Linux Advisory Watch: March 4, 2022

Advisories

Linux Advisory Watch: March 4, 2022

Happy Friday fellow Linux geeks! This week, important updates have been issued for the Linux kernel, Expat and PHP. Read on to learn about these vulnerabilities and how to secure your system against them. 

Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.

Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!

Yours in Open Source,

Brittany Signature 150

Linux Kernel

The Discovery 

Several security issues have been found in the Linux kernel, the most critical being a remotely exploitable stack-based buffer overflow in the Transparent Inter-Process Communication (TIPC) protocol implementation in the kernel.

LinuxKernel

The Impact

Exploitation of these Linux kernel vulnerabilities could result in denial of service (DoS), privilege escalation attacks and the exposure of sensitive information (kernel memory).

The Fix

These flaws have been fixed in the Linux kernel. Patch now to protect the security integrity, and availability of your systems.

Your Related Advisories:

Register to Customize Your Advisories

Expat

The Discovery 

Multiple vulnerabilities have been discovered in Expat, an XML parsing C library (CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314 and CVE-2022-25315).
Expat

The Impact

These issues could lead to denial of service (DoS) or potentially the execution of arbitrary code, if a malformed XML file is processed.

The Fix

An Expat security update fixes these vulnerabilities. We recommend updating as soon as possible to mitigate your risk.

Your Related Advisories:

Register to Customize Your Advisories

PHP

The Discovery

Several PHP security issues have been discovered. It was found that PHP incorrectly handled certain scripts and certain inputs (CVE-2015-9253, CVE-2017-8923, CVE-2017-9118, CVE-2017-9119, CVE-2017-9120 and CVE-2021-21707).

The ImpactPHP

Exploitation of these bugs could result in denial of service (DoS) or information leakage.

The Fix

These issues have now been fixed in PHP. Update as soon as possible to protect sensitive information and prevent attacks.

Your Related Advisories:

Register to Customize Your Advisories

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.