CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 2CVE-2021-33034 – kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan
https://notcve.org/view.php?id=CVE-2021-33034
In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value. En el kernel de Linux versiones anteriores a 5.12.4, el archivo net/bluetooth/hci_event.c, presenta un uso de la memoria previamente liberada cuando se destruye un hci_chan, también se conoce como CID-5c4c8c954409. Esto conlleva a escribir un valor arbitrario A use-after-free flaw was found in hci_send_acl in the bluetooth host controller interface (HCI) in Linux kernel, where a local attacker with an access rights could cause a denial of service problem on the system The issue results from the object hchan, freed in hci_disconn_loglink_complete_evt, yet still used in other places. The highest threat from this vulnerability is to data integrity, confidentiality and system availability. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5c4c8c9544099bb9043a10a5318130a943e32fc3 https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GI7Z7UBWBGD3ABNIL2DC7RQDCGA4UVQW https://sites.google.com/view/syzscope/kasan-use-after-free-read- • CWE-416: Use After Free •
CVSS: 7.5EPSS: 1%CPEs: 25EXPL: 0CVE-2021-3537 – libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode
https://notcve.org/view.php?id=CVE-2021-3537
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability. Una vulnerabilidad encontrada en libxml2 en versiones anteriores a 2.9.11 muestra que no propagó errores al analizar el contenido mixto XML, causando una desreferencia de NULL. Si un documento XML que no es confiable fue analizado en modo de recuperación y pos-comprobado, el fallo podría usarse para bloquear la aplicación. • https://bugzilla.redhat.com/show_bug.cgi?id=1956522 https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV https://security.gentoo.org/glsa/202107-05 https://security.netapp.com/advisory/ntap-20210625-0002 https://www.oracle.com/security-alerts/cpuapr2022.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 0CVE-2021-32921
https://notcve.org/view.php?id=CVE-2021-32921
An issue was discovered in Prosody before 0.11.9. It does not use a constant-time algorithm for comparing certain secret strings when running under Lua 5.2 or later. This can potentially be used in a timing attack to reveal the contents of secret strings to an attacker. Se detectó un problema en Prosody versiones anteriores a 0.11.9. No utiliza un algoritmo de tiempo constante para comparar determinadas cadenas secretas cuando se ejecuta bajo Lua versiones 5.2 o posteriores. • http://www.openwall.com/lists/oss-security/2021/05/13/1 http://www.openwall.com/lists/oss-security/2021/05/14/2 https://blog.prosody.im/prosody-0.11.9-released https://lists.debian.org/debian-lts-announce/2021/06/msg00016.html https://lists.debian.org/debian-lts-announce/2021/06/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6MFFBZWXKPZEVZNQSVJNCUE7WRF3T7DG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2021-32917
https://notcve.org/view.php?id=CVE-2021-32917
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth. Se detectó un problema en Prosody versiones anteriores a 0.11.9. El componente proxy65 permite un acceso abierto por defecto, incluso si ninguno de los usuarios tiene una cuenta XMPP en el servidor local, permitiendo el uso sin restricciones del ancho de banda del servidor • http://www.openwall.com/lists/oss-security/2021/05/13/1 http://www.openwall.com/lists/oss-security/2021/05/14/2 https://blog.prosody.im/prosody-0.11.9-released https://lists.debian.org/debian-lts-announce/2021/06/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6MFFBZWXKPZEVZNQSVJNCUE7WRF3T7DG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GUN63AHEWB2WRROJHU3BVJRWLONCT2B7 https://lists.fedoraproject.org& • CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-25713 – raptor2: malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common
https://notcve.org/view.php?id=CVE-2020-25713
A malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common. Un archivo de entrada malformado puede conllevar a un error de segmentación debido a un acceso a la matriz fuera de límites en la función raptor_xml_writer_start_element_common • http://www.openwall.com/lists/oss-security/2020/11/16/1 https://bugs.librdf.org/mantis/view.php?id=650 https://bugzilla.redhat.com/show_bug.cgi?id=1900685 https://lists.debian.org/debian-lts-announce/2021/12/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27EQ2JCVMKG3EYTBYO4642P773I2NYUV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUIND56AOKEHHBE4OYV57M73LLOLJRLV https://access.redhat.com/security/cve& • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •