CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-42010 – dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets
https://notcve.org/view.php?id=CVE-2022-42010
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. Se ha detectado un problema en D-Bus versiones anteriores a 1.12.24, versiones 1.13.x y 1.14.x anteriores a 1.14.4, y versiones 1.15.x anteriores a 1.15.2. Un atacante autenticado puede causar que dbus-daemon y otros programas que usan libdbus sean bloqueados cuando reciben un mensaje con determinadas firmas de tipo no válido A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message with specific invalid type signatures. • https://gitlab.freedesktop.org/dbus/dbus/-/issues/418 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2 https://security.gentoo.org/glsa/202305-08 https://www.openwall.com/lists/oss-security/2022/10/06/1 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-42011 – dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type
https://notcve.org/view.php?id=CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type. Se ha detectado un problema en D-Bus versiones anteriores a 1.12.24, versiones 1.13.x y 1.14.x anteriores a 1.14.4, y versiones 1.15.x anteriores a 1.15.2. Un atacante autenticado puede causar que dbus-daemon y otros programas que usan libdbus sean bloqueados cuando reciben un mensaje en el que la longitud de un array es inconsistente con el tamaño del tipo de elemento A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash when receiving a message whose array length is inconsistent with the size of the element type. • https://gitlab.freedesktop.org/dbus/dbus/-/issues/413 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2 https://security.gentoo.org/glsa/202305-08 https://www.openwall.com/lists/oss-security/2022/10/06/1 • CWE-129: Improper Validation of Array Index CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-42012 – dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with "foreign" endianness correctly
https://notcve.org/view.php?id=CVE-2022-42012
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. Se ha detectado un problema en D-Bus versiones anteriores a 1.12.24, versiones 1.13.x y 1.14.x anteriores a 1.14.4, y versiones 1.15.x anteriores a 1.15.2. Un atacante autenticado puede causar que dbus-daemon y otros programas que usan libdbus sean bloqueados al enviar un mensaje con descriptores de archivo adjuntos en un formato no esperado A vulnerability found in D-bus. This flaw allows an authenticated attacker to cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. • https://gitlab.freedesktop.org/dbus/dbus/-/issues/417 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4CO7N226I3X5FNBR2MACCH6TS764VJP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ND74SKN56BCYL3QLEAAB6E64UUBRA5UG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SQCSLMCK2XGX23R2DKW2MSAICQAK6MT2 https://security.gentoo.org/glsa/202305-08 https://www.openwall.com/lists/oss-security/2022/10/06/1 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-3435 – Linux Kernel IPv4 fib_semantics.c fib_nh_match out-of-bounds
https://notcve.org/view.php?id=CVE-2022-3435
A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. • https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR https://lore.kernel.org/netdev/20221005181257.8897-1-dsahern%40kernel.org/T/#u https://vuldb.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 34EXPL: 0CVE-2022-2928 – An option refcount overflow exists in dhcpd
https://notcve.org/view.php?id=CVE-2022-2928
In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort. En ISC DHCP versiones 4.4.0 anteriores a 4.4.3, ISC DHCP versiones 4.1-ESV-R1 anteriores a 4.1-ESV-R16-P1, cuando la función option_code_hash_lookup() es llamada desde add_option(), incrementa el campo refcount de la opción. • https://kb.isc.org/docs/cve-2022-2928 https://lists.debian.org/debian-lts-announce/2022/10/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2SARIK7KZ7MGQIWDRWZFAOSQSPXY4GOU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQXYCIWUDILRCNBAIMVFCSGXBRKEPB4K https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T6IBFH4MRRNJQVWEKILQ6I6CXWW766FX https://security.gentoo.org/glsa/202305-22 https:/&#x • CWE-190: Integer Overflow or Wraparound CWE-476: NULL Pointer Dereference •