local user into visiting a specially crafted malicious webpage, it can result in a potential data leak and further memory corruption.

The highest threat from this vulnerability is to data confidentiality and integrity.

Syxscore Risk Alert

This vulnerability has a major risk. Although it requires user interaction to be exploited, this can be exposed over any network, with a low complexity attack and no privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-21775

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_single_image image=”37252″ img_size=”full” css=”.vc_custom_1612806115444{padding-right: 150px !important;padding-left: 150px !important;}”]