A flaw was found in the Linux kernels implementation of audit rules where a syscall can unexpectedly not be correctly not be logged by the audit subsystem — CVE-2020-35501

Zusammenfassung

Sicherheitshinweis CVE-2020-35501. A flaw was found in the Linux kernels implementation of audit rules where a syscall can unexpectedly not be correctly not be logged by the… Hersteller: Microsoft. Quelle: MSRC. Risiko: low. CVSS 3.4.…

Was tun?

Allgemeine, vorsichtige Schritte (bitte prüfe die offizielle Quelle für Details):

• Prüfe Exponierung und plane Maßnahmen nach Risiko und Umfeld.
• Identifiziere betroffene Produktversionen und prüfe, ob du betroffen bist.
• Spiele Hersteller-Updates/Patches ein oder setze empfohlene Mitigations um.
• Lies das offizielle Advisory für betroffene Versionen und konkrete Schritte.

Offizielles Advisory

Zur offiziellen Quelle

Mehr dazu

• A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying everything else a client sends to the server, potentially leading the client to terminate the NBD session. The highest threat from this vulnerability is to system availability. CVE-2021-3716
• An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose and an attacker has silently modified the server to support the None authentication option then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass since nothing is being bypassed. CVE-2021-36368
• Media Foundation Information Disclosure Vulnerability CVE-2022-21977
• Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability CVE-2022-24465
• A flaw in grub2 was found where its configuration file known as grub.cfg is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue as those users can eventually read any encrypted passwords present in grub.cfg. This flaw affects grub2 2.06 and previous versions. This issue has been fixed in grub upstream but no version with the fix is currently released. CVE-2021-3981
• .A flaw was found in the CAN BCM networking protocol in the Linux kernel where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. CVE-2021-3609
• .NET and Visual Studio Denial of Service Vulnerability CVE-2022-24464
• .NET and Visual Studio Remote Code Execution Vulnerability CVE-2022-24512
• <vuln:Note Title="Mariner" Type="Tag" Ordinal="20">Mariner CVE-2021-20321
• <vuln:Note Title="Mariner" Type="Tag" Ordinal="20">Mariner CVE-2021-20320
• <vuln:Note Title="Mariner" Type="Tag" Ordinal="20">Mariner CVE-2021-3607
• <vuln:Note Title="Mariner" Type="Tag" Ordinal="20">Mariner CVE-2021-3608