[CERT-daily] Tageszusammenfassung - 20.10.2021

Daily end-of-shift report team at cert.at
Wed Oct 20 18:21:26 CEST 2021


=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 19-10-2021 18:00 − Mittwoch 20-10-2021 18:00
Handler:     Dimitri Robl
Co-Handler:  Wolfgang Menezes

=====================
=       News        =
=====================

∗∗∗ How a simple Linux kernel memory corruption bug can lead to complete system compromise ∗∗∗
---------------------------------------------
This blog post describes a straightforward Linux kernel locking bug and how I exploited it against Debian Busters 4.19.0-13-amd64 kernel.
---------------------------------------------
https://googleprojectzero.blogspot.com/2021/10/how-simple-linux-kernel-memory.html


∗∗∗ SuDump: Exploiting suid binaries through the kernel ∗∗∗
---------------------------------------------
We will show bugs we found in the Linux kernel that allow unprivileged users to create root-owned core files, and how we were able to use them to get an LPE through the sudo program on machines that have been configured by administrators to allow running a single innocent command.
---------------------------------------------
https://alephsecurity.com/2021/10/20/sudump/


∗∗∗ q-logger skimmer keeps Magecart attacks going ∗∗∗
---------------------------------------------
This case reminds us that web skimming attacks are ongoing even if we dont always hear about them. The post q-logger skimmer keeps Magecart attacks going appeared first on Malwarebytes Labs.
---------------------------------------------
https://blog.malwarebytes.com/threat-intelligence/2021/10/q-logger-skimmer-keeps-magecart-attacks-going/


∗∗∗ VNC Malware (TinyNuke, TightVNC) Used by Kimsuky Group ∗∗∗
---------------------------------------------
While monitoring Kimsuky-related malware, the ASEC analysis team has recently discovered that VNC malware was installed via AppleSeed remote control malware.
---------------------------------------------
https://asec.ahnlab.com/en/27346/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Oracle Critical Patch Update Advisory - October 2021 ∗∗∗
---------------------------------------------
This Critical Patch Update contains 419 new security patches across the product families listed below.
---------------------------------------------
https://www.oracle.com/security-alerts/cpuoct2021.html


∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (ffmpeg, smarty3, and strongswan), Fedora (udisks2), openSUSE (flatpak, strongswan, util-linux, and xstream), Oracle (redis:5), Red Hat (java-1.8.0-openjdk, java-11-openjdk, openvswitch2.11, redis:5, redis:6, and rh-redis5-redis), SUSE (flatpak, python-Pygments, python3, strongswan, util-linux, and xstream), and Ubuntu (linux, linux-aws, linux-aws-5.11, linux-azure, linux-azure-5.11, linux-gcp, linux-gcp-5.11, linux-hwe-5.11, linux-kvm, linux-raspi, strongswan).
---------------------------------------------
https://lwn.net/Articles/873462/


∗∗∗ Security Advisory - Out of Bounds Write Vulnerability in Some Huawei Products ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2021/huawei-sa-20211020-01-outofwrite-en


∗∗∗ Security Bulletin: IBM QRadar Advisor With Watson is vulnerable to cross site scripting ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-advisor-with-watson-is-vulnerable-to-cross-site-scripting/


∗∗∗ Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cloud-pak-for-security-uses-packages-that-are-vulnerable-to-several-cves/


∗∗∗ Security Bulletin: IBM® Db2® could allow a local user to read and write specific files due to weak file permissions (CVE-2020-4976) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-user-to-read-and-write-specific-files-due-to-weak-file-permissions-cve-2020-4976-5/


∗∗∗ Security Bulletin: IBM® Db2® is vulnerable to an information disclosure, exposing remote storage credentials to privileged users under specific conditions.(CVE-2021-29752) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-is-vulnerable-to-an-information-disclosure-exposing-remote-storage-credentials-to-privileged-users-under-specific-conditions-cve-2021-29752-3/


∗∗∗ Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (Oct. 2021 V1) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-oct-2021-v1-3/


∗∗∗ Security Bulletin: IBM® Db2® could disclose sensitive information when using ADMIN_CMD with LOAD or BACKUP. (CVE-2021-29825) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-disclose-sensitive-information-when-using-admin_cmd-with-load-or-backup-cve-2021-29825-3/


∗∗∗ Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (Oct. 2021 V2) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-oct-2021-v2/


∗∗∗ Security Bulletin: IBM® Db2® under very specific conditions, could allow a local user to keep running a procedure that could cause the system to run out of memory.and cause a denial of service. (CVE-2021-29763) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-under-very-specific-conditions-could-allow-a-local-user-to-keep-running-a-procedure-that-could-cause-the-system-to-run-out-of-memory-and-cause-a-denial-of-ser-3/


∗∗∗ Security Bulletin: IBM API Connect is impacted by a vulnerability in Drupal core (CVE-2021-32610) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impacted-by-a-vulnerability-in-drupal-core-cve-2021-32610-2/


∗∗∗ Security Bulletin: Cross-Site Scripting Vulnerability Affects the Dashboard User Interface of IBM Sterling B2B Integrator (CVE-2021-20571) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-cross-site-scripting-vulnerability-affects-the-dashboard-user-interface-of-ibm-sterling-b2b-integrator-cve-2021-20571-2/


∗∗∗ VMSA-2021-0024 ∗∗∗
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2021-0024.html


∗∗∗ Apache HTTPD vulnerability CVE-2021-36160 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K13401920


∗∗∗ AUVESY Versiondog ∗∗∗
---------------------------------------------
https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01


∗∗∗ Trane HVAC Systems Controls ∗∗∗
---------------------------------------------
https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list