End-of-Day report
Timeframe: Dienstag 19-10-2021 18:00 - Mittwoch 20-10-2021 18:00
Handler: Dimitri Robl
Co-Handler: Wolfgang Menezes
News
How a simple Linux kernel memory corruption bug can lead to complete system compromise
This blog post describes a straightforward Linux kernel locking bug and how I exploited it against Debian Busters 4.19.0-13-amd64 kernel.
https://googleprojectzero.blogspot.com/2021/10/how-simple-linux-kernel-memory.html
SuDump: Exploiting suid binaries through the kernel
We will show bugs we found in the Linux kernel that allow unprivileged users to create root-owned core files, and how we were able to use them to get an LPE through the sudo program on machines that have been configured by administrators to allow running a single innocent command.
https://alephsecurity.com/2021/10/20/sudump/
q-logger skimmer keeps Magecart attacks going
This case reminds us that web skimming attacks are ongoing even if we dont always hear about them. The post q-logger skimmer keeps Magecart attacks going appeared first on Malwarebytes Labs.
https://blog.malwarebytes.com/threat-intelligence/2021/10/q-logger-skimmer-keeps-magecart-attacks-going/
VNC Malware (TinyNuke, TightVNC) Used by Kimsuky Group
While monitoring Kimsuky-related malware, the ASEC analysis team has recently discovered that VNC malware was installed via AppleSeed remote control malware.
https://asec.ahnlab.com/en/27346/
Vulnerabilities
Oracle Critical Patch Update Advisory - October 2021
This Critical Patch Update contains 419 new security patches across the product families listed below.
https://www.oracle.com/security-alerts/cpuoct2021.html
Security updates for Wednesday
Security updates have been issued by Debian (ffmpeg, smarty3, and strongswan), Fedora (udisks2), openSUSE (flatpak, strongswan, util-linux, and xstream), Oracle (redis:5), Red Hat (java-1.8.0-openjdk, java-11-openjdk, openvswitch2.11, redis:5, redis:6, and rh-redis5-redis), SUSE (flatpak, python-Pygments, python3, strongswan, util-linux, and xstream), and Ubuntu (linux, linux-aws, linux-aws-5.11, linux-azure, linux-azure-5.11, linux-gcp, linux-gcp-5.11, linux-hwe-5.11, linux-kvm, linux-raspi, strongswan).
https://lwn.net/Articles/873462/
Security Advisory - Out of Bounds Write Vulnerability in Some Huawei Products
http://www.huawei.com/en/psirt/security-advisories/2021/huawei-sa-20211020-01-outofwrite-en
Security Bulletin: IBM QRadar Advisor With Watson is vulnerable to cross site scripting
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-advisor-with-watson-is-vulnerable-to-cross-site-scripting/
Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs
https://www.ibm.com/blogs/psirt/security-bulletin-cloud-pak-for-security-uses-packages-that-are-vulnerable-to-several-cves/
Security Bulletin: IBM® Db2® could allow a local user to read and write specific files due to weak file permissions (CVE-2020-4976)
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-allow-a-local-user-to-read-and-write-specific-files-due-to-weak-file-permissions-cve-2020-4976-5/
Security Bulletin: IBM® Db2® is vulnerable to an information disclosure, exposing remote storage credentials to privileged users under specific conditions.(CVE-2021-29752)
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-is-vulnerable-to-an-information-disclosure-exposing-remote-storage-credentials-to-privileged-users-under-specific-conditions-cve-2021-29752-3/
Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (Oct. 2021 V1)
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-oct-2021-v1-3/
Security Bulletin: IBM® Db2® could disclose sensitive information when using ADMIN_CMD with LOAD or BACKUP. (CVE-2021-29825)
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-could-disclose-sensitive-information-when-using-admin_cmd-with-load-or-backup-cve-2021-29825-3/
Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (Oct. 2021 V2)
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-oct-2021-v2/
Security Bulletin: IBM® Db2® under very specific conditions, could allow a local user to keep running a procedure that could cause the system to run out of memory.and cause a denial of service. (CVE-2021-29763)
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-db2-under-very-specific-conditions-could-allow-a-local-user-to-keep-running-a-procedure-that-could-cause-the-system-to-run-out-of-memory-and-cause-a-denial-of-ser-3/
Security Bulletin: IBM API Connect is impacted by a vulnerability in Drupal core (CVE-2021-32610)
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impacted-by-a-vulnerability-in-drupal-core-cve-2021-32610-2/
Security Bulletin: Cross-Site Scripting Vulnerability Affects the Dashboard User Interface of IBM Sterling B2B Integrator (CVE-2021-20571)
https://www.ibm.com/blogs/psirt/security-bulletin-cross-site-scripting-vulnerability-affects-the-dashboard-user-interface-of-ibm-sterling-b2b-integrator-cve-2021-20571-2/
VMSA-2021-0024
https://www.vmware.com/security/advisories/VMSA-2021-0024.html
Apache HTTPD vulnerability CVE-2021-36160
https://support.f5.com/csp/article/K13401920
AUVESY Versiondog
https://us-cert.cisa.gov/ics/advisories/icsa-21-292-01
Trane HVAC Systems Controls
https://us-cert.cisa.gov/ics/advisories/icsa-21-292-02