Thank you for reading the LinuxSecurity Linux Advisory Watch newsletter! 

Today’s newsletter is sponsored by Uptycs. To close security observibility gaps across your cloud attack surface, check out the Uptycs Security Analytics Platform.

This week, important updates have been issued for the Linux kernel, systemd and OpenJDK.

We recommend that you visit our Advisories page frequently to see the latest security advisories that have been issued by your Linux distro(s). We also now offer the ability to personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select. 

On behalf of the LinuxSecurity.com administrative team, I would like to extend a warm welcome to our newly redesigned site!

Yours in Open Source,

Brittany Signature 150

Linux Kernel 
The Discovery LinuxKernel

A size_t-to-int type conversion vulnerability dubbed Sequoia (CVE-2021-33909) has been discovered in the Linux kernel’s filesystem. Sequoia can be used against most Linux distributions in their default configurations.

The Impact

This dangerous flaw can be exploited by any unprivileged user to gain root privileges, corrupt data, crash a hijacked system, or execute unauthorized code.

The Fix

A patch has been released for Sequoia in the Linux kernel 5.13.4 release. This fix is also now available in most Linux distributions.

Register to Customize Your Advisories

systemd
The Discovery Systemd

Two security issues have been discovered in the systemd system and service manager. It was discovered that systemd incorrectly handled certain mount paths (CVE-2021-33910), as well as DHCP FORCERENEW packets (CVE-2020-13529).

The Impact

CVE-2020-13529 could allow a remote attacker to reconfigure vulnerable servers, while CVE-2021-33910 could be exploited by a local attacker to cause systemd to crash, resulting in a denial of service (DoS).

The Fix

Many distros have released updates mitigating these problems. Users who are impacted by these flaws should update their systems immediately.

Register to Customize Your Advisories

OpenJDK
The DiscoveryOpenjdk

Multiple remotely-exploitable security issues (CVE-2021-2341, CVE-2021-2369 and CVE-2021-2388) have been discovered in the jdk11-openjdk OpenJDK package.

The Impact

These vulnerabilities could allow a malicious Java application to bypass security restrictions to compromise OpenJDK and run arbitrary code or disclose sensitive information.

The Fix

These problems have been fixed upstream in OpenJDK version 11.0.12.u7. Users should upgrade to 11.0.12.u7-1 immediately.

# pacman -Syu "jdk11-openjdk>=11.0.12.u7-1"

Register to Customize Your Advisories