Happy Friday fellow Linux geeks! This week, important updates have been issued for tiff, zsh and the Linux kernel. Read on to learn about these vulnerabilities and how to secure your system against them.
Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.
Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!
Yours in Open Source,
tiffThe DiscoveryEight important security vulnerabilities have been discovered in tiff (CVE-2017-17095, CVE-2019-17546, CVE-2020-19131, CVE-2020-35521, CVE-2020-35522, CVE-2020-35523, CVE-2020-35524 and CVE-2022-22844). |
zshThe DiscoveryIt was discovered that zsh, a powerful shell and scripting language, did not prevent recursive prompt expansion (CVE-2021-45444). The ImpactThis bug could allow an attacker to execute arbitrary commands into a user's shell, for instance by tricking a vcs_info user into checking out a git branch with a specially crafted name. The FixA zsh security update mitigates this flaw. We recommend that you upgrade your zsh packages promptly to prevent potential attacks and compromise. Your Related Advisories:Register to Customize Your Advisories |
Linux KernelThe DiscoverySeveral security issues have been found in the Linux kernel including a double-free vulnerability in the Packet network protocol implementation (CVE-2021-22600), a race condition in the Unix domain socket implementation (CVE-2021-4083) and a race condition in the the NFC Controller Interface (NCI) implementation, leading to a use-after-free vulnerability (CVE-2021-4202). The Impact
|
