Skip to main content
Tag

Linux

||

Linux Vulnerabilities of the Week: September 6, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: September 6, 2021

See this week's top Linux issues and keep your IT environment protected from the latest August Linux vulnerabilities.

[vc_empty_space]
[vc_single_image image=”364537″ img_size=”full”]

1. Missing request length checks in LibX11 affecting Red Hat Enterprise Linux 8

Severity: Critical    CVSS Score: 9.8

This is a missing validation flaw in libX11 before 1.7.1. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets).

This flaw allows a remote attacker to inject X11 protocol commands on X clients, and in some cases, also bypass, authenticate (via injection of control characters), or potentially execute arbitrary code with permissions of the application compiled with libX11.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-31535

[vc_separator]

2. Xen vulnerability leading to DoS

Severity: Important    CVSS Score: 7.8

Grant table v2 status pages may remain accessible after de-allocation Guest gets permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime.

Grant table v2 status pages, however, get de-allocated when a guest switched (back) from v2 to v1. The freeing of such pages requires that the hypervisor know where in the guest these pages were mapped.

The hypervisor tracks only one use within guest space, but racing requests from the guest to insert mappings of these pages may result in any of them becoming mapped in multiple locations. Upon switching back from v2 to v1, the guest would then retain access to a page that was freed and perhaps re-used for other purposes.

Exploiting this flaw, local attackers can elevate their privileges and trigger denial-of-service.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, it has low complexity, needs low privileges, and no user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-28697

[vc_separator]

3. Returning of invalid host names in Go (<1.15.13)

Severity: Important    CVSS Score: 7.6

The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in the net package and methods on the Resolver type, may return arbitrary values retrieved from DNS, allowing unsafe injection (e.g., XSS) that does not conform to the RFC1035 format.

The highest threat from this vulnerability is to integrity.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-33195

[vc_separator]

4. An out-of-bounds write flaw in the Linux kernel’s Filesystem layer

Severity: Important    CVSS Score: 7.8

Exploiting this flaw, a local attacker with a user privilege can gain access to out-of-bound memory, which will result in a system crash or a leak of internal kernel information. The issue results from not validating the size_t-to-int conversion before performing operations.

The highest threat from this vulnerability is to data integrity, confidentiality, and system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, it can be exploited with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-33909

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”]
[vc_single_image image=”37252″ img_size=”full” css_animation=”fadeIn” css=”.vc_custom_1611965477970{padding-right: 20px !important;padding-left: 20px !important;}”]
||

Linux Vulnerabilities of the Week: August 31, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: August 31, 2021

See this week's top Linux issues and keep your IT environment protected from the latest August Linux vulnerabilities.

[vc_empty_space]
[vc_single_image image=”364537″ img_size=”full”]

1. Improper Input Validation in Node.js (<16.6.0, 14.17.4, and 12.22.4) affecting Red Hat Enterprise Linux 8

Severity: Critical         CVSS Score: 9.8

Node. js is vulnerable to remote code execution, Cross-site scripting (XSS), application crashes due to missing input validation of hostnames returned by Domain Name Servers in the Node.js DNS library, which can lead to the output of wrong hostnames (leading to Domain hijacking) and injection vulnerabilities in applications using the library.

The highest threat from this vulnerability is to data confidentiality, and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-22931

[vc_separator]

2. Mozilla Thunderbird and Firefox vulnerability

Severity: Important    CVSS Score: 8.8

Uninitialized memory in a canvas object in Mozilla Thunderbird and Mozilla Firefox (< 78.13 and < 91) could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a high risk as though it requires user interaction, it can be exposed over any network, with low complexity, and no privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-29980

[vc_separator]

3. An out-of-bounds memory read vulnerability in Envoy Proxy/Envoy

Severity: Important   CVSS Score: 8.6

When using one of the mentioned envoy extensions, it is possible to modify and increase the request or response body size of the decompressor, JSON-transcoder, grpc-web, or other proprietary extensions. Exploiting this flaw, an attacker can read invalid memory and cause Envoy to crash, resulting in a denial of service.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a high risk as this can be exposed over any network, with  a low complexity attack, no privileges, and without user interaction. Besides, this vulnerability allows a lateral attack to be made, due to the changed jump point.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Changed

CVE Reference(s): CVE-2021-32781

[vc_separator]

4. An out-of-bounds write flaw in the Linux kernel’s Filesystem layer

Severity: Important    CVSS Score: 7.8

Exploiting this flaw, a local attacker with a user privilege can gain access to out-of-bound memory, which will result in a system crash or a leak of internal kernel information. The issue results from not validating the size_t-to-int conversion before performing operations.

