GNU / Linux Threats and Vulnerabilities: Know Your Enemy!
There is a quote from Sun Tzu (General, military strategist and philosopher of ancient China) what does it say: "If you know the enemy and you know yourself, you should not fear the result of hundreds of battles. If you know yourself, but not the enemy, for every victory you win you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle. "
From this phrase we can conclude that the knowledge of our weaknesses and the weaknesses of our adversaries, will lead us safely to the victory or defeat. And extrapolating this to the Computer Technology, GNU / Linux, the current ones hacker groups and computer attacks, it is more than clear to us that we must know in detail both our Free and open operating systems such as vulnerabilities that can be exploited by third parties, in order to mitigate risks of such attacks.
APT Attack: Advanced Persistent Threats Can They Affect Linux?
And since we recently made an entry related to the same topic as the Informatic security and Cybersecurity about GNU / Linux, we will recommend exploring it. And for this we will immediately leave the link below so that it can be easily consulted at the end of this publication:
“An« APT Attack »or Advanced Persistent Threat can be described as an An organized and complex attack aimed at gaining prolonged access to a computer system by an unauthorized person or group. Reason why, its main objective is usually the theft of data in a massive way or the supervision (monitoring) of the activity of the attacked computer network." APT Attack: Advanced Persistent Threats Can They Affect Linux?
Top 2021 Threats and Vulnerabilities for GNU / Linux
About Threats and Computer Vulnerabilities
Before entering fully into the Computer threats and vulnerabilities featured from year 2021 for GNU / Linux, we will briefly make it clear that they are the same, and how the two differ. And for this, we will cite the explanation of the National Institute of Cybersecurity (INCIBE) from Spain:
- Una vulnerability (in computing terms) is a weakness or failure in an information system that puts the security of the information at risk and may allow an attacker to compromise its integrity, availability or confidentiality, so it is necessary to find and eliminate them as soon as possible. These "holes" can have different origins, for example: design flaws, configuration errors or lack of procedures.
- For its part, a threat It is any action that takes advantage of a vulnerability to undermine the security of an information system. In other words, it could have a potential negative effect on some element of our systems. Threats can come from attacks (fraud, theft, viruses), physical events (fire, flood) or negligence and institutional decisions (bad password management, not using encryption). From the point of view of an organization they can be both internal and external.
"Therefore, vulnerabilities are the conditions and characteristics of an organization's systems that make it susceptible to threats. The problem is that in the real world, if there is a vulnerability, there will always be someone who will try to exploit it, that is, take advantage of its existence."
Trend Micro Linux 2021-1H Threat Report
Now entering fully into the topic addressed, it is worth highlighting what was expressed by the organization called Trend Micro in your current Linux Threat Report 2021-1H:
"Linux is considered by many to be a unique operating system for its stability, flexibility, and open source nature. His stellar reputation is backed by his many notable achievements in recent years.
For example, 100% of the world's top 500 supercomputers run Linux, and 50,5% of the world's top 1.000 websites use it, according to a survey by W3Techs. Linux dominates the cloud, running on 90% of public cloud workloads in 2017. Linux also has unique support for the highest price / performance cloud workloads using Advanced RISC Machines (ARM) processors , like the AWS Graviton.
And furthermore, it runs on 96,3% of the world's top XNUMX million web servers, Linux also powers smart watches, high-speed trains, and even the world's top space programs. Linux is powerful, universal, and reliable, but it is not without its flaws; like other operating systems, it remains susceptible to attack."
Top 15: Vulnerabilities to hack Linux Operating Systems
And according to the report of said company, these are the 15 main vulnerabilities that we can face about the current GNU / Linux Operating Systems online:
CVE-2017-5638
- Description: Vulnerability in the Jakarta Multipart parser in Apache Struts
- CVSS score: 10.0 - Critical / High
- Details: In English / In Spanish
CVE-2017-9805
- Description: Vulnerability in the REST Plugin in Apache
- CVSS score: 8.1 - High / Medium
- Details: In English / In Spanish
CVE-2018-7600
- Description: Vulnerability in Drupal
- CVSS score: 9.8 - Critical / High
- Details: In English / In Spanish
CVE-2020-14750
- Description: Vulnerability in Oracle WebLogic Server product from Oracle Fusion Middleware
- CVSS score: 9.8 Critical / High
- Details: In English / In Spanish
CVE-2020-25213
- Description: Vulnerability in WordPress File Manager plugin (wp-file-manager)
- CVSS score: 9.8 Critical / High
- Details: In English / In Spanish
CVE-2020-17496
- Description: Vulnerability in the subWidgets data in an ajax request in vBulletin
- CVSS score: 9.8 Critical / High
- Details: In English / In Spanish
CVE-2020-11651
- Description: Vulnerability in an installation of an ansible-galaxy collection in ansible-engine
- CVSS score: 9.8 Critical / High
- Details: In English / In Spanish
CVE-2017-12611
- Description: Vulnerability in Apache Struts in versions 2.0.0 / 2.3.33 and versions 2.5 / 2.5.10.1
- CVSS score: 9.8 Critical / High
- Details: In English / In Spanish
CVE-2017-7657
- Description: Vulnerability in Eclipse Jetty, in versions 9.2.x and earlier, versions 9.3.x / 9.4.x
- CVSS score: 9.8 Critical / High
- Details: In English / In Spanish
CVE-2021-29441
- Description: Vulnerability in authentication (-Dnacos.core.auth.enabled = true) in Nacos
- CVSS score: 9.8 Critical / High
- Details: In English / In Spanish
CVE-2020-14179
- Description: Information Disclosure Vulnerability in Atlassian Jira
- CVSS score: 5.3 - Average
- Details: In English / In Spanish
CVE-2013-4547
- Description: Vulnerability in handling Nginx URI strings and access restrictions
- CVSS score: 7.5 - High
- Details: In English / In Spanish
CVE-2019-0230
- Description: Vulnerability in OGNL evaluation in Apache Struts tag attributes
- CVSS score: 9.8 Critical / High
- Details: In English / In Spanish
CVE-2018-11776
- Description: RCE vulnerability in Apache Struts OGNL expression
- CVSS score: 8.1 - High
- Details: In English / In Spanish
CVE-2020-7961
- Description: Liferay Portal Untrusted Deserialization Vulnerability
- CVSS score: 9.8 Critical / High
- Details: In English / In Spanish
More information on other vulnerabilities
For more information on other vulnerabilities, you can directly access the following Vulnerability Databases links:
- National Vulnerability Database (USA)
- National Vulnerability Database (Spain)
- Global Vulnerability Database (World)
- Trend Micro Attack Encyclopedia
Summary
In summary, the "Threats and Vulnerabilities" Today, they are increasingly frequent attacks and therefore, nothing should be spared in the implementation of any security measure about GNU / Linux and else Operating systems, to avoid or mitigate them. And in that direction, it is vital to know in depth all the past and current vulnerabilities, and those that may arise every day, to initiate the necessary corrections as soon as possible.
We hope that this publication will be very useful for the entire «Comunidad de Software Libre y Código Abierto» and of great contribution to the improvement, growth and diffusion of the ecosystem of applications available for «GNU/Linux». And do not stop sharing it with others, on your favorite websites, channels, groups or communities of social networks or messaging systems. Finally, visit our home page at «DesdeLinux» to explore more news, and join our official channel Telegram from DesdeLinux.
It is the advantage of open source, that these vulnerabilities are discovered…. An operating system that I love is Fedora Silverblue, completely immutable ... it would be interesting to do a review of that OS
A hug, excellent article. Greetings from Colombia
Greetings, Paul. Thank you for your comment and yes, we will soon make a post about that Distro. Thanks for the suggestion.
I would like ... I am an avid reader of this website. Since I started on "linux" in 2014 I have not stopped visiting it ...
The Fedora Silverblue review would be interesting, as there is little information about it, there are also few videos on YouTube and the explanations there are for people with advanced knowledge. Although obviously Silverblue has more way to go
Saludos y gracias