CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 1CVE-2021-3622 – hivex: stack overflow due to recursive call of _get_children()
https://notcve.org/view.php?id=CVE-2021-3622
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo en hivex library. Este fallo permite a un atacante introducir un archivo del Registro de Windows (hive) especialmente diseñado, lo que causaría que hivex llamara recursivamente a la función _get_children(), conllevando a un desbordamiento de pila. • https://bugzilla.redhat.com/show_bug.cgi?id=1975489 https://github.com/libguestfs/hivex/commit/771728218dac2fbf6997a7e53225e75a4c6b7255 https://listman.redhat.com/archives/libguestfs/2021-August/msg00002.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S35TVTAPHORSUIFYNFBHKLQRPVFUPXBE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/USD4OEV6L3RPHE32V2MJ4JPFBODINWSU https://access.redhat.com/security/cve/CVE-2021-3622 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 1CVE-2021-3690 – undertow: buffer leak on incoming websocket PONG message may lead to DoS
https://notcve.org/view.php?id=CVE-2021-3690
A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability. Se ha encontrado un fallo en Undertow. • https://access.redhat.com/security/cve/CVE-2021-3690 https://bugzilla.redhat.com/show_bug.cgi?id=1991299 https://github.com/undertow-io/undertow/commit/c7e84a0b7efced38506d7d1dfea5902366973877 https://issues.redhat.com/browse/UNDERTOW-1935 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.3EPSS: 0%CPEs: 13EXPL: 0CVE-2021-3621 – sssd: shell command injection in sssctl
https://notcve.org/view.php?id=CVE-2021-3621
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se encontró un fallo en SSSD, donde el comando sssctl era vulnerable a la inyección de comandos de shell por medio de los subcomandos logs-fetch y cache-expire. Este fallo permite a un atacante engañar al usuario root para que ejecute un comando sssctl especialmente diseñado, por ejemplo por medio de sudo, para conseguir acceso de root. • https://bugzilla.redhat.com/show_bug.cgi?id=1975142 https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html https://sssd.io/release-notes/sssd-2.6.0.html https://access.redhat.com/security/cve/CVE-2021-3621 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.9EPSS: 0%CPEs: 11EXPL: 0CVE-2021-3635 – kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50
https://notcve.org/view.php?id=CVE-2021-3635
A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands. Se ha detectado un fallo en la implementación del netfilter del kernel de Linux en versiones anteriores a 5.5-rc7. Un usuario con acceso de root (CAP_SYS_ADMIN) es capaz de hacer entrar en pánico al sistema cuando emite comandos netfilter netflow. A flaw was found in the Linux kernel netfilter implementation. • https://bugzilla.redhat.com/show_bug.cgi?id=1976946 https://access.redhat.com/security/cve/CVE-2021-3635 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.9EPSS: 0%CPEs: 9EXPL: 1CVE-2021-3573 – kernel: use-after-free in function hci_sock_bound_ioctl()
https://notcve.org/view.php?id=CVE-2021-3573
A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5. Se detectó un uso de la memoria previamente liberada en la función hci_sock_bound_ioctl() del subsistema HCI del kernel de Linux en la manera en que el usuario llama a ioct HCIUNBLOCKADDR o de otra manera desencadena una condición de carrera de la llamada hci_unregister_dev() junto con una de las llamadas hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). Un usuario local privilegiado podría usar este fallo para bloquear el sistema o escalar sus privilegios en el sistema. • http://www.openwall.com/lists/oss-security/2023/07/02/1 https://bugzilla.redhat.com/show_bug.cgi?id=1966578 https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52 https://www.openwall.com/lists/oss-security/2021/06/08/2 https://access.redhat.com/security/cve/CVE-2021-3573 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •