The U.S. Cybersecurity and Infrastructure Security Agency (CISA)\u00a0added<\/a> SonicWall SonicOS, ImageMagick\u00a0and Linux Kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog<\/a>.
Below are the descriptions for these vulnerabilities:
CVE-2016-3714<\/a> flaw (aka ImageTragick), in the popular image manipulation software ImageMagick<\/a> could allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka “ImageTragick.” Attackers can exploit the flaw to take over\u00a0websites running the widely used image-enhancing app. The vulnerability in ImageMagick App allows attackers to run arbitrary code on the targeted web servers that rely on the app for resizing or cropping user-uploaded images.
CVE-2017-1000253<\/a> flaw was discovered by researchers with Qualys Research Labs and affects all Linux distributions that have not fixed their kernels after a commit\u00a0released<\/a>\u00a0on April 14, 2015. Attackers can exploit the vulnerability to escalate privileges. The issue resides in the way the kernel loads ELF executables and is triggered by applications that have been built as Position Independent Executables (PIEs). <\/p>\n\n\n\n
\u201cA flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application\u2019s data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption.\u201d reads the\u00a0advisory<\/a><\/strong>\u00a0published on RedHat. \u201cAn unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system.\u201d<\/em><\/p>\n\n\n\n
Experts also recommend private organizations review the Catalog<\/a> and address the vulnerabilities in their infrastructure.<\/p>\n\n\n\n
CISA orders federal agencies to fix this vulnerability by\u00a0September 30, 2024.<\/p>\n\n\n\n
Pierluigi Paganini<\/strong><\/a>
Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n
(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking,\u00a0CISA<\/a>)<\/strong>