CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-3677 – postgresql: memory disclosure in certain queries
https://notcve.org/view.php?id=CVE-2021-3677
A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. • https://bugzilla.redhat.com/show_bug.cgi?id=2001857 https://security.gentoo.org/glsa/202211-04 https://security.netapp.com/advisory/ntap-20220407-0008 https://www.postgresql.org/support/security/CVE-2021-3677 https://access.redhat.com/security/cve/CVE-2021-3677 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.0EPSS: 0%CPEs: 68EXPL: 1CVE-2021-3609 – kernel: race condition in net/can/bcm.c leads to local privilege escalation
https://notcve.org/view.php?id=CVE-2021-3609
.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. Se ha encontrado un fallo en el protocolo de red CAN BCM en el kernel de Linux, donde un atacante local puede abusar de un fallo en el subsistema CAN para corromper la memoria, bloquear el sistema o escalar privilegios. Esta condición de carrera en el archivo net/can/bcm.c en el kernel de Linux permite una escalada de privilegios local a root A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. • https://bugzilla.redhat.com/show_bug.cgi?id=1971651 https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md https://github.com/torvalds/linux/commit/d5f9023fa61ee8b94f37a93f08e94b136cf1e463 https://security.netapp.com/advisory/ntap-20220419-0004 https://www.openwall.com/lists/oss-security/2021/06/19/1 https://access.redhat.com/security/cve/CVE-2021-3609 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 23CVE-2021-3560 – Red Hat Polkit Incorrect Authorization Vulnerability
https://notcve.org/view.php?id=CVE-2021-3560
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se ha detectado que polkit podía ser engañado para omitir las comprobaciones de credenciales para las peticiones de D-Bus, elevando los privilegios del solicitante al usuario root. Este fallo podría ser usado por un atacante local no privilegiado para, por ejemplo, crear un nuevo administrador local. • https://www.exploit-db.com/exploits/50011 https://github.com/secnigma/CVE-2021-3560-Polkit-Privilege-Esclation https://github.com/RicterZ/CVE-2021-3560-Authentication-Agent https://github.com/hakivvi/CVE-2021-3560 https://github.com/WinMin/CVE-2021-3560 https://github.com/0dayNinja/CVE-2021-3560 https://github.com/AssassinUKG/Polkit-CVE-2021-3560 https://github.com/chenaotian/CVE-2021-3560 https://github.com/BizarreLove/CVE-2021-3560 https://github.com/cpu0x00/CVE-2021-3560&# • CWE-754: Improper Check for Unusual or Exceptional Conditions CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2021-3501 – kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu->run
https://notcve.org/view.php?id=CVE-2021-3501
A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability. Se encontró un fallo en el kernel de Linux en versiones anteriores a 5.12. El valor de internal.ndata, en la API de KVM, es asignado a un índice de matriz, que puede ser actualizado por un proceso de usuario en cualquier momento, lo que podría conllevar a una escritura fuera de límites. • https://bugzilla.redhat.com/show_bug.cgi?id=1950136 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04c4f2ee3f68c9a4bf1653d15f1a9a435ae33f7a https://security.netapp.com/advisory/ntap-20210618-0008 https://access.redhat.com/security/cve/CVE-2021-3501 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-20297 – NetworkManager: Profile with match.path setting triggers crash
https://notcve.org/view.php?id=CVE-2021-20297
A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highest threat from this vulnerability is to system availability. Se encontró un fallo en NetworkManager en versiones anteriores a 1.30.0. Ajustando el archivo match.path y activando un perfil bloquea NetworkManager. • https://bugzilla.redhat.com/show_bug.cgi?id=1943282 https://access.redhat.com/security/cve/CVE-2021-20297 • CWE-20: Improper Input Validation •