Linode Safety Digest July 24-31, 2022


This week, we’ll quilt newly-discovered OpenJDK vulnerabilities, a heap overflow vulnerability in Redis, and an arbitrary PHP code execution in Drupal core.

OpenJDK Vulnerabilities

OpenJDK launched a safety advisory remaining week containing 4 vulnerabilities. 

CVE-2022-21541 is a troublesome to take advantage of vulnerability in hotspot/runtime part that permits unauthenticated attackers with community get right of entry to by way of more than one protocols to compromise Java, which might result in unauthorized introduction, deletion, or amendment get right of entry to to vital information or all openjdk out there information. 

CVE-2022-21540 exists in hotspot/compiler part and is an simply exploitable flaw that permits unauthenticated attackers with community get right of entry to by way of more than one protocols leading to unauthorized learn get right of entry to to a subset of openjdk out there information. This cve handiest has a low affect on confidentiality of knowledge.

CVE-2022-21549 in core-libs/java.util part may end up in unauthorized replace, insert, or delete get right of entry to to a few of openjdk out there information.

Word: All 3 vulnerabilities practice to Java deployments—in most cases in purchasers working sandboxed Java Internet Get started programs or sandboxed Java applets—that load and run untrusted code (e.g., code that comes from the web) and depend at the Java sandbox for safety. Those vulnerability may also be exploited by means of the usage of APIs within the specified Part, e.g., via a internet carrier which gives information to the APIs. 

CVE-2022-34169 is an Integer truncation factor in  Apache Xalan Java XSLT library. This can be utilized to deprave Java magnificence information generated by means of the interior XSLTC compiler and execute arbitrary Java bytecode.

Heap Overflow in Redis

Redis is regularly known as a information constructions server. What this implies is that Redis supplies get right of entry to to mutable information constructions by way of a collection of instructions, that are despatched the usage of a server-client style with TCP sockets and an easy protocol. So other processes can question and alter the similar information constructions in a shared means.

There’s a heap overflow situation that may be brought about by means of an out-of-bounds write via a  specifically crafted XAUTOCLAIM command on a circulate key in a particular state and doubtlessly result in far flung code execution. CVE-2022-31144 impacts Redis variations 7.0.0 or more recent. The issue is mounted in Redis model 7.0.4.

Drupal Core – Arbitrary PHP Code Execution Vulnerability

Drupal has launched 4 advisories that describe 4 kinds of vulnerabilities. One in all them has been rated “vital” and the opposite 3 “somewhat vital.” The “vital” vulnerability, tracked as CVE-2022-25277, impacts Drupal 9.3 and 9.4. The problem affects the Drupal core and it can result in arbitrary PHP code execution on Apache internet servers by means of importing specifically crafted information.

The rest 3 are somewhat vital in keeping with Drupal.

CVE-2022-25276 may just result in cross-site scripting, leaked cookies, or different vulnerabilities since the Media oEmbed iframe course does no longer correctly validate the iframe area surroundings, which permits embeds to be displayed within the context of the main area.

Below positive cases, the Drupal core shape API evaluates shape component get right of entry to incorrectly. CVE-2022-25278 may result in a consumer having the ability to modify information they must no longer have get right of entry to to.

CVE-2022-25275 arises in some scenarios when the Symbol module does no longer as it should be test get right of entry to to symbol information no longer saved in the usual public information listing when producing by-product photographs the usage of the picture types device.

Improve to Drupal 9.4.3 or 9.3.19 to use patches for those vulnerabilities. Word: All variations of Drupal 9 previous to 9.3.x are end-of-life and don’t obtain safety protection and Drupal 8 has reached its finish of lifestyles. Drupal 7 core isn’t affected.


Supply hyperlink


Leave a Reply

Your email address will not be published. Required fields are marked *