The highest threat from this vulnerability is to data integrity, confidentiality, and system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, it can be exploited with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-33909

[vc_separator]

5. A RubyGem-Puma vulnerability incomplete fix

Severity: Important    CVSS Score: 7.5

Exploiting CVE-2019-16770, a poorly-behaved client could have used keepalive requests to monopolize Puma’s reactor and create a denial of service attack. The fix for CVE-2019-16770 was incomplete.

The original fix only protected existing connections that had already been accepted from having their requests starved by greedy persistent-connections saturating all threads in the same process. However, new connections may still be starved by greedy persistent-connections saturating all threads in all processes in the cluster. A `puma` server that received more concurrent ‘keep-alive’ connections than the server had threads in its threadpool would service only a subset of connections, denying service to the unserved connections.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-29509

[vc_separator]

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”]
[vc_single_image image=”37252″ img_size=”full” css_animation=”fadeIn” css=”.vc_custom_1611965477970{padding-right: 20px !important;padding-left: 20px !important;}”]
||

Top Linux Vulnerabilities for August 2021

By NewsNo Comments

Top Linux Vulnerabilities for August 2021

Explore the top Linux vulnerabilities for August 2021 and find out the best solution for managing these threats.

[vc_empty_space]
[vc_single_image image=”341970″ img_size=”full”]

1. Apache httpd mod_session heap overflow affecting Red Hat Enterprise Linux 8

Severity: Critical CVSS Score: 9.8 

In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow. The highest threat from this vulnerability is to system availability.  

Syxscore Risk Alert 

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction. 

  • Attack Vector: Network 
  • Attack Complexity: Low 
  • Privileges Required: None 
  • User Interaction: None 
  • Scope (Jump Point): Unchanged 

CVE Reference(s): CVE-2021-26691 

 

[dt_divider style=”thin” /]

 

2. A use-after-free in Libxml2 (< 2.9.11)

Severity: Important CVSS Score: 8.8 

There’s a flaw in libxml2. An attacker can submit a crafted file to be processed by an application linked with libxml2 to trigger a use-after-free. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.  

Syxscore Risk Alert 

This vulnerability has a major risk as although it requires user interaction, it can be exposed over any network, with a low complexity attack, and without privileges. 

  • Attack Vector: Network 
  • Attack Complexity: Low 
  • Privileges Required: None 
  • User Interaction: Required 
  • Scope (Jump Point): Unchanged 

CVE Reference(s): CVE-2021-3518 

 

[dt_divider style=”thin” /]

 

3. A missing length check of forwarded messages in Linux PTP

Severity: Important CVSS Score: 8.8 

This is a flaw in the PTP4l program of the Linux PTP package.  

A remote attacker that can connect to the `ptp4l` service, can use a missing length check when forwarding a PTP message between ports to cause an information leak, crash, or execute remote code. 

 The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. 

Syxscore Risk Alert 

This vulnerability has a high risk as this can be exposed over any network, with a low complexity attack, low privileges, and without user interaction. 

  • Attack Vector: Network 
  • Attack Complexity: Low 
  • Privileges Required: Low 
  • User Interaction: None 
  • Scope (Jump Point): Unchanged 

CVE Reference(s): CVE-2021-3570 

 

[dt_divider style=”thin” /]

 

4. Out-of-bounds write in ANGLE in Google Chrome (< 91.0.4472.101)

 Severity: Important CVSS Score: 8.8 

This is a flaw in ANGLE. Exploiting this vulnerability, a remote attacker can potentially perform out-of-bounds memory access via a crafted HTML page. 

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. 

 Syxscore Risk Alert 

This vulnerability has a major risk as though it requires user interaction to be exploited, this can be exposed over any network, with a low complexity attack and no privileges. 

  • Attack Vector: Network 
  • Attack Complexity: Low 
  • Privileges Required: None 
  • User Interaction: Required 
  • Scope (Jump Point): Unchanged 

CVE Reference(s): CVE-2021-30547 

 

[dt_divider style=”thin” /]

 

5. A heap buffer overflow in libsndfile 1.0.30 affecting Red Hat Enterprise Linux 7 and 8

Severity: Important CVSS Score: 8.8 

This is a heap buffer overflow in libsndfile, exploiting which an attacker can execute arbitrary code via a crafted WAV file.  

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. 

Syxscore Risk Alert 

This vulnerability has a major risk as though it requires user interaction to be exploited, this can be exposed over any network, with a low complexity attack and no privileges. 

  • Attack Vector: Network 
  • Attack Complexity: Low 
  • Privileges Required: None 
  • User Interaction: Required 
  • Scope (Jump Point): Unchanged 

CVE Reference(s): CVE-2021-3246 

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_single_image image=”37252″ img_size=”full” css=”.vc_custom_1612806115444{padding-right: 150px !important;padding-left: 150px !important;}”]
||

Linux Vulnerabilities of the Week: August 9, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: August 9, 2021

See this week's top Linux issues and keep your IT environment protected from the latest August Linux vulnerabilities.

[vc_empty_space]
[vc_single_image image=”364537″ img_size=”full”]

1. Command injection vulnerability in RDoc 3.11 affecting Red Hat Enterprise Linux 8

Severity: Critical         CVSS Score: 9.8

This is an operating system command injection in RDoc.

A remote unprivileged attacker can use the RDoc command to generate documentation for a malicious Ruby source code, and this can result in arbitrary commands execution with the privileges of the user running RDoc.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-31799

[vc_separator]

2. A use-after-free vulnerability in WebKitGTK 2.30.4

Severity: Important    CVSS Score: 8.8

Due to this flaw, if a remote attacker tricks a local user into visiting a specially crafted malicious webpage, it can result in a potential data leak and further memory corruption.

The highest threat from this vulnerability is to data confidentiality and integrity.

Syxscore Risk Alert

This vulnerability has a major risk as though it requires user interaction to be exploited, this can be exposed over any network, with a low complexity attack, and without privileges.

  • Attack Vector:             Network
  • Attack Complexity:     Low
  • Privileges Required:    None
  • User Interaction:         Required
  • Scope (Jump Point):    Unchanged

CVE Reference(s): CVE-2021-21775

[vc_separator]

3. A heap out-of-bounds write in net/netfilter/x_tables.c affecting Red Hat Enterprise Linux 7 and 8

Severity: Important   CVSS Score: 7.8

This is a flaw in processing setsockopt IPT_SO_SET_REPLACE (or IP6T_SO_SET_REPLACE) for 32-bit processes on 64-bit systems.

Exploiting this flaw, a local user can gain privileges or cause a DoS through username space. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled with CONFIG_USER_NS and CONFIG_NET_NS and the user is granted elevated privileges.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a high risk as though it needs access to the same network as the device, and requires some privileges to be exploited, it can be exposed with a low complexity attack and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-22555

[vc_separator]

4. An out-of-bounds memory write flaw in the Linux kernel’s joystick devices subsystem

Severity: Important    CVSS Score: 7.8

Exploiting this flaw, a local user can crash the system or escalate their privileges on the system.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a high risk as though it needs access to the same network as the device, and requires some privileges to be exploited, it can be exposed with a low complexity attack and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3612

[vc_separator]

5. An infinite loop in apache-commons-compress affecting Red Hat Enterprise Linux 7 and 8

Severity: Important    CVSS Score: 7.5

When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This flaw allows the mounting of a denial-of-service attack against services that use Compress’ SevenZ package.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-35515

[vc_separator]

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”]
[vc_single_image image=”37252″ img_size=”full” css_animation=”fadeIn” css=”.vc_custom_1611965477970{padding-right: 20px !important;padding-left: 20px !important;}”]
||

Linux Vulnerabilities of the Week: August 2, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: August 2, 2021

See this week's top Linux issues and keep your IT environment protected from the latest August Linux vulnerabilities.

