Rewterz Threat Advisory – Multiple Apache Log4j Vulnerabilities

January 19, 2022

Rewterz Threat Advisory – Windows emergency out-of-band (OOB) updates for Win Server

January 19, 2022

Rewterz Threat Advisory – CVE-2022-0185 – Linux Kernel Vulnerability

January 19, 2022

Severity

High

Analysis Summary

CVE-2022-0185

Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a heap-based buffer overflow in the legacy_parse_param function in fs_context.c. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges as root to execute arbitrary code on the system.

Impact

Privilege Escalation

Affected Vendors

Linux

Affected Products

Linux Kernel 5.1
Linux Kernel 5.2
Linux Kernel 5.3
Linux Kernel 5.4

Remediation

Refer to Linux Kernel Advisory for patch, upgrade, or suggested workaround information.

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de29310e8aa03fcbdb41fc92c521756

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Python RAT Uses Discord Interface to Execute Remote Attacks

Critical Alert: Jordanian Banks Under Siege by Everest Ransomware Group

The SocGholish-RansomHub Connection – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – Multiple Apache Log4j Vulnerabilities

Rewterz Threat Advisory – Windows emergency out-of-band (OOB) updates for Win Server

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.