CVSS: 5.5EPSS: 0%CPEs: 41EXPL: 1CVE-2020-12771 – Ubuntu Security Notice USN-4463-1
https://notcve.org/view.php?id=CVE-2020-12771
09 May 2020 — An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails. Se detectó un problema en el kernel de Linux versiones hasta 5.6.11. La función btree_gc_coalesce en el archivo drivers/md/bcache/btree.c, presenta un punto muerto si se produce un fallo de la operación de coalescencia. Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the i915... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00071.html • CWE-667: Improper Locking •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 2CVE-2020-12762 – libfastjson: integer overflow and out-of-bounds write via a large JSON file
https://notcve.org/view.php?id=CVE-2020-12762
09 May 2020 — json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. json-c versiones hasta 0.14, presenta un desbordamiento de enteros y una escritura fuera de límites por medio de un archivo JSON grande, como es demostrado por la función printbuf_memappend. A flaw was found in json-c. In printbuf_memappend, certain crafted values can overflow the memory allowing an attacker to write past the memory boundary. The highest threat from this vulnerab... • https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 35EXPL: 0CVE-2020-10690 – kernel: use-after-free in cdev_put() when a PTP device is removed while it's chardev is open
https://notcve.org/view.php?id=CVE-2020-10690
08 May 2020 — There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying device is removed, it can cause an exploitable condition as the process wakes up to terminate and clean all attached files. The system crashes due to the cdev structure being invalid (as already freed) which is pointe... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-12656 – Ubuntu Security Notice USN-4485-1
https://notcve.org/view.php?id=CVE-2020-12656
05 May 2020 — gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not already available. It is a problem that on unloading a specific kernel module some memory is leaked, but loading kernel modules is a privileged operation. A user could also write a kernel module to consume any amount of memory they li... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 4%CPEs: 67EXPL: 1CVE-2020-12243 – openldap: denial of service via nested boolean expressions in LDAP search filters
https://notcve.org/view.php?id=CVE-2020-12243
28 Apr 2020 — In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). En el archivo filter.c en slapd en OpenLDAP versiones anteriores a 2.4.50, los filtros de búsqueda de LDAP con expresiones booleanas anidadas pueden resultar en una denegación de servicio (bloqueo del demonio). Red Hat OpenShift Do is a simple CLI tool for developers to create, build, and deploy applications on OpenShift. The odo tool is completely client-based ... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00016.html • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •
CVSS: 9.8EPSS: 1%CPEs: 20EXPL: 1CVE-2019-20788 – libvncserver: integer overflow and heap-based buffer overflow in libvncclient/cursor.c in HandleCursorShape function
https://notcve.org/view.php?id=CVE-2019-20788
23 Apr 2020 — libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690. En la biblioteca libvncclient/cursor.c en LibVNCServer versiones hasta 0.9.12, tiene un desbordamiento de enteros en la función HandleCursorShape y un desbordamiento de búfer en la región heap de la memoria por medio de un valor de alto o ancho grande. A flaw was found in libvncserver in versions through 0.9.12.... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00027.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 6EXPL: 0CVE-2020-0067 – Ubuntu Security Notice USN-4390-1
https://notcve.org/view.php?id=CVE-2020-0067
17 Apr 2020 — In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not required for exploitation.Product: Android. Versions: Android kernel. Android ID: A-120551147. • http://android.googlesource.com/kernel/common/+/688078e7 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2019-7306 – Byobu apport hook uploads user's ~/.screenrc
https://notcve.org/view.php?id=CVE-2019-7306
17 Apr 2020 — Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. This issue affects: byobu El hook Byobu Apport puede divulgar información confidencial ya que carga de forma automática la extensión .screenrc de un usuario local que puede contener los nombres de host privados, nombres de usuario y contraseñas. Este problema afecta a: byobu Sander Bos discovered that Byobu incorrectly handled certain Ap... • https://bugs.launchpad.net/ubuntu/+source/byobu/+bug/1827202 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 6.0EPSS: 0%CPEs: 5EXPL: 0CVE-2020-11565 – kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c
https://notcve.org/view.php?id=CVE-2020-11565
06 Apr 2020 — An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue “is a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held.” ** EN DISPUTA ** Se detectó un problema en... • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 8EXPL: 0CVE-2020-11494 – Debian Security Advisory 4698-1
https://notcve.org/view.php?id=CVE-2020-11494
02 Apr 2020 — An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4. Se detectó un problema en la función slc_bump en el archivo drivers/net/can/slcan.c en el kernel de Linux versión 3.16 hasta la versión 5.6.2. Permite a atacantes leer datos de can_frame no inicializados, con... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html • CWE-908: Use of Uninitialized Resource CWE-909: Missing Initialization of Resource •