This week, important updates have been issued for the Linux Kernel, Thunderbird and Firefox.
We recommend that you visit our Advisories page frequently to see the latest security advisories that have been issued by your Linux distro(s). We also now offer the ability to personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select.
On behalf of the LinuxSecurity.com administrative team, I would like to extend a warm welcome to our newly redesigned site!
Yours in Open Source,
Linux Kernel The Discovery
An 11-year-old flaw in the Linux copy-on-write (COW) implementation (CVE-2016-5195) is now far more exploitable due to changes to the Linux kernel design, and is being actively exploited by malicious hackers.
This vulnerability can be exploited to carry out privilege escalation attacks and hijack vulnerable systems.
Many vendors have released patches for their respective versions of Linux. Users should apply the patches released by their distro(s) immediately. Unfortunately, the vulnerable kernel is likely to remain on Linux-powered devices such as routers, Internet of Things (IoT) devices and other embedded devices.
The TuxCare team is constantly testing and fixing bugs like DirtyCOW, Heartbleed and, just as importantly, the ever-growing list of unbranded and name-less Linux Kernel CVEs that pop up daily. They are aware that fighting vulnerabilities often seem like an uphill battle for IT teams, and the goal of their unified Enterprise Linux support services is to reduce complexity and eliminate hurdles in getting good patches to the right systems, on time, automatically and with full reporting and audit capabilities.
Through its Live Patching services, TuxCare provides drop-in replacements for in-memory and in-use code, replacing vulnerable code with the correct version and ensuring systems are secure without the need for disruptive reboots or service restarts.
Multiple remotely-exploitable security issues (CVE-2021-29969, CVE-2021-29970, CVE-2021-29976 and CVE-2021-30547) have been discovered in the popular open-source Thunderbird email application.
These vulnerabilities could be exploited by a remote man-in-the-middle attacker to spoof content by injecting server responses into an IMAP connection that is using STARTTLS. A remote attacker could also execute arbitrary code in a browsing context using a crafted web page.
Users should upgrade their thunderbird packages to 78.12.0-1 immediately to fix these issues.
Three important, remotely-exploitable security issues - a use-after-free in accessibility features of a document (CVE-2021-29970), an out of bounds write in ANGLE (CVE-2021-30547) and multiple memory safety bugs (CVE-2021-29976) - have been discovered in the widely used Mozilla Firefox web browser.
These vulnerabilities could result in arbitrary code execution, insufficient validation and content spoofing.
Users should update to Firefox Extended Support Release 78.12.0 ESR to fix these issues.