CVE-2022-27239
https://notcve.org/view.php?id=CVE-2022-27239
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. En cifs-utils versiones hasta 6.14, un desbordamiento del búfer en la región stack de la memoria cuando es analizado el argumento de línea de comandos mount.cifs ip= podría conllevar a que atacantes locales obtuvieran privilegios de root • http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba https://bugzilla.samba.org/show_bug.cgi?id=15025 https://bugzilla.suse.com/show_bug.cgi?id=1197216 https://github.com/piastry/cifs-utils/pull/7 https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765 https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY https://lists& • CWE-787: Out-of-bounds Write •
CVE-2022-21947 – rancher desktop: Dashboard API is network accessible
https://notcve.org/view.php?id=CVE-2022-21947
A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API (steve) to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V. Una vulnerabilidad de control de acceso inapropiado en Rancher Desktop de SUSE permite a atacantes de la red local conectarse a la API de Dashboard (steve) para llevar a cabo acciones arbitrarias. Este problema afecta a: SUSE Rancher Desktop versiones anteriores a V • https://bugzilla.suse.com/show_bug.cgi?id=1197491 • CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2021-46705 – grub2-once uses fixed file name in /var/tmp
https://notcve.org/view.php?id=CVE-2021-46705
A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15 SP4, openSUSE Factory allows local attackers to truncate arbitrary files. This issue affects: SUSE Linux Enterprise Server 15 SP4 grub2 versions prior to 2.06-150400.7.1. SUSE openSUSE Factory grub2 versions prior to 2.06-18.1. Una vulnerabilidad de Archivos Temporales no Seguros en grub-once de grub2 en SUSE Linux Enterprise Server 15 SP4, openSUSE Factory permite a atacantes locales truncar archivos arbitrarios. Este problema afecta a: SUSE Linux Enterprise Server 15 SP4 grub2 versiones anteriores a 2.06-150400.7.1. • https://bugzilla.suse.com/show_bug.cgi?id=1190474 • CWE-377: Insecure Temporary File •
CVE-2021-4028 – kernel: use-after-free in RDMA listen()
https://notcve.org/view.php?id=CVE-2021-4028
A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system. Un fallo en la implementación del kernel de Linux del código de escucha del administrador de comunicaciones RDMA permitía a un atacante con acceso local configurar un socket para que escuchara en un puerto alto, lo que permitía un uso de memoria previamente liberada de un elemento de la lista. Dada la capacidad de ejecutar código, un atacante local podría aprovechar este uso de memoria previamente liberada para bloquear el sistema o posiblemente escalar privilegios en el sistema. A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. • https://access.redhat.com/security/cve/CVE-2021-4028 https://bugzilla.redhat.com/show_bug.cgi?id=2027201 https://bugzilla.suse.com/show_bug.cgi?id=1193167#c0 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc0bdc5afaa74 https://lkml.org/lkml/2021/10/4/697 https://security.netapp.com/advisory/ntap-20221228-0002 • CWE-416: Use After Free •
CVE-2021-45082
https://notcve.org/view.php?id=CVE-2021-45082
An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.) Se ha detectado un problema en Cobbler versiones hasta 3.3.0. En el archivo templar.py, la función check_for_invalid_imports puede permitir que el código Cheetah importe módulos de Python por medio de la subcadena "#from MODULE import". • https://bugzilla.suse.com/show_bug.cgi?id=1193678 https://github.com/cobbler/cobbler/releases https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEJN7CPW6YCHBFQPFZKGA6AVA6T5NPIW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z5CSXQE7Q4TVDQJKFYBO4XDH3BZ7BLAR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCXMOUW4DH4DYWIJN44SMSU6R3CZDZBE • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •