CVE-2022-28656
https://notcve.org/view.php?id=CVE-2022-28656
is_closing_session() allows users to consume RAM in the Apport process is_closing_session() permite a los usuarios consumir RAM en el proceso de Apport • https://ubuntu.com/security/notices/USN-5427-1 https://www.cve.org/CVERecord?id=CVE-2022-28656 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2022-28657
https://notcve.org/view.php?id=CVE-2022-28657
Apport does not disable python crash handler before entering chroot Apport no desactiva el controlador de fallos de Python antes de ingresar a chroot • https://ubuntu.com/security/notices/USN-5427-1 https://www.cve.org/CVERecord?id=CVE-2022-28657 • CWE-400: Uncontrolled Resource Consumption •
CVE-2022-28652
https://notcve.org/view.php?id=CVE-2022-28652
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack ~/.config/apport/settings el análisis es vulnerable al ataque de "billion laughs" • https://ubuntu.com/security/notices/USN-5427-1 https://www.cve.org/CVERecord?id=CVE-2022-28652 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVE-2022-28654
https://notcve.org/view.php?id=CVE-2022-28654
is_closing_session() allows users to fill up apport.log is_closing_session() permite a los usuarios completar apport.log • https://ubuntu.com/security/notices/USN-5427-1 https://www.cve.org/CVERecord?id=CVE-2022-28654 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2022-28655
https://notcve.org/view.php?id=CVE-2022-28655
is_closing_session() allows users to create arbitrary tcp dbus connections is_closing_session() permite a los usuarios crear conexiones tcp dbus arbitrarias • https://ubuntu.com/security/notices/USN-5427-1 https://www.cve.org/CVERecord?id=CVE-2022-28655 • CWE-770: Allocation of Resources Without Limits or Throttling •