Happy Friday fellow Linux geeks! This week, important updates have been issued for the Linux kernel, Samba and cryptsetup. Read on to learn about these vulnerabilities and how to secure your system against them.
Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.
Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!
Yours in Open Source,
Linux KernelThe DiscoveryA large number of critical kernel vulnerabilities have been discovered including a remote stack overflow in the net/tipc module (CVE-2022-0435) and an out of bounds read due to a missing bounds check in ufshcd_eh_device_reset_handler of ufshcd.c (CVE-2021-39657). |
SambaThe DiscoverySeveral security bugs have been found in Samba including an out-of-bounds heap write vulnerability in the VFS module vfs_fruit (CVE-2021-44142) and a flaw that enables Samba AD users with permission to write to an account to impersonate arbitrary services (CVE-2022-0336). The ImpactAn attacker could exploit these flaws to remotely execute arbitrary code as root or impersonate arbitrary services. The FixSamba has released a security update fixing these issues. We recommend that you upgrade your Samba packages promptly. Your Related Advisories:Register to Customize Your Advisories |
cryptsetupThe DiscoveryCryptsetup maintainer Milan Broz discovered a security issue in cryptsetup, the disk encryption configuration tool for Linux (CVE-2021-4122). The Impact
|
