Check the status of CVEs. Learn More.
Keeping your systems up 100% of the time requires live patching. Our solutions will align strongly with your risk, compliance, and operational uptime requirements.
TuxCare is trusted by the most innovative companies across the globe.
Learn about TuxCare's modern approach to reducing cybersecurity risk with Blogs, White Papers, and more.
Continually increasing Cybersecurity, stability, and availability of Linux servers and open source software since 2009.
TuxCare provides live security patching for numerous industries. Learn how TuxCare is minimizing risk for companies around the world.
2x a month. No spam.
November 2, 2021 - TuxCare PR Team
Welcome to the next installment of our monthly news round-up, brought to you by TuxCare. We have developed live patching solutions that minimise maintenance workload and disruption while at the same time maximising security and uptime for your systems.
In this latest monthly overview, we’ll start as usual with a round-up of the latest CVEs patched by the TuxCare Team. We’ll also bring you the latest valuable tips and advice and some exciting videos created by the TuxCare Team.
Content:
1. CVEs Disclosed in October 2. Enterprise Linux Security Video Podcasts 3. The latest CentOS 8 End Of Life News 4. TuxCare Blog: Editor’s Pick
October saw the disclosure of a series of vulnerabilities that affect Ubuntu 20.04 Hardware Enablement Stacks (HWE) and Amazon Web Services (AWS).
The first, designated CVE-2020-3702, affects the Atheros Ath9k Wi-Fi driver within the Kernel. A potential race condition between concurrent threads could cause unexpected and attacker exploitable behaviour. Principally affecting Snapdragon-based wireless adapters, the vulnerability could allow a system attack using the wireless connection as an ingress vector.
The next, designated CVE-2021-3732, affects file access controls allowing unprivileged access to protected data.
The next, designated CVE-2021-3739, affects the BTRFS code within the Kernel, where a hijacked process running with CAP_SYS_ADMIN privileges can be used to launch a denial of service.
The next, designated CVE-2021-3743, was found in the implementation of the Qualcomm IPC Router protocol. Unvalidated metadata can be exploited to access sensitive information, disrupt processing, or launch a denial of service.
The next, designated CVE-2021-3753, affects the virtual terminal (VT) device used for local access to a system through the console. A race condition can be exploited to cause an out-of-bounds read error that can be leveraged for unauthorised information disclosure.
The next, designated CVE-2021-38166, affects the BPF subsystem of the Kernel. An attacker with CAP_SYS_ADMIN privileges can cause an integer overflow to produce an out-of-bounds write in the HashTab code. This vulnerability can be leveraged to initiate arbitrary code execution, disrupt processing, or launch a denial of service. This kernel code has been the subject of other recent vulnerabilities that have been previously mentioned extensively.
The next, designated CVE-2021-40490, affects the EXT4 codebase and is another exploitable race condition that can be leveraged to launch a denial of service. There is a known path towards privilege escalation for this vulnerability in this widely deployed code, so its potential significance is considered very high.
The final vulnerability, designated CVE-2021-42008, was found in the “decode_data” function of the “hamradio” networking driver. An attacker with CAP_SYS_ADMIN privileges can use this to cause an out-of-bounds write. This vulnerability can be remotely leveraged to obtain root access or launch a denial of service.
The TuxCare team’s Enterprise Linux Security podcast continues to offer in-depth topical explanations for the latest hot topics and foundational concepts. Co-hosted by Learn Linux TV’s Jay LaCroix and TuxCare’s very own Joao Correia, the next two episodes are now available to view.
You can watch the fifth episode that discusses how attackers think and operate here: Enterprise Linux Security Episode 05 – The “Attacker” Mindset – YouTube
Also available is the sixth episode that discusses deployment images here: Enterprise Linux Security Episode 06 – Image Defaults – YouTube
These video podcasts discussing Linux security issues are essential viewing for anyone involved in managing Linux-based enterprise systems.
In September, we announced the launch of our Extended Lifecycle Support for CentOS 8, following the sudden announcement of its end of life. It’s now only sixty days until CentOS 8’s end of life, with the end coming in that period between Christmas and New Year when no one wants to be managing a major OS migration. If you’re still undecided about how to proceed at this very late stage, check out this video by Jay from the LearnLinuxTV for the complete list of options. Don’t forget that our support package includes our live patching service for critical system components and 24/7 support.
Learn About Live Patching with TuxCare
Look, everyone knows that it’s a tough act. Thousands of...
The public sector, including state and federal agencies, are at...
If your organization deploys IoT solutions, you know that development...
We continue to look at the code issues that cause...
Catastrophic risks such as natural disasters and indeed cyberattacks require...
In a symphony orchestra, instruments harmonize to create one pleasing...