CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 1CVE-2020-8648 – kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c
https://notcve.org/view.php?id=CVE-2020-8648
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. Se presenta una vulnerabilidad de uso de la memoria previamente liberada en el kernel de Linux versiones hasta 5.5.2, en la función n_tty_receive_buf_common en el archivo drivers/tty/n_tty.c. A use-after-free flaw was found in the Linux kernel console driver when using the copy-paste buffer. This flaw allows a local user to crash the system. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html https://bugzilla.kernel.org/show_bug.cgi?id=206361 https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://security.netapp.com/advisory/ntap-20200924-0004 https://usn.ubuntu.com/4342-1 https://usn.ubuntu.com/4344-1 https://usn.ubuntu.com/4345-1 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-3123
https://notcve.org/view.php?id=CVE-2020-3123
A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users that have enabled the optional DLP feature. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition. Una vulnerabilidad en el módulo Data-Loss-Prevention (DLP) en el software Clam AntiVirus (ClamAV) versiones 0.102.1 y 0.102.0, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio sobre un dispositivo afectado. • https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062 https://security.gentoo.org/glsa/202003-46 https://usn.ubuntu.com/4280-1 https://usn.ubuntu.com/4280-2 • CWE-125: Out-of-bounds Read •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-8632 – cloud-init: Too short random password length in cc_set_password in config/cc_set_passwords.py
https://notcve.org/view.php?id=CVE-2020-8632
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords. En cloud-init versiones hasta 19.4, la función rand_user_password en el archivo cloudinit/config/cc_set_passwords.py posee un pequeño valor predeterminado de pwlen, lo que facilita a atacantes adivinar las contraseñas. A flaw was found in cloud-init, where it uses short passwords when generating a random password in new instances. Depending on the instance configuration, a remote or local attacker may abuse this vulnerability to guess the password of the victim user. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00042.html https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1860795 https://github.com/canonical/cloud-init/pull/189 https://lists.debian.org/debian-lts-announce/2020/02/msg00021.html https://access.redhat.com/security/cve/CVE-2020-8632 https://bugzilla.redhat.com/show_bug.cgi?id=1798728 • CWE-330: Use of Insufficiently Random Values CWE-521: Weak Password Requirements •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-8631 – cloud-init: Use of random.choice when generating random password
https://notcve.org/view.php?id=CVE-2020-8631
cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function. cloud-init versiones hasta 19.4 se basa en Mersenne Twister para una contraseña aleatoria, lo que facilita a atacantes predecir contraseñas, porque la función rand_str en el archivo cloudinit/util.py llama a la función random.choice. A flaw was found in cloud-init, where it uses the random.choice function when creating sensitive random strings used for generating a random password in new instances. Depending on the instance configuration, a remote or local attacker may abuse this vulnerability to guess the password of the victim user. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00042.html https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1860795 https://github.com/canonical/cloud-init/pull/204 https://lists.debian.org/debian-lts-announce/2020/02/msg00021.html https://access.redhat.com/security/cve/CVE-2020-8631 https://bugzilla.redhat.com/show_bug.cgi?id=1798731 • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2019-12528 – squid: Information Disclosure issue in FTP Gateway
https://notcve.org/view.php?id=CVE-2019-12528
An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes. Se detectó un problema en Squid versiones anteriores a 4.10. Permite a un servidor FTP diseñado desencadenar una divulgación de información confidencial de la memoria de la pila, tal y como la información asociada con las sesiones de otros usuarios o procesos que no son de Squid. A flaw was found in squid. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html http://www.squid-cache.org/Advisories/SQUID-2020_2.txt https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6W2IQ7QV2OGREFFUBNVZIDD3RJBDE4R https://lists.fedoraproject.org/archives/li • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •