CVE-2024-0333
https://notcve.org/view.php?id=CVE-2024-0333
Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. (Chromium security severity: High) La validación de datos insuficiente en Extensions de Google Chrome anteriores a 120.0.6099.216 permitió a un atacante en una posición privilegiada de la red instalar una extensión maliciosa a través de una página HTML manipulada. (Severidad de seguridad de Chromium: alta) • https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_9.html https://crbug.com/1513379 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BXC7FJIAZRY3P72XC4Z4UOW2QDA7YX7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPYCYENYQYADCOS6XG4JITUVRZ6HTE2B •
CVE-2023-41056 – Redis vulnerable to integer overflow in certain payloads
https://notcve.org/view.php?id=CVE-2023-41056
Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4. Redis es una base de datos en memoria que persiste en el disco. Redis maneja incorrectamente el cambio de tamaño de los búferes de memoria, lo que puede provocar un desbordamiento de enteros que provoca un desbordamiento del montón y una posible ejecución remota de código. • https://github.com/redis/redis/releases/tag/7.0.15 https://github.com/redis/redis/releases/tag/7.2.4 https://github.com/redis/redis/security/advisories/GHSA-xr47-pcmx-fq2m https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JTGQJ2YLYB24B72I5B5H32YIMPVSWIT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JTWHPLC3RI67VNRDOIXLDVNC5YMYBMQN https://security.netapp.com/advisory/ntap-20240223-0003 • CWE-190: Integer Overflow or Wraparound CWE-762: Mismatched Memory Management Routines •
CVE-2023-5455 – Ipa: invalid csrf protection
https://notcve.org/view.php?id=CVE-2023-5455
A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt. • https://access.redhat.com/errata/RHSA-2024:0137 https://access.redhat.com/errata/RHSA-2024:0138 https://access.redhat.com/errata/RHSA-2024:0139 https://access.redhat.com/errata/RHSA-2024:0140 https://access.redhat.com/errata/RHSA-2024:0141 https://access.redhat.com/errata/RHSA-2024:0142 https://access.redhat.com/errata/RHSA-2024:0143 https://access.redhat.com/errata/RHSA-2024:0144 https://access.redhat.com/errata/RHSA-2024:0145 https://access.redhat.com/errata/RHSA • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2023-6270 – Kernel: aoe: improper reference count leads to use-after-free vulnerability
https://notcve.org/view.php?id=CVE-2023-6270
A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution. Se encontró una falla en el controlador ATA sobre Ethernet (AoE) en el kernel de Linux. La función aoecmd_cfg_pkts() actualiza incorrectamente el refcnt en `struct net_device`, y se puede activar el use after free corriendo entre lo libre en la estructura y el acceso a través de la cola global `skbtxq`. • https://access.redhat.com/security/cve/CVE-2023-6270 https://bugzilla.redhat.com/show_bug.cgi?id=2256786 https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html • CWE-416: Use After Free •
CVE-2024-0225
https://notcve.org/view.php?id=CVE-2024-0225
Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El use after free en WebGPU en Google Chrome anterior a 120.0.6099.199 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html https://crbug.com/1506923 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYONA2XSNFMXLAW4IHLFI5UVV3QRNG5K https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6C2HN4T2S6GYNTAUXLH45LQZHK7QPHP https://security.gentoo.org/glsa/202401-34 • CWE-416: Use After Free •