USN-5219-1: Linux kernel vulnerability
11 JANUARY 2022

The system could be made to crash or run programs as an administrator.

Releases
Ubuntu 21.10 Ubuntu 21.04 Ubuntu 20.04 LTS

Details
It was discovered that the eBPF implementation in the Linux kernel did
not properly validate the memory size of certain ring buffer operation
arguments. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code.

https://ubuntu.com/security/notices/USN-5219-1

DLA-2876-1 vim -- LTS security update

Date Reported: 10 Jan 2022
Affected Packages: vim

Description:
vim is vulnerable to Heap-based Buffer Overflow ...

CVE-2022-0158

https://www.debian.org/lts/security/2022/dla-2876

https://security-tracker.debian.org/tracker/CVE-2022-0158

Malware bancario explota la verificación de firma de Microsoft

https://unaaldia.hispasec.com/2022/01/malware-bancario-explota-la-verificacion-de-firma-de-microsoft.html

Microsoft January 2022 Patch Tuesday: Six zero-days, over 90 vulnerabilities fixed

https://www.zdnet.com/article/microsoft-january-2022-patch-tuesday-six-zero-days-over-90-vulnerabilities-fixed/

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

https://www.cisa.gov/uscert/ncas/current-activity/2022/01/11/mozilla-releases-security-updates-firefox-firefox-esr-and

SAP Releases January 2022 Security Updates

https://www.cisa.gov/uscert/ncas/current-activity/2022/01/11/sap-releases-january-2022-security-updates

Microsoft Releases January 2022 Security Updates

https://www.cisa.gov/uscert/ncas/current-activity/2022/01/11/microsoft-releases-january-2022-security-updates

Samba Releases Security Update

The Samba Team has released a security update to address a vulnerability in multiple versions of Samba. An attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review Samba Security Announcement CVE-2021-43566 and apply the necessary update.

https://www.cisa.gov/uscert/ncas/current-activity/2022/01/11/samba-releases-security-update

Citrix Releases Security Update for Workspace App for Linux

https://www.cisa.gov/uscert/ncas/current-activity/2022/01/11/citrix-releases-security-update-workspace-app-linux

Adobe Releases Security Updates for Multiple Products

https://www.cisa.gov/uscert/ncas/current-activity/2022/01/11/adobe-releases-security-updates-multiple-products

Múltiples vulnerabilidades en productos de TIBCO

Fecha de publicación: 12/01/2022
Importancia: 5 - Crítica

Recursos afectados:
TIBCO eFTL:
Community Edition, versión 6.7.2 y anteriores;
Developer Edition, versión 6.7.2 y anteriores;
Enterprise Edition, versión 6.7.2 y anteriores.
TIBCO FTL:
Community Edition, versión 6.7.2 y anteriores;
TIBCO FTL - Developer Edition, versión 6.7.2 y anteriores;
TIBCO FTL - Enterprise Edition, versión 6.7.2 y anteriores.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-tibco-3

Moodle e-learning platform patches session hijack bug that led to pre-auth RCE.

Researchers disclose second critical flaw in authentication plugin

https://portswigger.net/daily-swig/moodle-e-learning-platform-patches-session-hijack-bug-that-led-to-pre-auth-rce

Home routers with NetUSB support could have critical kernel hole.

Now that a patch has been circulated to vendors, researchers at Sentinel One have released details of a worrying bug in an IoT software driver called NetUSB.

https://nakedsecurity.sophos.com/2022/01/11/home-routers-with-netusb-support-could-have-critical-kernel-hole/

Detectadas múltiples vulnerabilidades en Microsoft Teams

https://unaaldia.hispasec.com/2022/01/detectadas-multiples-vulnerabilidades-en-microsoft-teams.html

Apple fixes doorLock bug that can disable iPhones and iPads

Apple has released security updates to address a persistent denial of service (DoS) dubbed doorLock that would altogether disable iPhones and iPads running HomeKit on iOS 14.7 and later.

https://www.bleepingcomputer.com/news/security/apple-fixes-doorlock-bug-that-can-disable-iphones-and-ipads/

SysJoker, a previously undetected cross-platform backdoor made the headlines

Security researchers found a new cross-platform backdoor, dubbed SysJoker, the is suspected to be the work of an APT group.

https://securityaffairs.co/wordpress/126656/malware/sysjoker-backdoor.html

New SysJoker Backdoor Targets Windows, Linux, and macOS

https://www.intezer.com/blog/malware-analysis/new-backdoor-sysjoker/

HTTP Protocol Stack Remote Code Execution Vulnerability
CVE-2022-21907

CVSS:3.1 9.8 / 8.5

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-21907

Cisco Unified Contact Center Management Portal and Unified Contact Center Domain Manager Privilege Escalation Vulnerability

Advisory ID: cisco-sa-ccmp-priv-esc-JzhTFLm4

First Published:2022 January 12 16:00 GMT

Cisco Bug IDs: CSCvz49473 CVE-2022-20658 CWE-602
CVSS Score:Base 9.6

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccmp-priv-esc-JzhTFLm4

Juniper Networks Releases Security Updates for Multiple Products

https://www.cisa.gov/uscert/ncas/current-activity/2022/01/13/juniper-networks-releases-security-updates-multiple-products

Citrix Hypervisor Security Update

2022-01-12 Initial Publication

What Customers Should Do
Citrix has released hotfixes to address these issues. Citrix recommends that affected customers install these hotfixes as their patching schedule allows. The hotfixes can be downloaded from the following locations:
Citrix Hypervisor 8.2 CU1 LTSR: CTX338448 and CTX335882
Citrix Hypervisor 8.2: CTX338444 and CTX335880
Citrix XenServer 7.1 LTSR CU2: CTX335531 and CTX335881

https://support.citrix.com/article/CTX335432