[vc_empty_space]
[vc_single_image image=”364537″ img_size=”full”]

1. Out-of-bounds write in ANGLE in Google Chrome (< 91.0.4472.101)

 Severity: Important   CVSS Score: 8.8

This is a flaw in ANGLE. Exploiting this vulnerability, a remote attacker can potentially perform out-of-bounds memory access via a crafted HTML page.

The highest threat from this flaw is to data confidentiality and integrity as well as system availability.

 Syxscore Risk Alert

This vulnerability has a major risk as though it requires user interaction to be exploited, this can be exposed over any network, with a low complexity attack and no privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-30547

[vc_separator]

2. A heap buffer overflow in libsndfile 1.0.30 affecting Red Hat Enterprise Linux 7 and 8

Severity: Important    CVSS Score: 8.8

This is a heap buffer overflow in libsndfile, exploiting which an attacker can execute arbitrary code via a crafted WAV file.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as though it requires user interaction to be exploited, this can be exposed over any network, with a low complexity attack and no privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3246

[vc_separator]

3. A missing length check of forwarded messages in the Linux PTP package

Severity: Important    CVSS Score: 8.8

Using a missing length check when forwarding a PTP message between ports, a remote attacker can cause a data leak, crash, or remote code execution. This flaw affects Linux PTP versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1, and before 1.5.1.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this requires some privileges, it can be exposed over any network with a low complexity attack and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3570

[vc_separator]

4. A use-after-free vulnerability in WebKitGTK 2.30.4

Severity: Important    CVSS Score: 8.8

Due to this flaw, if a remote attacker tricks a local user into visiting a specially crafted malicious webpage, it can result in a potential data leak and further memory corruption.

The highest threat from this vulnerability is to data confidentiality and integrity.

Syxscore Risk Alert

This vulnerability has a major risk as though it requires user interaction to be exploited, this can be exposed over any network, with a low complexity attack and no privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-21775

[vc_separator]

5. Django 2.2, 3.x, and 3.2 vulnerability

Severity: Important    CVSS Score: 7.5

In Django leading zeros in octal literals aren’t prohibited in IP addresses. Exploiting this flaw, a remote unprivileged attacker can bypass access control that is based on IP addresses and launch an SSRF, RFI, or LFI attack.

The highest threat from this vulnerability is to data integrity.

Syxscore Risk Alert

This vulnerability has a major risk as it can be exposed over any network, with a low complexity attack, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-33571

[vc_separator]

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”]
[vc_single_image image=”37252″ img_size=”full” css_animation=”fadeIn” css=”.vc_custom_1611965477970{padding-right: 20px !important;padding-left: 20px !important;}”]
||

Linux Vulnerabilities of the Week: July 26, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: July 26, 2021

See this week's top Linux issues and keep your IT environment protected from the latest July Linux vulnerabilities.

[vc_empty_space]
[vc_single_image image=”364537″ img_size=”full”]

1. Out-of-bounds write in ANGLE in Google Chrome (< 91.0.4472.101)

Severity: Important    CVSS Score: 8.8

This is a flaw in ANGLE. Exploiting this vulnerability, a remote attacker can potentially perform out-of-bounds memory access via a crafted HTML page.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

 Syxscore Risk Alert

This vulnerability has a major risk as though it requires user interaction to be exploited, this can be exposed over any network, with a low complexity attack and no privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-30547

[vc_separator]

2. An out-of-bounds memory write flaw in the Linux kernel affecting Red Hat Enterprise Linux 7 and 8

Severity: Important    CVSS Score: 7.8

This is a flaw in the Linux kernel’s joystick devices subsystem before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. A local attacker can use this flaw to crash the system or escalate their privileges on the system.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, it can be exploited with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3612

[vc_separator]

3. Incorrect comparison during range check elimination in OpenJDK

Severity: Important    CVSS Score: 7.5

This is a flaw in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). The vulnerability is difficult to exploit as attacks require human interaction from a person other than the attacker.

