Ubuntu Security Podcast artwork

Episode 123

Ubuntu Security Podcast

English - July 09, 2021 04:18 - 8 minutes - 6.88 MB - ★★★★★ - 10 ratings
Technology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Episode 122
Next Episode: Episode 124

Is npm audit more harm than good? Plus this week we look at security
updates for DjVuLibre, libuv, PHP and more.

Overview

Is npm audit more harm than good? Plus this week we look at security
updates for DjVuLibre, libuv, PHP and more.


This week in Ubuntu Security Updates

8 unique CVEs addressed


[USN-4905-2] X.Org X Server vulnerability [00:42]

1 CVEs addressed in Trusty ESM (14.04 ESM)

CVE-2021-3472

Episode 112 - Local user (X client) could crash the server via Xinput
extension and ChangeFeedbackControl request - integer underflow -> heap
buffer overflow

[USN-5005-1] DjVuLibre vulnerability [01:26]

1 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS)

CVE-2021-3630

OOB write via crafted djvu file -> crash -> DoS, RCE

[USN-5007-1] libuv vulnerability [01:53]

1 CVEs addressed in Focal (20.04 LTS), Groovy (20.10), Hirsute (21.04)

CVE-2021-22918

Async event handling library - used by nodejs and others - supports async
handling TCP/UDP sockets, DNS resolution, file system operations etc
OOB read when converting strings to ASCII -> can be triggered via calls
to uv_getaddrinfo() which are done by clients who handle TCP/UDP sockets
async (ie nodejs, Julia,, BIND etc)

[USN-5006-1] PHP vulnerabilities [03:04]

5 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10), Hirsute (21.04)

CVE-2021-21705
CVE-2021-21704
CVE-2021-21702
CVE-2020-7071
CVE-2020-7068

UAF in PHAR archive handling - generally these are trusted so low impact
mishandling of URLs with embedded passwords - unspecified impact but
could misparse the URL and cause unwanted behaviour
Mishandling of XML when processing SOAP server responses -> NULL ptr
deref (so malicious server could trigger a crash) -> DoS
Ability to bypass Sever Side Request Forgery (SSRF) protections in
FILTER_VALIDATE_URL

Goings on in Ubuntu Security Community
npm audit broken by design? [04:13]

https://overreacted.io/npm-audit-broken-by-design/

Ubuntu Security Podcast on break for next 2 weeks [07:56]
Get in contact

[email protected]
#ubuntu-security on the Libera.Chat IRC network
ubuntu-hardened mailing list
Security section on discourse.ubuntu.com
@ubuntu_sec on twitter

Twitter Mentions