CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-41007 – tcp: avoid too many retransmit packets
https://notcve.org/view.php?id=CVE-2024-41007
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tcp: evitar demasiados paquetes de retransmisión Si un socket TCP está usando TCP_USER_TIMEOUT y el otro par retrajo su ventana a cero, tcp_retransmit_timer() puede retransmitir un paquete cada dos santiamén (2 ms). para HZ=1000), durante aproximadamente 4 minutos después de que TCP_USER_TIMEOUT haya 'expirado'. • https://git.kernel.org/stable/c/b701a99e431db784714c32fc6b68123045714679 https://git.kernel.org/stable/c/7bb7670f92bfbd05fc41a8f9a8f358b7ffed65f4 https://git.kernel.org/stable/c/d2346fca5bed130dc712f276ac63450201d52969 https://git.kernel.org/stable/c/5d7e64d70a11d988553a08239c810a658e841982 https://git.kernel.org/stable/c/04317a2471c2f637b4c49cbd0e9c0d04a519f570 https://git.kernel.org/stable/c/e113cddefa27bbf5a79f72387b8fbd432a61a466 https://git.kernel.org/stable/c/dfcdd7f89e401d2c6616be90c76c2fac3fa98fde https://git.kernel.org/stable/c/66cb64a1d2239cd0309f9b5038b054625 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52885 – SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
https://notcve.org/view.php?id=CVE-2023-52885
Reproducir mediante dos tareas: 1. while:; hacer rpc.nfsd 0; rpc.nfsd; hecho 2. mientras:; hacer eco "" | ncat -4 127.0.0.1 2049; Informe KASAN hecho: ================================================= ==================== ERROR: KASAN: slab-use-after-free en svc_tcp_listen_data_ready+0x1cf/0x1f0 [sunrpc] Lectura de tamaño 8 en la dirección ffff888139d96228 por tarea nc /102553 CPU: 7 PID: 102553 Comm: nc Not tainted 6.3.0+ #18 Nombre de hardware: VMware, Inc. • https://git.kernel.org/stable/c/fa9251afc33c81606d70cfe91800a779096442ec https://git.kernel.org/stable/c/c7b8c2d06e437639694abe76978e915cfb73f428 https://git.kernel.org/stable/c/dfc896c4a75cb8cd7cb2dfd9b469cf1e3f004254 https://git.kernel.org/stable/c/42725e5c1b181b757ba11d804443922982334d9b https://git.kernel.org/stable/c/cd5ec3ee52ce4b7e283cc11facfa420c297c8065 https://git.kernel.org/stable/c/fbf4ace39b2e4f3833236afbb2336edbafd75eee https://git.kernel.org/stable/c/ef047411887ff0845afd642d6a687819308e1a4e https://git.kernel.org/stable/c/7e1f989055622fd086c5dfb291fc72adf •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2023-39329 – Openjpeg: resource exhaustion will occur in the opj_t1_decode_cblks function in the tcd.c
https://notcve.org/view.php?id=CVE-2023-39329
A resource exhaustion can occur in the opj_t1_decode_cblks function in tcd.c through a crafted image file, causing a denial of service. • https://access.redhat.com/security/cve/CVE-2023-39329 https://bugzilla.redhat.com/show_bug.cgi?id=2295816 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-6396 – Arbitrary File Overwrite and Data Exfiltration in aimhubio/aim
https://notcve.org/view.php?id=CVE-2024-6396
This can lead to denial of service by overwriting critical system files, loss of private data, and potential remote code execution. • https://huntr.com/bounties/c1b17afd-4656-47bb-8310-686a9e1b04a0 • CWE-29: Path Traversal: '\..\filename' •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-6468 – Vault Vulnerable to Denial of Service When Setting a Proxy Protocol Behavior
https://notcve.org/view.php?id=CVE-2024-6468
When receiving a request from a source IP address that was not listed in proxy_protocol_authorized_addrs, the Vault API server would shut down and no longer respond to any HTTP requests, potentially resulting in denial of service. While this bug also affected versions of Vault up to 1.17.1 and 1.16.5, a separate regression in those release series did not allow Vault operators to configure the deny_unauthorized option, thus not allowing the conditions for the denial of service to occur. Fixed in Vault and Vault Enterprise 1.17.2, 1.16.6, and 1.15.12. • https://discuss.hashicorp.com/t/hcsec-2024-14-vault-vulnerable-to-denial-of-service-when-setting-a-proxy-protocol-behavior/68518 • CWE-703: Improper Check or Handling of Exceptional Conditions •