CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9516 – kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c
https://notcve.org/view.php?id=CVE-2018-9516
In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-71361580. En hid_debug_events_read de drivers/hid/hid-debug.c, hay una posible escritura fuera de límites debido a la falta de una comprobación de límites. • https://access.redhat.com/errata/RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2043 https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html https://source.android.com/security/bulletin/pixel/2018-09-01 https://usn.ubuntu.com/3871-1 https://usn.ubuntu.com/3871-3 https://usn.ubuntu.com/3871-4 https://usn.ubuntu.com/3871-5 https://www.debian.org/security/2018/dsa-4308 https://access.redhat.com/security/cve/CVE-2018-9516 https:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 15EXPL: 0CVE-2018-9363 – kernel: Buffer overflow in hidp_process_report
https://notcve.org/view.php?id=CVE-2018-9363
In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel. Hay un desbordamiento de enteros en hidp_process_report en bluetooth. • https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2043 https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html https://source.android.com/security/bulletin/2018-06-01 https://usn.ubuntu.com/3797-1 https://usn.ubuntu.com/3797-2 https://usn.ubuntu.com/3820-1 https://usn.ubuntu.com/3820-2 https://usn.ubuntu.com/3820-3 https://usn.ubuntu.com/3822-1 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 2CVE-2018-17581 – exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service
https://notcve.org/view.php?id=CVE-2018-17581
CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service. CiffDirectory::readDirectory() en crwimage_int.cpp en Exiv2 0.26 tiene un consumo excesivo de pila debido a una función recursiva, lo que conduce a una denegación de servicio (DoS). • https://access.redhat.com/errata/RHSA-2019:2101 https://github.com/Exiv2/exiv2/issues/460 https://github.com/SegfaultMasters/covering360/blob/master/Exiv2 https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html https://usn.ubuntu.com/3852-1 https://access.redhat.com/security/cve/CVE-2018-17581 https://bugzilla.redhat.com/show_bug.cgi?id=1635045 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 2CVE-2018-14634 – Linux Kernel 2.6.x / 3.10.x / 4.14.x (RedHat / Debian / CentOS) (x64) - 'Mutagen Astronomy' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-14634
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable. Se ha encontrado un error de desbordamiento de enteros en la función create_elf_tables() del kernel de Linux. Un usuario local sin privilegios con acceso al binario SUID (o a otro privilegiado) podría emplear este error para escalar sus privilegios en el sistema. • https://www.exploit-db.com/exploits/45516 http://www.openwall.com/lists/oss-security/2021/07/20/2 http://www.securityfocus.com/bid/105407 https://access.redhat.com/errata/RHSA-2018:2748 https://access.redhat.com/errata/RHSA-2018:2763 https://access.redhat.com/errata/RHSA-2018:2846 https://access.redhat.com/errata/RHSA-2018:2924 https://access.redhat.com/errata/RHSA-2018:2925 https://access.redhat.com/errata/RHSA-2018:2933 https://access.redhat.com/errata/RHSA- • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2018-16151
https://notcve.org/view.php?id=CVE-2018-16151
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the same version of strongSwan regarding digestAlgorithm.parameters, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication. En verify_emsa_pkcs1_signature() en gmp_rsa_public_key.c en el plugin gmp en strongSwan en versiones 4.x y 5.x anteriores a la 5.7.0, la implementación RSA basada en GMP no rechaza los datos sobrantes tras el algoritmo OID cifrado durante la verificación de firmas PKCS#1 v1.5. De forma similar al error en la misma versión de strongSwan relacionado con digestAlgorithm.parameters, un atacante remoto puede falsificar firmas cuando se emplean pequeños exponentes públicos, lo que podría conducir a una suplantación cuando solo se emplea una firma RSA para la autenticación IKEv2. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00077.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00047.html https://lists.debian.org/debian-lts-announce/2018/09/msg00032.html https://security.gentoo.org/glsa/201811-16 https://usn.ubuntu.com/3771-1 https://www.debian.org/security/2018/dsa-4305 https://www.strongswan.org/blog/2018/09/24/strongswan-vulnerability-%28cve-20 • CWE-347: Improper Verification of Cryptographic Signature •