CVSS: 5.5EPSS: 0%CPEs: 32EXPL: 2CVE-2021-3744 – kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
https://notcve.org/view.php?id=CVE-2021-3744
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808. Se ha encontrado un fallo de pérdida de memoria en el kernel de Linux en la función ccp_run_aes_gcm_cmd() en el archivo drivers/crypto/ccp/ccp-ops.c, que permite a atacantes causar una denegación de servicio (consumo de memoria). Esta vulnerabilidad es similar a la anterior CVE-2019-18808 A flaw was found in the Linux kernel. A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service. • http://www.openwall.com/lists/oss-security/2021/09/14/1 https://bugzilla.redhat.com/show_bug.cgi?id=2000627 https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680 https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0 https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM https: • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20325 – httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in Red Hat Enterprise Linux 8.5
https://notcve.org/view.php?id=CVE-2021-20325
Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. A user who installs or updates to Red Hat Enterprise Linux 8.5.0 would be vulnerable to the mentioned CVEs, even if they were properly fixed in Red Hat Enterprise Linux 8.4. CVE-2021-20325 was assigned to that Red Hat specific security regression and it does not affect the upstream versions of httpd. Una falta de correcciones para CVE-2021-40438 y CVE-2021-26691 en las versiones de httpd, tal y como se distribuyen en Red Hat Enterprise Linux versión 8.5.0, causa una regresión de seguridad en comparación con las versiones distribuidas en Red Hat Enterprise Linux versión 8.4. Un usuario que instale o actualice a Red Hat Enterprise Linux versión 8.5.0 sería vulnerable a los CVEs mencionados, incluso si fueron corregidos apropiadamente en Red Hat Enterprise Linux versión 8.4. • https://bugzilla.redhat.com/show_bug.cgi?id=2017321 https://access.redhat.com/security/cve/CVE-2021-20325 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-20269 – kexec-tools: incorrect permissions on kdump dmesg file
https://notcve.org/view.php?id=CVE-2021-20269
A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read this file and leak kernel internal information from a previous panic. The highest threat from this vulnerability is to confidentiality. This flaw affects kexec-tools shipped by Fedora versions prior to 2.0.21-8 and RHEL versions prior to 2.0.20-47. Se ha encontrado un fallo en los permisos de un archivo de registro creado por kexec-tools. • https://bugzilla.redhat.com/show_bug.cgi?id=1934261 https://access.redhat.com/security/cve/CVE-2021-20269 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2021-3575 – openjpeg: heap-buffer-overflow in color.c may lead to DoS or arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-3575
A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg. Se encontró un desbordamiento de búfer en la región heap de la memoria en openjpeg en color.c:379:42 en sycc420_to_rgb cuando es descomprimido un archivo .j2k diseñado. Un atacante podría usar esto para ejecutar código arbitrario con los permisos de la aplicación compilada contra openjpeg A heap-based buffer overflow was found in OpenJPEG. This flaw allows an attacker to execute arbitrary code with the permissions of the application compiled against OpenJPEG. • https://bugzilla.redhat.com/show_bug.cgi?id=1957616 https://github.com/uclouvain/openjpeg/issues/1347 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP https://ubuntu.com/security/CVE-2021-3575 https://access.redhat.com/security/cve/CVE-2021-3575 • CWE-787: Out-of-bounds Write •
CVSS: 5.6EPSS: 0%CPEs: 7EXPL: 0CVE-2021-3602 – buildah: Host environment variables leaked in build container when using chroot isolation
https://notcve.org/view.php?id=CVE-2021-3602
An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials). Se ha encontrado un fallo de divulgación de información en Buildah, cuando son construidos contenedores usando el aislamiento chroot. • https://bugzilla.redhat.com/show_bug.cgi?id=1969264 https://github.com/containers/buildah/commit/a468ce0ffd347035d53ee0e26c205ef604097fb0 https://github.com/containers/buildah/security/advisories/GHSA-7638-r9r3-rmjj https://ubuntu.com/security/CVE-2021-3602 https://access.redhat.com/security/cve/CVE-2021-3602 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •