It’s release week! As Ubuntu 21.10 Impish Indri is released we take a look at some of the new security features it brings, plus we cover security updates for containerd, MongoDB, Mercurial, docker.io and more.
58 unique CVEs addressed
FileNameUtils.normalize()- should remove relative path components like
../but if contained leading double-slashes this would fail - and the original path would be returned without alteration - so could then possibly get relative directory traversal to the parent directory depending on how this returned value was used.
io_uring(5.1) - unprivileged user - trigger free of other kernel memory - code execution
docker cp- could craft a container image that would result in
docker cpmaking changes to existing files on the host filesystem - doesn’t actually allow to read/modify or execute files on the host but could make them readable/change perms etc and expose info on the host