CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43997
https://notcve.org/view.php?id=CVE-2021-43997
FreeRTOS versions 10.2.0 through 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions through 10.4.6 do not prevent a third party that has already independently gained the ability to execute injected code to achieve further privilege escalation by branching directly inside a FreeRTOS MPU API wrapper function with a manually crafted stack frame. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with MPU support enabled (i.e. configENABLE_MPU set to 1). These are fixed in V10.5.0 and in V10.4.3-LTS Patch 3. Las versiones de FreeRTOS versiones10.2.0 hasta la 10.4.5 no evitan que el código que no es del núcleo llame a la función interna xPortRaisePrivilege para elevar el privilegio. • https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-2 https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-3 https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.6 https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.5.0 •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41150 – Improper sanitization of delegated role names in tough
https://notcve.org/view.php?id=CVE-2021-41150
Tough provides a set of Rust libraries and tools for using and generating the update framework (TUF) repositories. The tough library, prior to 0.12.0, does not properly sanitize delegated role names when caching a repository, or when loading a repository from the filesystem. When the repository is cached or loaded, files ending with the .json extension could be overwritten with role metadata anywhere on the system. A fix is available in version 0.12.0. No workarounds to this issue are known. • https://github.com/awslabs/tough/commit/1809b9bd1106d78a51fbea3071aa97a3530bac9a https://github.com/awslabs/tough/security/advisories/GHSA-r56q-vv3c-6g9c https://github.com/theupdateframework/python-tuf/security/advisories/GHSA-wjw6-2cqr-j4qr • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41149 – Improper sanitization of target names in tough
https://notcve.org/view.php?id=CVE-2021-41149
Tough provides a set of Rust libraries and tools for using and generating the update framework (TUF) repositories. The tough library, prior to 0.12.0, does not properly sanitize target names when caching a repository, or when saving specific targets to an output directory. When targets are cached or saved, files could be overwritten with arbitrary content anywhere on the system. A fix is available in version 0.12.0. No workarounds to this issue are known. • https://github.com/awslabs/tough/commit/1809b9bd1106d78a51fbea3071aa97a3530bac9a https://github.com/awslabs/tough/security/advisories/GHSA-x3r5-q6mj-m485 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2021-38112
https://notcve.org/view.php?id=CVE-2021-38112
In the Amazon AWS WorkSpaces client 3.0.10 through 3.1.8 on Windows, argument injection in the workspaces:// URI handler can lead to remote code execution because of the Chromium Embedded Framework (CEF) --gpu-launcher argument. This is fixed in 3.1.9. En Amazon AWS WorkSpaces client desde la versión 3.0.10 hasta la versión 3.1.8 en Windows, la inyección de argumentos en el manejador de workspaces:// URI puede conducir a la ejecución remota de código debido al argumento --gpu-launcher de Chromium Embedded Framework (CEF). Esto se ha corregido en la versión 3.1.9 • https://docs.aws.amazon.com/workspaces/latest/userguide/amazon-workspaces-windows-client.html#windows-release-notes https://rhinosecuritylabs.com/aws/cve-2021-38112-aws-workspaces-rce • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 1CVE-2021-30355
https://notcve.org/view.php?id=CVE-2021-30355
Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root. Amazon Kindle e-reader versiones anteriores a 5.13.4, incluyéndola, maneja inapropiadamente los privilegios, permitiendo al usuario del framework elevar los privilegios a root • https://research.checkpoint.com/2021/i-can-take-over-your-kindle • CWE-269: Improper Privilege Management •