Using this vulnerability, an unauthenticated attacker with network access via multiple protocols can compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this requires user interaction and a complex attack to be exploited, it can be exposed over any network with no privileges.

  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-2388

[vc_separator]

4. Out-of-bounds write in the Linux kernel’s fs/seq_file.c

Severity: Important    CVSS Score: 7.0

Exploiting this flaw, a local attacker with a user privilege can escalate their privileges to root gaining access to out-of-bound memory, which can result in a system crash or a leak of internal kernel information.

The highest threat from this vulnerability is to data integrity, confidentiality, and system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device and the complexity of an attack is high, it requires low privileges and no user interaction.

  • Attack Vector: Local
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-33909

[vc_separator]

5. race condition for removal of the HCI controller in the kernel affecting Red Hat Enterprise Linux 7

Severity: Important    CVSS Score: 7.0

This is a flaw in the Linux kernel’s handling of the removal of Bluetooth HCI controllers. It allows a local attacker to exploit a race condition, leading to corrupted memory and possible privilege escalation.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device and requires a complex attack to be exploited, it needs low privileges and no user interaction.

  • Attack Vector: Local
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-32399

[vc_separator]

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”]
[vc_single_image image=”37252″ img_size=”full” css_animation=”fadeIn” css=”.vc_custom_1611965477970{padding-right: 20px !important;padding-left: 20px !important;}”]
||

Top Linux Vulnerabilities for July 2021

By NewsNo Comments

Top Linux Vulnerabilities for July 2021

Explore the top Linux vulnerabilities for July 2021 and find out the best solution for managing these threats.

[vc_empty_space]
[vc_single_image image=”341970″ img_size=”full”]

1. Apache httpd mod_session heap overflow affecting Red Hat Enterprise Linux 8

Severity: Critical         CVSS Score: 9.8

In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow. The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-26691

 

[dt_divider style=”thin” /]

 

2. The libX11 (<1.7.1) missing validation flaw affecting Red Hat Enterprise Linux 7 and 8

Severity: Critical         CVSS Score: 9.8

Exploiting this vulnerability, an attacker can inject X11 protocol commands on X clients, and potentially execute arbitrary code with permissions of the application compiled with libX11.

The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-31535

 

[dt_divider style=”thin” /]

 

3. A use-after-free in Libxml2 (< 2.9.11)

Severity: Important    CVSS Score: 8.8

There’s a flaw in libxml2. An attacker can submit a crafted file to be processed by an application linked with libxml2 to trigger a use-after-free. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although it requires user interaction, it can be exposed over any network, with a low complexity attack, and without privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3518

 

[dt_divider style=”thin” /]

 

4. Buffer overrun flaw in PostgreSQL

Severity: Important    CVSS Score: 8.8

This is a vulnerability in PostgreSQL in versions before 13.3, before 12.7, before 11.12, before 10.17, and before 9.6.22.

Due to missing bound checks during an SQL array modification process, authenticated database users can write arbitrary bytes to a wide area of server memory.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this requires some privileges, it can be exposed over any network with a low complexity attack, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-32027

 

[dt_divider style=”thin” /]

 

5. A missing length check of forwarded messages in Linux PTP

Severity: Important    CVSS Score: 8.8

This is a flaw in the PTP4l program of the Linux PTP package.

A remote attacker that can connect to the `ptp4l` service, can use a missing length check when forwarding a PTP message between ports to cause an information leak, crash, or execute remote code.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a high risk as this can be exposed over any network, with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3570

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_single_image image=”37252″ img_size=”full” css=”.vc_custom_1612806115444{padding-right: 150px !important;padding-left: 150px !important;}”]
||

Linux Vulnerabilities of the Week: July 5, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: July 5, 2021

See this week's top Linux issues and keep your IT environment protected from the latest July Linux vulnerabilities.

