CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0552 – origin-aggregated-logging/elasticsearch: Incomplete fix for netty-codec-http CVE-2021-21409
https://notcve.org/view.php?id=CVE-2022-0552
A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. The vulnerable netty-codec-http maven package was not removed from the image content. This flaw affects origin-aggregated-logging versions 3.11. Se ha encontrado un fallo en la corrección original de netty-codec-http CVE-2021-21409, donde el contenedor OpenShift Logging openshift-logging/elasticsearch6-rhel8 estaba incompleto. El paquete maven vulnerable netty-codec-http no fue eliminado del contenido de la imagen. • https://access.redhat.com/security/cve/CVE-2021-21409 https://bugzilla.redhat.com/show_bug.cgi?id=2052539 https://github.com/openshift/origin-aggregated-logging/commit/d6b72d6c32e7c06b65324294d10406546734004d https://access.redhat.com/security/cve/CVE-2022-0552 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 6.1EPSS: 89%CPEs: 5EXPL: 1CVE-2021-3654 – openstack-nova: novnc allows open redirection
https://notcve.org/view.php?id=CVE-2021-3654
A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL. Se ha encontrado una vulnerabilidad en el proxy de consola de openstack-nova, noVNC. Mediante el diseño de una URL maliciosa, noVNC puede ser redirigido a cualquier URL deseada A vulnerability was found in CPython which is used by openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL. • https://bugs.launchpad.net/nova/+bug/1927677 https://bugs.python.org/issue32084 https://bugzilla.redhat.com/show_bug.cgi?id=1961439 https://opendev.org/openstack/nova/commit/04d48527b62a35d912f93bc75613a6cca606df66 https://opendev.org/openstack/nova/commit/8906552cfc2525a44251d4cf313ece61e57251eb https://security.gentoo.org/glsa/202305-02 https://security.openstack.org/ossa/OSSA-2021-002.html https://www.openwall.com/lists/oss-security/2021/07/29/2 https://access.redhat.com/security/cve/CVE-2021- • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-0135
https://notcve.org/view.php?id=CVE-2022-0135
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution. Se ha encontrado un problema de escritura fuera de límites en el renderizador virtual OpenGL de VirGL (virglrenderer). Este defecto permite a un invitado malicioso crear un recurso virgil especialmente diseñado y luego emitir un ioctl VIRTGPU_EXECBUFFER, conllevando a una denegación de servicio o a una posible ejecución de código. • https://bugzilla.redhat.com/show_bug.cgi?id=2037790 https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html https://security.gentoo.org/glsa/202210-05 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-0175
https://notcve.org/view.php?id=CVE-2022-0175
A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure. Se encontró un fallo en VirGL virtual OpenGL renderer (virglrenderer). El virgl no inicializaba apropiadamente la memoria cuando asignaba un recurso de memoria respaldado por el host. • https://access.redhat.com/security/cve/CVE-2022-0175 https://bugzilla.redhat.com/show_bug.cgi?id=2039003 https://gitlab.freedesktop.org/virgl/virglrenderer/-/commit/b05bb61f454eeb8a85164c8a31510aeb9d79129c https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/654 https://security-tracker.debian.org/tracker/CVE-2022-0175 https://security.gentoo.org/glsa/202210-05 • CWE-909: Missing Initialization of Resource •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-0358 – QEMU: virtiofsd: potential privilege escalation via CVE-2018-13405
https://notcve.org/view.php?id=CVE-2022-0358
A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of the group. This could allow a malicious unprivileged user inside the guest to gain access to resources accessible to the root group, potentially escalating their privileges within the guest. A malicious local user in the host might also leverage this unexpected executable file created by the guest to escalate their privileges on the host system. • https://access.redhat.com/security/cve/CVE-2022-0358 https://bugzilla.redhat.com/show_bug.cgi?id=2044863 https://gitlab.com/qemu-project/qemu/-/commit/449e8171f96a6a944d1f3b7d3627ae059eae21ca https://security.netapp.com/advisory/ntap-20221007-0008 • CWE-273: Improper Check for Dropped Privileges •