CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 2CVE-2021-33624
https://notcve.org/view.php?id=CVE-2021-33624
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. En el archivo kernel/bpf/verifier.c en el kernel de Linux versiones anteriores a 5.12.13, una rama puede ser mal predicha (por ejemplo, debido a la confusión de tipos) y, en consecuencia, un programa BPF no privilegiado puede leer ubicaciones de memoria arbitrarias por medio de un ataque de canal lateral, también conocido como CID-9183671af6db • https://github.com/benschlueter/CVE-2021-33624 http://www.openwall.com/lists/oss-security/2021/06/21/1 https://github.com/torvalds/linux/commit/9183671af6dbf60a1219371d4ed73e23f43b49db https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html https://www.usenix.org/conference/usenixsecurity21/presentation/kirzner • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-0561 – flac: out of bound write in append_to_verify_fifo_interleaved_ of stream_encoder.c
https://notcve.org/view.php?id=CVE-2021-0561
In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683 En la función append_to_verify_fifo_interleaved_ del archivo stream_encoder.c, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una divulgación de información local sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. • https://lists.debian.org/debian-lts-announce/2022/03/msg00022.html https://lists.debian.org/debian-lts-announce/2022/09/msg00003.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWXBVMPPSL377I7YM55ZYXVKVMYOKES2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q4Y7BW35TGNFYBYBSBDSGLUJHHTYEUSG https://source.android.com/security/bulletin/pixel/2021-06-01 https://access.redhat.com/security/cve/CVE-2021-0561 https://bugzilla.red • CWE-787: Out-of-bounds Write •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 1CVE-2020-18442 – zziplib: infinite loop via the return value of zzip_file_read() as used in unzzip_cat_file()
https://notcve.org/view.php?id=CVE-2020-18442
Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file". Un bucle infinito en zziplib versión v0.13.69, permite a atacantes remotos causar una denegación de servicio por medio del valor de retorno "zzip_file_read" en la función "unzzip_cat_file" • https://github.com/gdraheim/zziplib/issues/68 https://lists.debian.org/debian-lts-announce/2021/12/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCFYD46OY4VAGJ4UX7IFOH5SHD4UW4ZA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VVANTEBDQGOIPC5KCEVAGA5KT4KKTGWB https://access.redhat.com/security/cve/CVE-2020-18442 https://bugzilla.redhat.com/show_bug.cgi?id=1973826 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2021-3580 – nettle: Remote crash in RSA decryption via manipulated ciphertext
https://notcve.org/view.php?id=CVE-2021-3580
A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service. Se ha encontrado un fallo en la manera en que las funciones de descifrado RSA de Nettle manejan el texto cifrado especialmente diseñado. Un atacante podría usar este fallo para proporcionar un texto cifrado manipulado, conllevando al bloqueo de la aplicación y la denegación de servicio A flaw was found in nettle in the way its RSA decryption functions handle specially crafted ciphertext. This flaw allows an attacker to provide a manipulated ciphertext, leading to an application crash and a denial of service. • https://bugzilla.redhat.com/show_bug.cgi?id=1967983 https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html https://security.gentoo.org/glsa/202401-24 https://security.netapp.com/advisory/ntap-20211104-0006 https://access.redhat.com/security/cve/CVE-2021-3580 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2021-33813 – jdom: XXE allows attackers to cause a DoS via a crafted HTTP request
https://notcve.org/view.php?id=CVE-2021-33813
An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. Un problema de tipo XXE en SAXBuilder en JDOM versiones hasta 2.0.6, permite a atacantes causar una denegación de servicio por medio de una petición HTTP diseñada • https://alephsecurity.com/vulns/aleph-2021003 https://github.com/hunterhacker/jdom/pull/188 https://github.com/hunterhacker/jdom/releases https://lists.apache.org/thread.html/r21c406c7ed88fe340db7dbae75e58355159e6c324037c7d5547bf40b%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r5674106135bb1a6ef57483f4c63a9c44bca85d0e2a8a05895a8f1d89%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r6db397ae7281ead825338200d1f62d2827585a70797cc9ac0c4bd23f%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r845 • CWE-611: Improper Restriction of XML External Entity Reference •