LFS Security Advisories for LFS 10.1 and the current development books.

LFS-10.1 was released on 2021-03-01

This page is in alphabetical order of packages, and if a package has multiple advisories the newer come first.

The links at the end of each item point to fuller details which have links to the released books.

Binutils

10.1 080 Binutils Date: 2021-07-23 Severity: Moderate

Binutils before 2.37 is vulnerable to an arbitrary filesystem access, denial of service, and two arbitrary code execution vulnerabilities. These vulnerabilities have been rated between Low and Moderate by NVD. To fix these, update to Binutils-2.37 or later. See 10.1-080

Expat

10.1 052 Expat Date: 2021-05-29 Severity: Medium

Expat before 2.4.0 is vulnerable to Denial of Service ('billion laughs') attacks. The vulnerability was initially for versions up to 2.1, but protection has been strengthened in the 2.4.0 release: see 10.1-052

Glibc

10.1 098 (LFS) GLIBC Date: 2021-08-24 Severity: High

A vulnerability in the released version of glibc-2.34 has been discovered. This is remotely exploitable and can be used to crash programs linked to glibc. In the development book this unfixed vulnerability existed between 2021-08-02 and 2021-08-20, it was also in LFS-11.0-rc1. It has been fixed with a sed in the chapter 8 glibc build. For further details see 10.1-098

Linux Kernel

10.1 078 Linux Kernel (LFS) Date: 2021-07-20 Severity: High

In linux kernels from 3.16 to 5.13.3, a vulnerability in the filesystem layer can be exploited to gain root privileges. To fix this, update to linux-5.13.4 or later (or 5.10.52 or later for the stable series). See 10.1-078

10.1 062 Linux Kernel (LFS) Date: 2021-06-16 Severity: High

In Linux-5.12.10, several security vulnerabilities were fixed in the Bluetooth stack, the Xen stack, and the Wireless stack. The Bluetooth and Xen stack vulnerabilities allow for local users to cause a kernel panic. The Wireless stack vulnerabilities allow for remote attackers to exfiltrate data from a system, inject malicious packets and network frames into the stream, and decrypt packets that are sent from wireless cards. Additional fixes were made for issues in the ath10k and ath11k wireless drivers. For more information, see the information in 10.1-062

10.1 054 Linux Kernel (LFS) Date: 2021-03-31 Severity: High

In Linux 5.12.7 and all earlier kernels back to 2.6.12 a "confused deputy" weakness exists, which makes it possible to trick another process (which may have different credentials) to write to its own /proc/$pid/attr/ files, leading to unexpected and possibly exploitable behaviors. See 10.1-054

10.1 005 Linux Kernel (LFS) Date: 2021-03-15 Severity: Low

In Linux 5.11.3 or earlier there are vulnerabilities in iSCSI subsystem which can lead to potential privilege escalation. See 10.1-005

OpenSSL

10.1 099 OpenSSL (LFS) Date: 2021-08-25 Severity: High

In OpenSSL-1.1.1l, two high security vulnerabilities were fixed that can lead to applications link to OpenSSL crash with malicious inputs. Updating to OpenSSL-1.1.1l is suggested as soon as possible. 10.1-099.

10.1 011 OpenSSL (LFS) Date: 2021-03-26 Severity: Critical

In OpenSSL-1.1.1k, two high severity security vulnerabilities were fixed that can lead to a complete bypass of the CA Certificate Store checks, and also one that can lead to crashes for applications that use OpenSSL. Updating to OpenSSL-1.1.1k is suggested as soon as possible. 10.1-011.

Python 3

10.1 071 Python (LFS and BLFS) Date: 2021-07-09 Severity: Medium

In Python3 before 3.9.6, a security vulnerability exists that could allow for resource exhaustion due to an infinite loop in the mod:http.client Python module. Update to Python-3.9.6 or later. 10.1-071

10.1 035 Python (LFS and BLFS) Date: 2021-04-29 Severity: High

In Python3 before 3.9.4 'pydoc' can be used to read arbitrary files, including those containing sensitive data. Update to Python-3.9.4 or later. 10.1-035

systemd

10.1 081 systemd (LFS and BLFS) Date: 2021-07-23 Severity: High

In systemd-220 and later, a security vulnerability exists that will allow for a local attacker to crash your system by mounting a FUSE filesystem that with a file path longer than 8MB present. The crash occurs when reading /proc/self/mountinfo, and manifests itself as a kernel panic due to PID1 (init) crashing. Because fo the changes coming in LFS 11.0, updating to systemd-249 (with the patch) is not feasible. However, a patch has been created for LFS 10.1/systemd-247. See the advisory linked for more information. The patch replaces the current systemd-247-security_fix-1.patch. 10.1-081

10.1 072 systemd (LFS and BLFS) Date: 2021-07-09 Severity: Medium

In systemd-249, a security vulnerability was fixed that could allow for a remote attacker to reconfigure the network on your system. Because of the changes coming in LFS 11.0, updating to systemd-249 is not feasible. However, a patch has been created for LFS 10.1/systemd-249. See the advisory linked for more information. 10.1-072