Rewterz Threat Alert – TraderTraitor APT – Targeting Blockchain Companies – Active IOCs

April 28, 2022

Rewterz Threat Advisory – Multiple Apache Vulnerabilities

April 28, 2022

Rewterz Threat Advisory – Multiple Linux Kernel Vulnerabilities

April 28, 2022

Severity

High

Analysis Summary

CVE-2022-29800, CVSS: 7

Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a TOCTOU race condition flaw in the networkd-dispatcher daemon in the systed component. By sending a specially-crafted request using a rogue D-Bus service, an authenticated attacker could exploit this vulnerability to execute arbitrary code with root privileges.

CVE-2022-29799, CVSS: 7.8

Linux Kernel could allow a local authenticated attacker to traverse directories on the system, caused by not sanitize the OperationalState or the AdministrativeState in the networkd-dispatcher daemon in the systemd component. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to write arbitrary files on the system.

Impact

Privilege Escalation
File Encryption
Obtain Information

Indicators Of Compromise

CVE

CVE-2022-29800
CVE-2022-29799

Affected Vendors

Linux

Affected Products

Linux Kernel

Remediation

Refer to Linux Kernel GIT Repository for the patch, upgrade, or suggested workaround information.

CVE-2022-29800

CVE-2022-29799

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CVE-2025-6554 – Google Chrome Vulnerability

Multiple D-Link Products Vulnerabilities

Multiple GitLab Products Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – TraderTraitor APT – Targeting Blockchain Companies – Active IOCs

Rewterz Threat Advisory – Multiple Apache Vulnerabilities