CVSS: 8.0EPSS: 0%CPEs: 36EXPL: 0CVE-2024-31081 – Xorg-x11-server: heap buffer overread/data leakage in procxipassivegrabdevice
https://notcve.org/view.php?id=CVE-2024-31081
04 Apr 2024 — A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a c... • http://www.openwall.com/lists/oss-security/2024/04/03/13 • CWE-126: Buffer Over-read •
CVSS: 8.0EPSS: 0%CPEs: 37EXPL: 0CVE-2024-31080 – Xorg-x11-server: heap buffer overread/data leakage in procxigetselectedevents
https://notcve.org/view.php?id=CVE-2024-31080
04 Apr 2024 — A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a c... • http://www.openwall.com/lists/oss-security/2024/04/03/13 • CWE-126: Buffer Over-read •
CVSS: 6.1EPSS: 0%CPEs: 16EXPL: 0CVE-2024-0075
https://notcve.org/view.php?id=CVE-2024-0075
27 Mar 2024 — NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user may cause a NULL-pointer dereference by accessing passed parameters the validity of which has not been checked. A successful exploit of this vulnerability may lead to denial of service and limited information disclosure. NVIDIA GPU Display Driver para Windows y Linux contiene una vulnerabilidad en la que un usuario puede provocar una desreferencia de puntero NULL al acceder a parámetros pasados cuya validez no se ha verifi... • https://nvidia.custhelp.com/app/answers/detail/a_id/5520 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 0CVE-2024-0074
https://notcve.org/view.php?id=CVE-2024-0074
27 Mar 2024 — NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering. NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en la que un atacante puede acceder a una ubicación de memoria después del final del búfer. Una explotación exitosa de esta vulnerabilidad puede provocar denegación de servicio y manipulación de datos. • https://nvidia.custhelp.com/app/answers/detail/a_id/5520 • CWE-788: Access of Memory Location After End of Buffer •
CVSS: 6.2EPSS: 0%CPEs: 19EXPL: 2CVE-2024-28085 – util-linux wall Escape Sequence Injection
https://notcve.org/view.php?id=CVE-2024-28085
27 Mar 2024 — wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover. wall en util-linux hasta 2.40, a menudo instalado con permisos setgid tty, permite enviar secuencias de escape a terminales de otros usuarios a través de argv. (Espe... • https://github.com/skyler-ferrante/CVE-2024-28085 • CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences •
CVSS: 6.2EPSS: 0%CPEs: 24EXPL: 0CVE-2024-2494 – Libvirt: negative g_new0 length can lead to unbounded memory allocation
https://notcve.org/view.php?id=CVE-2024-2494
21 Mar 2024 — A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negative length being treated as a huge positive number. This flaw allows a local, unprivileged user to perform a denial of service attack by causing the libvirt daemon to crash. Se encontró una falla en las API de la librería RPC de libvi... • https://access.redhat.com/errata/RHSA-2024:2560 • CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 5.3EPSS: 0%CPEs: 29EXPL: 0CVE-2024-28834 – Gnutls: vulnerable to minerva side-channel information leak
https://notcve.org/view.php?id=CVE-2024-28834
21 Mar 2024 — A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel. Se encontró una falla en GnuTLS. El ataque Minerva es una vulnerabilidad criptográfica que explota el comportamiento determinista en sistemas ... • http://www.openwall.com/lists/oss-security/2024/03/22/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 0CVE-2024-28835 – Gnutls: potential crash during chain building/verification
https://notcve.org/view.php?id=CVE-2024-28835
21 Mar 2024 — A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command. Se ha descubierto una falla en GnuTLS donde se puede inducir una falla de la aplicación al intentar verificar un paquete .pem especialmente manipulado usando el comando "certtool --verify-chain". • http://www.openwall.com/lists/oss-security/2024/03/22/1 • CWE-248: Uncaught Exception •
CVSS: 5.3EPSS: 0%CPEs: 15EXPL: 0CVE-2023-46839 – pci: phantom functions assigned to incorrect contexts
https://notcve.org/view.php?id=CVE-2023-46839
20 Mar 2024 — PCI devices can make use of a functionality called phantom functions, that when enabled allows the device to generate requests using the IDs of functions that are otherwise unpopulated. This allows a device to extend the number of outstanding requests. Such phantom functions need an IOMMU context setup, but failure to setup the context is not fatal when the device is assigned. Not failing device assignment when such failure happens can lead to the primary device being assigned to a guest, while some of the ... • https://xenbits.xenproject.org/xsa/advisory-449.html •
CVSS: 8.6EPSS: 0%CPEs: 28EXPL: 0CVE-2024-1753 – Buildah: full container escape at build time
https://notcve.org/view.php?id=CVE-2024-1753
18 Mar 2024 — A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time. Se encontró una fa... • https://access.redhat.com/errata/RHSA-2024:2049 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-269: Improper Privilege Management •