Sveriges mest populära poddar

Ubuntu Security Podcast

Episode 123

9 min • 9 juli 2021

Overview

Is npm audit more harm than good? Plus this week we look at security updates for DjVuLibre, libuv, PHP and more.

This week in Ubuntu Security Updates

8 unique CVEs addressed

[USN-4905-2] X.Org X Server vulnerability [00:42]

  • 1 CVEs addressed in Trusty ESM (14.04 ESM)
  • Episode 112 - Local user (X client) could crash the server via Xinput extension and ChangeFeedbackControl request - integer underflow -> heap buffer overflow

[USN-5005-1] DjVuLibre vulnerability [01:26]

  • 1 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS)
  • OOB write via crafted djvu file -> crash -> DoS, RCE

[USN-5007-1] libuv vulnerability [01:53]

  • 1 CVEs addressed in Focal (20.04 LTS), Groovy (20.10), Hirsute (21.04)
  • Async event handling library - used by nodejs and others - supports async handling TCP/UDP sockets, DNS resolution, file system operations etc
  • OOB read when converting strings to ASCII -> can be triggered via calls to uv_getaddrinfo() which are done by clients who handle TCP/UDP sockets async (ie nodejs, Julia,, BIND etc)

[USN-5006-1] PHP vulnerabilities [03:04]

  • 5 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10), Hirsute (21.04)
  • UAF in PHAR archive handling - generally these are trusted so low impact
  • mishandling of URLs with embedded passwords - unspecified impact but could misparse the URL and cause unwanted behaviour
  • Mishandling of XML when processing SOAP server responses -> NULL ptr deref (so malicious server could trigger a crash) -> DoS
  • Ability to bypass Sever Side Request Forgery (SSRF) protections in FILTER_VALIDATE_URL

Goings on in Ubuntu Security Community

npm audit broken by design? [04:13]

Ubuntu Security Podcast on break for next 2 weeks [07:56]

Get in contact

Kategorier
Förekommer på
00:00 -00:00