[vc_empty_space]
[vc_single_image image=”364537″ img_size=”full”]

1. Apache httpd mod_session heap overflow affecting Red Hat Enterprise Linux 8

Severity: Critical         CVSS Score: 9.8

In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow. The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-26691

  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-26691

[vc_separator]

2. A use-after-free in Libxml2 (< 2.9.11)

Severity: Important    CVSS Score: 8.8

There’s a flaw in libxml2. An attacker can submit a crafted file to be processed by an application linked with libxml2 to trigger a use-after-free. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although it requires user interaction, it can be exposed over any network, with a low complexity attack, and without privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3518

[vc_separator]

3. Apache Tomcat vulnerability (incomplete fix for CVE-2020-9484)

Severity: Important  CVSS Score: 7.0

This is a flaw in Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103. When using Apache Tomcat with a configuration edge case that was highly unlikely to be used, and creating a specifically crafted request, the attacker can  trigger remote code execution via deserialization of the file under their control. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a high risk as though it needs access to the same network as the device, requires some privileges, and a complex attack to be exploited, it can be exposed without user interaction.

  • Attack Vector: Local
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-25329

[vc_separator]

4. Mozilla OpenPGP secret keys flaw

Severity: Medium       CVSS Score: 4.3

OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user’s local disk. The master password protection was inactive for those keys. This vulnerability affects Thunderbird < 78.10.2. The highest threat from this vulnerability is to data confidentiality.

Syxscore Risk Alert

This vulnerability has a moderate risk as although it requires user interaction, it can be exposed over any network, with a low complexity attack, and without privileges.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-29956

[vc_separator]

5. TELNET stack contents disclosure in curl affecting Red Hat Enterprise Linux 8

Severity: Low  CVSS Score: 3.1

This is a flaw in curl. The vulnerability in the option parser for sending NEW_ENV variables libcurl can pass uninitialized data from a stack-based buffer to the server. This issue leads to potentially revealing sensitive internal information to the server using a clear-text network protocol. The highest threat from this vulnerability is to data confidentiality.

Syxscore Risk Alert

This vulnerability has a low risk as though it can be exposed over any network with no privileges, it requires a complex attack and user interaction to be exploited.

  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-22898

[vc_separator]

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”]
[vc_single_image image=”37252″ img_size=”full” css_animation=”fadeIn” css=”.vc_custom_1611965477970{padding-right: 20px !important;padding-left: 20px !important;}”]
||

Linux Vulnerabilities of the Week: June 28, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: June 28, 2021

See this week's top Linux issues and keep your IT environment protected from the latest June Linux vulnerabilities.

[vc_empty_space]
[vc_single_image image=”364537″ img_size=”full”]

1. Apache HTTP Server (2.4.0 to 2.4.46) vulnerability affecting Red Hat Enterprise Linux 8

Severity: Critical     CVSS Score: 9.8

This is a  flaw In Apache httpd mod_session. It allows a specially crafted SessionHeader sent by an origin server could cause a heap overflow.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a critical risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-26691

[vc_separator]

2. Polkit System flaw

Severity: Important    CVSS Score: 7.8

This is a flaw in polkit which leads to local privileges escalation. When a requesting process disconnects from dbus-daemon just before the call to polkit_system_bus_name_get_creds_sync starts, the process cannot get a unique uid and pid of the process and can’t verify the privileges of the requesting process.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, it has low complexity, needs low privileges, and no user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3560

[vc_separator]

3. Unlimited FV recursion in EDK II

Severity: Important    CVSS Score: 7.8

This is a flaw in EDK II. A local attacker can use an unlimited recursion in DxeCore to corrupt the system memory.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a major risk as although this needs access to the same network as the device, it can be exploited with a low complexity attack, low privileges, and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-28210

[vc_separator]

4. A NULL pointer dereference flaw in httpd affecting mod_http2 1.15.17 and Apache HTTP Server version 2.4.47

Severity: Important    CVSS Score: 7.5

A NULL pointer dereference flaw in httpd.

