CVE-2022-23220
https://notcve.org/view.php?id=CVE-2022-23220
USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu, Debian, and Gentoo. USBView versiones 2.1 anteriores a 2.2, permite a algunos usuarios locales (por ejemplo, los que son conectados por SSH) ejecutar código arbitrario como root porque determinadas configuraciones de Polkit (por ejemplo, allow_any=yes) para pkexec deshabilitan el requisito de autenticación. Una ejecución de código puede, por ejemplo, usar la opción --gtk-module. • http://www.openwall.com/lists/oss-security/2022/01/22/1 https://github.com/gregkh/usbview/commit/bf374fa4e5b9a756789dfd88efa93806a395463b https://security.gentoo.org/glsa/202310-15 https://www.debian.org/security/2022/dsa-5052 https://www.openwall.com/lists/oss-security/2022/01/21/1 • CWE-306: Missing Authentication for Critical Function •
CVE-2021-3905
https://notcve.org/view.php?id=CVE-2021-3905
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments. Se ha encontrado una pérdida de memoria en Open vSwitch (OVS) durante el procesamiento de la fragmentación IP en el espacio de usuario. Un atacante podría usar este fallo para agotar potencialmente la memoria disponible al seguir enviando fragmentos de paquetes. • https://access.redhat.com/security/cve/CVE-2021-3905 https://bugzilla.redhat.com/show_bug.cgi?id=2019692 https://github.com/openvswitch/ovs-issues/issues/226 https://github.com/openvswitch/ovs/commit/803ed12e31b0377c37d7aa8c94b3b92f2081e349 https://security.gentoo.org/glsa/202311-16 https://ubuntu.com/security/CVE-2021-3905 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2021-45417 – aide: heap-based buffer overflow on outputs larger than B64_BUF
https://notcve.org/view.php?id=CVE-2021-45417
AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow. AIDE versiones anteriores a 0.17.4, permite a usuarios locales obtener privilegios de root por medio de metadatos de archivo diseñados (como atributos extendidos de XFS o ACLs de tmpfs), debido a un desbordamiento de búfer en la región heap de la memoria A heap-based buffer overflow vulnerability in the base64 functions of AIDE, an advanced intrusion detection system. An attacker could crash the program and possibly execute arbitrary code through large (<16k) extended file attributes or ACL. • http://www.openwall.com/lists/oss-security/2022/01/20/3 https://lists.debian.org/debian-lts-announce/2022/01/msg00024.html https://security.gentoo.org/glsa/202311-07 https://www.debian.org/security/2022/dsa-5051 https://www.ipi.fi/pipermail/aide/2022-January/001713.html https://www.openwall.com/lists/oss-security/2022/01/20/3 https://access.redhat.com/security/cve/CVE-2021-45417 https://bugzilla.redhat.com/show_bug.cgi?id=2041489 • CWE-787: Out-of-bounds Write •
CVE-2022-20698 – Clam AntiVirus (ClamAV) Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20698
A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition. Una vulnerabilidad en el módulo de análisis de OOXML en el software Clam AntiVirus (ClamAV) versión 0.104.1 y LTS versiones 0.103.4 y anteriores, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio en un dispositivo afectado. • https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html https://security.gentoo.org/glsa/202310-01 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVE-2021-44420 – django: potential bypass of an upstream access control based on URL paths
https://notcve.org/view.php?id=CVE-2021-44420
In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. En Django versiones 2.2 anteriores a 2.2.25, versiones 3.1 anteriores a 3.1.14, y versiones 3.2 anteriores a 3.2.10, las peticiones HTTP para URLs con líneas nuevas al final podían omitir el control de acceso de la corriente principal basado en las rutas de las URLs • https://docs.djangoproject.com/en/3.2/releases/security https://groups.google.com/forum/#%21forum/django-announce https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV https://security.netapp.com/advisory/ntap-20211229-0006 https://www.djangoproject.com/weblog/2021/dec/07/security-releases https://www.openwall.com/lists/oss-security/2021/12/07/1 https://access.redhat.com/security/cve/CVE-2021-44420 https://bugzilla.redhat • CWE-290: Authentication Bypass by Spoofing •