CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0CVE-2022-38178 – Memory leaks in EdDSA DNSSEC verification code
https://notcve.org/view.php?id=CVE-2022-38178
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. Al falsificar el resolver objetivo con respuestas que presentan una firma EdDSA malformada, un atacante puede desencadenar una pequeña pérdida de memoria. Es posible erosionar gradualmente la memoria disponible hasta el punto de que named sea bloqueado por falta de recursos A flaw was found in the Bind package, where the DNSSEC verification code for the EdDSA algorithm leaks memory when there is a signature length mismatch. By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak, resulting in crashing the program. • http://www.openwall.com/lists/oss-security/2022/09/21/3 https://kb.isc.org/docs/cve-2022-38178 https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 34EXPL: 0CVE-2022-38177 – Memory leak in ECDSA DNSSEC verification code
https://notcve.org/view.php?id=CVE-2022-38177
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. Al falsificar el resolver objetivo con respuestas que presentan una firma ECDSA malformada, un atacante puede desencadenar una pequeña pérdida de memoria. Es posible erosionar gradualmente la memoria disponible hasta el punto de que named sea bloqueado por falta de recursos A flaw was found in the Bind package. By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak, resulting in crashing the program. • http://www.openwall.com/lists/oss-security/2022/09/21/3 https://kb.isc.org/docs/cve-2022-38177 https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.3EPSS: 0%CPEs: 35EXPL: 0CVE-2022-2795 – Processing large delegations may severely degrade resolver performance
https://notcve.org/view.php?id=CVE-2022-2795
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. Al inundar el resolvedor de destino con consultas que explotan este fallo, un atacante puede perjudicar significativamente el rendimiento del resolvedor, negando efectivamente a los clientes legítimos el acceso al servicio de resolución DNS A flaw was found in bind. When flooding the target resolver with special queries, an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. • http://www.openwall.com/lists/oss-security/2022/09/21/3 https://kb.isc.org/docs/cve-2022-2795 https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5S • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 3CVE-2022-41218 – kernel: Report vmalloc UAF in dvb-core/dmxdev
https://notcve.org/view.php?id=CVE-2022-41218
In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. En el archivo drivers/media/dvb-core/dmxdev.c en el kernel de Linux versiones hasta 5.19.10, se presenta un uso de memoria previamente liberada causado por refcount races, que afecta a dvb_demux_open y dvb_dmxdev_release A use-after-free flaw was found in the Linux kernel’s dvb-core subsystem (DVB API used by Digital TV devices) in how a user physically removed a USB device (such as a DVB demultiplexer device) while running malicious code. This flaw allows a local user to crash or potentially escalate their privileges on the system. • https://github.com/Tobey123/CVE-2022-41218 http://www.openwall.com/lists/oss-security/2022/09/23/4 http://www.openwall.com/lists/oss-security/2022/09/24/1 http://www.openwall.com/lists/oss-security/2022/09/24/2 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fd3d91ab1c6ab0628fe642dd570b56302c30a792 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/drivers/media/dvb-core/dmxdev.c https://lists.debian.org/debian-lts-ann • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 13EXPL: 1CVE-2022-41222 – kernel: mm/mremap.c use-after-free vulnerability
https://notcve.org/view.php?id=CVE-2022-41222
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. El archivo mm/mremap.c en el kernel de Linux versiones anteriores a 5.13.3, presenta un uso de memoria previamente liberada por medio de un TLB obsoleto porque un bloqueo rmap no es mantenido durante un movimiento PUD A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code in how a race condition happens between rmap walk and mremap. This flaw allows a local user to crash or potentially escalate their privileges on the system. Linux stable versions 5.4 and 5.10 suffers from a page use-after-free via stale TLB caused by an rmap lock not held during PUD move. • http://packetstormsecurity.com/files/168466/Linux-Stable-5.4-5.10-Use-After-Free-Race-Condition.html http://packetstormsecurity.com/files/171005/Kernel-Live-Patch-Security-Notice-LNS-0091-1.html https://bugs.chromium.org/p/project-zero/issues/detail?id=2347 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2 https://lists.debian.org/debian-lts-announce/2022/11/msg00001 • CWE-416: Use After Free •