CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14376
https://notcve.org/view.php?id=CVE-2020-14376
30 Sep 2020 — A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying iv_data from the VM guest memory into host memory can lead to a large buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en dpdk en versiones anteriores a 18.11.10 y anteriores a 19.11.5. Una falta de comprobación de límites cuando se copia iv_data desde la memoria del invitado de la VM haci... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00004.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14375
https://notcve.org/view.php?id=CVE-2020-14375
30 Sep 2020 — A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en dpdk en versiones anteriores a 18.11.10 y anteriores a 19.11.5. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00004.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-26137 – python-urllib3: CRLF injection via HTTP request method
https://notcve.org/view.php?id=CVE-2020-26137
29 Sep 2020 — urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116. urllib3 versiones anteriores a 1.25.9, permite una inyección de CRLF si el atacante controla el método de petición HTTP, como es demostrado al insertar caracteres de control CR y LF en el primer argumento de la función putrequest(). NOTA: esto es similar a CVE-2020-26116 A f... • https://bugs.python.org/issue39603 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14374 – Ubuntu Security Notice USN-4550-1
https://notcve.org/view.php?id=CVE-2020-14374
28 Sep 2020 — A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en dpdk en versiones anteriores a 18.11.10 y anteriores a 19.11.5. Una comprobación de límites fallida en... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00004.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14378 – Ubuntu Security Notice USN-4550-1
https://notcve.org/view.php?id=CVE-2020-14378
28 Sep 2020 — An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. An attacker could cause `move_desc` to get stuck in a 4,294,967,295-count iteration loop. Depending on how `vhost_crypto` is being used this could prevent other VMs or network tasks from being serviced by the busy DPDK lcore for an extended period. Un subdesbordamiento de enteros en dpdk versiones anteriores a 18.11.10 y anteriore... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00004.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 1CVE-2020-16121 – PackageKit error messages leak presence and mimetype of files to unprivileged users
https://notcve.org/view.php?id=CVE-2020-16121
24 Sep 2020 — PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own. PackageKit proporcionó mensajes de error detallados a llamadores no privilegiados que exponían información sobre la presencia de archivos y mimetype de archivos que el usuario no podría ser capaz de determinar por sí solo Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker coul... • https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1888887 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2020-16122 – Packagekit's apt backend lets user install untrusted local packages
https://notcve.org/view.php?id=CVE-2020-16122
24 Sep 2020 — PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages. El backend apt de PackageKit trató erróneamente a todas las debs locales como confiables. El modelo de seguridad de apt se basa en la confianza del repositorio y no en el contenido de archivos individuales. • https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1882098 • CWE-269: Improper Privilege Management CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14382 – cryptsetup: Out-of-bounds write when validating segments
https://notcve.org/view.php?id=CVE-2020-14382
16 Sep 2020 — A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2_json_metadata.c' in function hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj) where the code does not check for possible overflow on memory allocation used for intervals array (see statement "intervals = malloc(first_backu... • https://bugzilla.redhat.com/show_bug.cgi?id=1874712 • CWE-787: Out-of-bounds Write •
CVSS: 6.2EPSS: 0%CPEs: 8EXPL: 0CVE-2020-14385 – kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt
https://notcve.org/view.php?id=CVE-2020-14385
15 Sep 2020 — A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, or otherwise rendered inaccessible until it is remounted, leading to a denial of service. The highest threat from this vulnerability is to system availability. Se encontró un fallo en el kernel de Linux versiones anteriores a 5.9-rc4. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 6.5EPSS: 0%CPEs: 21EXPL: 0CVE-2020-8927 – Buffer overflow in Brotli library
https://notcve.org/view.php?id=CVE-2020-8927
15 Sep 2020 — A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits. Se presenta un desbordamiento del búfer en la biblioteca Brotli ... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00108.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-130: Improper Handling of Length Parameter Inconsistency •