CVSS: 9.8EPSS: 1%CPEs: 17EXPL: 1CVE-2022-29155
https://notcve.org/view.php?id=CVE-2022-29155
In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping. En OpenLDAP versiones 2.x anteriores a 2.5.12 y versiones 2.6.x anteriores a 2.6.2, se presenta una vulnerabilidad de inyección SQL en el backend experimental back-sql de slapd, por medio de una sentencia SQL dentro de una consulta LDAP. Esto puede ocurrir durante una operación de búsqueda LDAP cuando es procesado el filtro de búsqueda, debido a una falta de escapes apropiados • https://bugs.openldap.org/show_bug.cgi?id=9815 https://lists.debian.org/debian-lts-announce/2022/05/msg00032.html https://security.netapp.com/advisory/ntap-20220609-0007 https://www.debian.org/security/2022/dsa-5140 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.4EPSS: 0%CPEs: 28EXPL: 2CVE-2022-29824 – libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write
https://notcve.org/view.php?id=CVE-2022-29824
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. En libxml2 versiones anteriores a 2.9.14, varias funciones de manejo de búferes en buf.c (xmlBuf*) y tree.c (xmlBuffer*) no comprueban los desbordamientos de enteros. • http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html http://packetstormsecurity.com/files/169825/libxml2-xmlParseNameComplex-Integer-Overflow.html https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14 https://gitlab.gnome.org/GNOME/libxslt/-/tags https://lists.debian.org/debian-lts-announce/2022/05/msg0 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 1CVE-2022-29968
https://notcve.org/view.php?id=CVE-2022-29968
An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private. Se ha detectado un problema en el kernel de Linux versiones hasta 5.17.5. La función io_rw_init_file en el archivo fs/io_uring.c carece de la inicialización de kiocb-)private • https://github.com/jprx/CVE-2022-29968 https://github.com/torvalds/linux/commit/32452a3eb8b64e01e2be717f518c0be046975b9d https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU7MT7BPTA2NG24BTLZF5ZWYTLSO7BU3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TLWTG3TWIMLNQEVTA3ZQYVLLU2AJM3DY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XA7UZ3HS73KXVYCIKN5ZDH7LLLGPUMOZ https://security.netapp.com/advisory/ntap-20220715-0009 • CWE-909: Missing Initialization of Resource •
CVSS: 7.1EPSS: 0%CPEs: 29EXPL: 0CVE-2022-1353 – kernel: kernel info leak issue in pfkey_register
https://notcve.org/view.php?id=CVE-2022-1353
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. Se encontró una vulnerabilidad en la función pfkey_register en el archivo net/key/af_key.c en el kernel de Linux. Este fallo permite a un usuario local no privilegiado acceder a la memoria del kernel, conllevando a un bloqueo del sistema o un filtrado de información interna del kernel • https://bugzilla.redhat.com/show_bug.cgi?id=2066819 https://github.com/torvalds/linux/commit/9a564bccb78a76740ea9d75a259942df8143d02c https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://security.netapp.com/advisory/ntap-20220629-0001 https://www.debian.org/security/2022/dsa-5127 https://www.debian.org/security/2022/dsa-5173 https://access.redhat.com/security/cve/CVE-2022-1353 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 7.0EPSS: 0%CPEs: 26EXPL: 0CVE-2022-1048 – kernel: race condition in snd_pcm_hw_free leading to use-after-free
https://notcve.org/view.php?id=CVE-2022-1048
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system. Se ha encontrado un fallo de uso de memoria previamente liberada en el subsistema de sonido del kernel de Linux en la forma en que un usuario desencadena las llamadas concurrentes de PCM hw_params. La ioctls hw_free o una condición de carrera similar ocurre dentro de ALSA PCM para otras ioctls. • https://bugzilla.redhat.com/show_bug.cgi?id=2066706 https://lore.kernel.org/lkml/20220322170720.3529-5-tiwai%40suse.de/T/#m1d3b791b815556012c6be92f1c4a7086b854f7f3 https://security.netapp.com/advisory/ntap-20220629-0001 https://www.debian.org/security/2022/dsa-5127 https://www.debian.org/security/2022/dsa-5173 https://access.redhat.com/security/cve/CVE-2022-1048 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •