Rewterz Threat Advisory – CVE-2021-3847 – Linux Kernel Vulnerability

Rewterz Threat Advisory – CVE-2021-42340 – Apache Tomcat Vulnerability

October 15, 2021

Rewterz Threat Alert – LokiBot Malware – Active IOCs

October 18, 2021

Rewterz Threat Advisory – CVE-2021-3847 – Linux Kernel Vulnerability

Severity

High

Analysis Summary

CVE-2021-3847

Linux Kernel could allow a locally authenticated attacker to gain elevated privileges on the system, caused by a flaw in the OverlayFS. By sending a specially-crafted request using the copy_up function, an authenticated attacker could exploit this vulnerability to gain elevated privileges as root.

Impact

Privilege Escalation

Affected Vendors

Linux

Affected Products

Linux Kernel

Remediation

Upgrade to the latest version of Linux Kernel, available from the Linux Kernel Web site.

https://www.kernel.org/

Rewterz Threat Advisory – CVE-2021-42340 – Apache Tomcat Vulnerability

Rewterz Threat Alert – LokiBot Malware – Active IOCs

Rewterz Threat Advisory – CVE-2021-3847 – Linux Kernel Vulnerability

Severity

Analysis Summary

CVE-2021-3847

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan