Newsletters: Linux Advisory Watch: October 8, 2021

Advisories

Linux Advisory Watch: October 8, 2021

Happy Friday fellow Linux geeks! This week, important updates have been issued for QEMU, apache2 and the Linux kernel. Read on to learn about these vulnerabilities and how to secure your system against them. 

Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.

Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!

Yours in Open Source,

Brittany Day Signature

Today’s newsletter sponsor, AlmaLinux, shows how you can get enterprise Linux for free. 


QEMU

The Discovery 

Multiple security issues (CVE-2021-3544, CVE-2021-3545, CVE-2021-3546 and CVE-2021-3638) were discovered in the QEMU fast processor emulator.
ghostscript

The Impact

Exploitation of these vulnerabilities could result in denial of service (DoS) or the execution of arbitrary code.

The Fix

QEMU has released mitigations for these flaws. We recommend that you upgrade your QEMU packages immediately to prevent attacks.

Your Related Advisories:

Register to Customize Your Advisories

apache2

The Discovery 

firefox

Several vulnerabilities were found in the Apache HTTP server. It was discovered that malformed requests may cause the server to dereference a NULL pointer (CVE-2021-34798), ap_escape_quotes() may write beyond the end of a buffer when given malicious input (CVE-2021-39275) and a crafted request uri-path can cause mod_proxy to forward the request to an origin server chosen by the remote user.

The Impact

These flaws could enable an attacker to send proxied requests to arbitrary servers, corrupt memory in some setups involving third-party modules, and cause the server to crash.

The Fix

Apache has released fixes for these issues. Upgrade your apache2 packages as soon as possible to protect the security, integrity and availability of your system.

Your Related Advisories:

Register to Customize Your Advisories

Linux Kernel 

The Discovery

libsndfile

Multiple important Linux kernel security issues have been identified and fixed in the 5.14.9 stable kernel update.

The Impact

Exploitation of these flaws could result in privilege escalation, denial of service (DoS), or information leakage.

The Fix

Update to 5.14.9 promptly to protect sensitive information and prevent attacks. This update also contains additional hardware support and various new features.

Your Related Advisories:

Register to Customize Your Advisories

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.