Page 141 of 4121 results (0.019 seconds)

CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2021-20254 – samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token

https://notcve.org/view.php?id=CVE-2021-20254

A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity. • https://bugzilla.redhat.com/show_bug.cgi?id=1949442 https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EP2VJ73OVBPVSOSTVOMGIEQA3MWF6F7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZAF6L2M6CNAJ2YYYGXPWETTW5YLCWTVT https://security.gentoo.org/glsa/202105-22 https://security.netapp.com/advisory/ntap-20210430-0001 https://www.samba.org/samba/security/CVE-2021-20254 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-31870

https://notcve.org/view.php?id=CVE-2021-31870

An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow. Se detectó un problema en klibc versiones anteriores a 2.0.9. Una multiplicación en la función calloc() puede resultar en un desbordamiento de enteros y un posterior desbordamiento del búfer de la pila. • http://www.openwall.com/lists/oss-security/2021/04/30/1 https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=292650f04c2b5348b4efbad61fb014ed09b4f3f2 https://kernel.org/pub/linux/libs/klibc/2.0 https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html https://lists.zytor.com/archives/klibc/2021-April/004593.html • CWE-190: Integer Overflow or Wraparound •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-31872

https://notcve.org/view.php?id=CVE-2021-31872

An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact. Se detectó un problema en klibc versiones anteriores a 2.0.9. Múltiples desbordamientos de enteros posibles en el comando cpio en sistemas de 32 bits pueden resultar en un desbordamiento del búfer u otro impacto en la seguridad. • http://www.openwall.com/lists/oss-security/2021/04/30/1 https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=9b1c91577aef7f2e72c3aa11a27749160bd278ff https://kernel.org/pub/linux/libs/klibc/2.0 https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html https://lists.zytor.com/archives/klibc/2021-April/004593.html • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-31871

https://notcve.org/view.php?id=CVE-2021-31871

An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereference on 64-bit systems. Se detectó un problema en klibc versiones anteriores a 2.0.9. Un desbordamiento de enteros en el comando cpio puede resultar en una desreferencia del puntero NULL en sistemas de 64 bits. • http://www.openwall.com/lists/oss-security/2021/04/30/1 https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=2e48a12ab1e30d43498c2d53e878a11a1b5102d5 https://kernel.org/pub/linux/libs/klibc/2.0 https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html https://lists.zytor.com/archives/klibc/2021-April/004593.html • CWE-190: Integer Overflow or Wraparound •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-31873

https://notcve.org/view.php?id=CVE-2021-31873

An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow. Se detectó un problema en klibc versiones anteriores a 2.0.9. Las adiciones en la función malloc() pueden resultar en un desbordamiento de enteros y un posterior desbordamiento del búfer de la pila. • http://www.openwall.com/lists/oss-security/2021/04/30/1 https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=a31ae8c508fc8d1bca4f57e9f9f88127572d5202 https://github.com/huolinjue/klibc/commit/a31ae8c508fc8d1bca4f57e9f9f88127572d5202 https://kernel.org/pub/linux/libs/klibc/2.0 https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html https://lists.zytor.com/archives/klibc/2021-April/004593.html • CWE-190: Integer Overflow or Wraparound •