CVSS: 5.5EPSS: 0%CPEs: 44EXPL: 0CVE-2022-36879 – kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice
https://notcve.org/view.php?id=CVE-2022-36879
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. Se ha detectado un problema en el kernel de Linux versiones hasta 5.18.14. la función xfrm_expand_policies en el archivo net/xfrm/xfrm_policy.c puede causar que un refcount sea descartado dos veces A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). An error while resolving policies in xfrm_bundle_lookup causes the refcount to drop twice, leading to a possible crash and a denial of service. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f85daf0e725358be78dfd208dea5fd665d8cb901 https://github.com/torvalds/linux/commit/f85daf0e725358be78dfd208dea5fd665d8cb901 https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html https://security.netapp.com/advisory/ntap-20220901-0007 https://www.debian.org/security/2022/dsa-5207 https://access.redhat.com/security/cve/CVE-2022-36879 https://bugzilla.r • CWE-911: Improper Update of Reference Count •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 1CVE-2022-36946 – kernel: DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c
https://notcve.org/view.php?id=CVE-2022-36946
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. La función nfqnl_mangle en el archivo net/netfilter/nfnetlink_queue.c en el kernel de Linux versiones hasta 5.18.14, permite a atacantes remotos causar una denegación de servicio (pánico) porque, en el caso de un veredicto nf_queue con un atributo nfta_payload de un byte, un skb_pull puede encontrar un skb-)len negativo A memory corruption flaw was found in the Linux kernel’s Netfilter subsystem in the way a local user uses the libnetfilter_queue when analyzing a corrupted network packet. This flaw allows a local user to crash the system or a remote user to crash the system when the libnetfilter_queue is used by a local user. • https://github.com/Pwnzer0tt1/CVE-2022-36946 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99a63d36cb3ed5ca3aa6fcb64cffbeaf3b0fb164 https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html https://marc.info/?l=netfilter-devel&m=165883202007292&w=2 https://security.netapp.com/advisory/ntap-20220901-0007 https://www.debian.org/security/2022/dsa-5207 https://access.redhat.com/security/ •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 2CVE-2020-7677 – Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2020-7677
This affects the package thenify before 3.3.1. The name argument provided to the package can be controlled by users without any sanitization, and this is provided to the eval function without any sanitization. Esto afecta al paquete thenify antes de la versión 3.3.1. El argumento del nombre proporcionado al paquete puede ser controlado por los usuarios sin ningún tipo de sanitización, y este es proporcionado a la función eval sin ninguna sanitización • https://github.com/thenables/thenify/blob/master/index.js%23L17 https://github.com/thenables/thenify/commit/0d94a24eb933bc835d568f3009f4d269c4c4c17a https://lists.debian.org/debian-lts-announce/2022/09/msg00039.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-572317 https://secu •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-26307 – Weak Master Keys
https://notcve.org/view.php?id=CVE-2022-26307
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making the stored passwords vulerable to a brute force attack if an attacker has access to the users stored config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.3. LibreOffice admite el almacenamiento de contraseñas para conexiones web en la base de datos de configuración del usuario. • http://www.openwall.com/lists/oss-security/2022/08/13/2 https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html https://www.libreoffice.org/about-us/security/advisories/cve-2022-26307 https://access.redhat.com/security/cve/CVE-2022-26307 https://bugzilla.redhat.com/show_bug.cgi?id=2118610 • CWE-326: Inadequate Encryption Strength •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-26306 – Execution of Untrusted Macros Due to Improper Certificate Validation
https://notcve.org/view.php?id=CVE-2022-26306
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the user's configuration data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1. LibreOffice admite el almacenamiento de contraseñas para las conexiones web en la base de datos de configuración del usuario. • http://www.openwall.com/lists/oss-security/2022/08/13/1 https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html https://www.libreoffice.org/about-us/security/advisories/cve-2022-26306 https://access.redhat.com/security/cve/CVE-2022-26306 https://bugzilla.redhat.com/show_bug.cgi?id=2118613 • CWE-326: Inadequate Encryption Strength CWE-330: Use of Insufficiently Random Values •