This is a null pointer dereference in the way httpd handles specially crafted HTTP/2 requests that allows a remote attacker to crash the httpd child process, causing temporary denial of service.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a high risk as this can be exposed over any network, with a  low complexity attack, no privileges, and without user interaction.

  • Attack Vector:             Network
  • Attack Complexity:     Low
  • Privileges Required:    None
  • User Interaction:         None
  • Scope (Jump Point):    Unchanged

CVE Reference(s): CVE-2021-31618

[vc_separator]

5. A possible heap corruption with LzmaUefiDecompressGetInfo affecting Red Hat Enterprise Linux 8

Severity: Medium       CVSS Score: 6.7

This is another flaw was in EDK II. A privileged attacker may use a possible heap corruption in the LzmaUefiDecompressGetInfo function to execute code on the system.

The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Syxscore Risk Alert

This vulnerability has a moderate risk as although this needs access to the same network as the device and requires high privileges, it can be exposed with a low complexity attack and without user interaction.

  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-28211

[vc_separator]

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”]
[vc_single_image image=”37252″ img_size=”full” css_animation=”fadeIn” css=”.vc_custom_1611965477970{padding-right: 20px !important;padding-left: 20px !important;}”]
||

Linux Vulnerabilities of the Week: June 21, 2021

By NewsNo Comments

Linux Vulnerabilities of the Week: June 21, 2021

See this week's top Linux issues and keep your IT environment protected from the latest June Linux vulnerabilities.

[vc_empty_space]
[vc_single_image image=”364537″ img_size=”full”]

1. The runc (<1.0.0-rc95) package vulnerability

Severity: Important    CVSS Score: 8.5

The runc package is vulnerable to a symlink exchange attack. To exploit the vulnerability, an attacker must create multiple containers with a fairly specific mount configuration. If an attack is successful, it can result in the host filesystem being bind-mounted into the container.

The highest threat from this vulnerability is to data confidentiality and integrity as well as to system availability.

Syxscore Risk Alert

This vulnerability has a high risk as although it can be exploited only with a complex attack, it can be exposed over any network, with low privileges, and no user interaction. Besides, this flaw allows a lateral attack to be made, due to the changed jump point.

  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: None
  • Scope (Jump Point): Changed

CVE Reference(s): CVE-2021-30465

[vc_separator]

2. ElGamal encryption flaw in Libgcrypt

Severity: Important    CVSS Score: 7.5

This is an ElGamal encryption mishandling in Libgcrypt before 1.8.8 and 1.9.x before 1.9.3, due to the lack of exponent blinding to address a side-channel attack against mpi_powm, and the inappropriate window size selection. This affects the use of ElGamal in OpenPGP.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-33560

[vc_separator]

3. A NULL pointer dereference flaw in httpd

Severity: Important    CVSS Score: 7.5

A NULL pointer dereference flaw in httpd

This is a null pointer dereference in the way httpd handles specially crafted HTTP/2 requests that allows a remote attacker to crash the httpd child process, causing temporary denial of service.

The highest threat from this vulnerability is to system availability.

Syxscore Risk Alert

This vulnerability has a major risk as this can be exposed over any network, with low complexity, no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s):  CVE-2021-31618

[vc_separator]

4. A tpm2-tools vulnerability affecting Red Hat Enterprise Linux 8

Severity: Medium       CVSS Score: 5.9

This is a flaw in tpm2-tools in versions before 5.1.1 and before 4.3.2. Tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported.

The highest threat from this vulnerability is to data confidentiality.

Syxscore Risk Alert

This vulnerability has a moderate risk as though its exploitation requires a complex attack, this can be exposed over any network,  with no privileges, and without user interaction.

  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope (Jump Point): Unchanged

CVE Reference(s): CVE-2021-3565

[vc_separator]

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”]
[vc_single_image image=”37252″ img_size=”full” css_animation=”fadeIn” css=”.vc_custom_1611965477970{padding-right: 20px !important;padding-left: 20px !important;}”]