Linux Advisory Watch: January 28, 2022
Brittany Day
- Application 1: Debian, Debian LTS, Fedora, Mageia, openSUSE, Red Hat, Scientific Linux, Slackware, Ubuntu
- Application 2: Debian, Fedora, Mageia, openSUSE, Red Hat, Ubuntu
- Application 3: Archlinux, Debian, Debian LTS, Mageia, openSUSE, Red Hat, Scientific Linux, Ubuntu
Happy Friday fellow Linux geeks! This week, important updates have been issued for polkit, the Linux kernel and Thunderbird. Read on to learn about these vulnerabilities and how to secure your system against them.
Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.
Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!
Yours in Open Source,
polkitThe DiscoveryA local privilege escalation vulnerability (CVE-2021-4034) was found by Qualys researchers in polkit's pkexec utility. The current version of pkexec doesn't handle the calling parameters count correctly and ends up trying to execute environment variables as commands. |
Linux KernelThe DiscoverySeveral vulnerabilities have been discovered in the Linux kernel (CVE-2021-4155, CVE-2021-28711, CVE-2021-28712, CVE-2021-28713 and CVE-2022-0185). The ImpactThese issues may lead to privilege escalation attacks, denial of service (DoS), or information leakage. The FixWe recommend that you upgrade your Linux packages promptly to protect sensitive information and the security, integrity and availability of your systems. Your Related Advisories:Register to Customize Your Advisories |
ThunderbirdThe DiscoverySeveral security issues have been found in the Thunderbird mail and newsgroup client. The Impact
|
