===================== = End-of-Day report = =====================

Timeframe: Dienstag 19-10-2021 18:00 − Mittwoch 20-10-2021 18:00 Handler: Dimitri Robl Co-Handler: Wolfgang Menezes

===================== = News = =====================

∗∗∗ How a simple Linux kernel memory corruption bug can lead to complete system compromise ∗∗∗ --------------------------------------------- This blog post describes a straightforward Linux kernel locking bug and how I exploited it against Debian Busters 4.19.0-13-amd64 kernel. --------------------------------------------- https://googleprojectzero.blogspot.com/2021/10/how-simple-linux-kernel-memor...

∗∗∗ SuDump: Exploiting suid binaries through the kernel ∗∗∗ --------------------------------------------- We will show bugs we found in the Linux kernel that allow unprivileged users to create root-owned core files, and how we were able to use them to get an LPE through the sudo program on machines that have been configured by administrators to allow running a single innocent command. --------------------------------------------- https://alephsecurity.com/2021/10/20/sudump/

∗∗∗ q-logger skimmer keeps Magecart attacks going ∗∗∗ --------------------------------------------- This case reminds us that web skimming attacks are ongoing even if we dont always hear about them. The post q-logger skimmer keeps Magecart attacks going appeared first on Malwarebytes Labs. --------------------------------------------- https://blog.malwarebytes.com/threat-intelligence/2021/10/q-logger-skimmer-k...

∗∗∗ VNC Malware (TinyNuke, TightVNC) Used by Kimsuky Group ∗∗∗ --------------------------------------------- While monitoring Kimsuky-related malware, the ASEC analysis team has recently discovered that VNC malware was installed via AppleSeed remote control malware. --------------------------------------------- https://asec.ahnlab.com/en/27346/

===================== = Vulnerabilities = =====================

∗∗∗ Oracle Critical Patch Update Advisory - October 2021 ∗∗∗ --------------------------------------------- This Critical Patch Update contains 419 new security patches across the product families listed below. --------------------------------------------- https://www.oracle.com/security-alerts/cpuoct2021.html

∗∗∗ Security updates for Wednesday ∗∗∗ --------------------------------------------- Security updates have been issued by Debian (ffmpeg, smarty3, and strongswan), Fedora (udisks2), openSUSE (flatpak, strongswan, util-linux, and xstream), Oracle (redis:5), Red Hat (java-1.8.0-openjdk, java-11-openjdk, openvswitch2.11, redis:5, redis:6, and rh-redis5-redis), SUSE (flatpak, python-Pygments, python3, strongswan, util-linux, and xstream), and Ubuntu (linux, linux-aws, linux-aws-5.11, linux-azure, linux-azure-5.11, linux-gcp, linux-gcp-5.11, linux-hwe-5.11, linux-kvm, linux-raspi, strongswan). --------------------------------------------- https://lwn.net/Articles/873462/

∗∗∗ Security Advisory - Out of Bounds Write Vulnerability in Some Huawei Products ∗∗∗ --------------------------------------------- http://www.huawei.com/en/psirt/security-advisories/2021/huawei-sa-20211020-0...

∗∗∗ Security Bulletin: IBM QRadar Advisor With Watson is vulnerable to cross site scripting ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-advisor-with-wa...

∗∗∗ Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-cloud-pak-for-security-use...

∗∗∗ Security Bulletin: IBM® Db2® could allow a local user to read and write specific files due to weak file permissions (CVE-2020-4976) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-loca...

∗∗∗ Security Bulletin: IBM® Db2® is vulnerable to an information disclosure, exposing remote storage credentials to privileged users under specific conditions.(CVE-2021-29752) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-is-vulnerable-to-a...

∗∗∗ Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (Oct. 2021 V1) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-a...

∗∗∗ Security Bulletin: IBM® Db2® could disclose sensitive information when using ADMIN_CMD with LOAD or BACKUP. (CVE-2021-29825) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-disclose-sen...

∗∗∗ Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (Oct. 2021 V2) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-a...

∗∗∗ Security Bulletin: IBM® Db2® under very specific conditions, could allow a local user to keep running a procedure that could cause the system to run out of memory.and cause a denial of service. (CVE-2021-29763) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-under-very-specifi...

∗∗∗ Security Bulletin: IBM API Connect is impacted by a vulnerability in Drupal core (CVE-2021-32610) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impacte...

∗∗∗ Security Bulletin: Cross-Site Scripting Vulnerability Affects the Dashboard User Interface of IBM Sterling B2B Integrator (CVE-2021-20571) ∗∗∗ --------------------------------------------- https://www.ibm.com/blogs/psirt/security-bulletin-cross-site-scripting-vulne...

∗∗∗ VMSA-2021-0024 ∗∗∗ --------------------------------------------- https://www.vmware.com/security/advisories/VMSA-2021-0024.html

∗∗∗ Apache HTTPD vulnerability CVE-2021-36160 ∗∗∗ --------------------------------------------- https://support.f5.com/csp/article/K13401920

∗∗∗ AUVESY Versiondog ∗∗∗ --------------------------------------------- https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01

∗∗∗ Trane HVAC Systems Controls ∗∗∗ --------------------------------------------- https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02