CVSS: 6.5EPSS: 0%CPEs: 1575EXPL: 2CVE-2022-40982 – hw: Intel: Gather Data Sampling (GDS) side channel vulnerability
https://notcve.org/view.php?id=CVE-2022-40982
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. La exposición de información a través del estado microarquitectónico tras la ejecución transitoria en determinadas unidades de ejecución vectorial de algunos procesadores Intel(R) puede permitir a un usuario autenticado la divulgación potencial de información a través del acceso local. A Gather Data Sampling (GDS) transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction (load from memory) to infer stale data from previously used vector registers on the same physical core. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html https://access.redhat.com/solutions/7027704 https://aws.amazon.com/security/security-bulletins/AWS-2023-007 https://downfall.page https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR https://lists.fedoraproject.org • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy CWE-1342: Information Exposure through Microarchitectural State after Transient Execution •
CVSS: 5.9EPSS: 0%CPEs: 10EXPL: 0CVE-2022-2127 – Samba: out-of-bounds read in winbind auth_crap
https://notcve.org/view.php?id=CVE-2022-2127
An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manager response length. When Winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash. • https://access.redhat.com/errata/RHSA-2023:6667 https://access.redhat.com/errata/RHSA-2023:7139 https://access.redhat.com/errata/RHSA-2024:0423 https://access.redhat.com/errata/RHSA-2024:0580 https://access.redhat.com/security/cve/CVE-2022-2127 https://bugzilla.redhat.com/show_bug.cgi?id=2222791 https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC https:& • CWE-125: Out-of-bounds Read •
CVSS: 3.3EPSS: 0%CPEs: 10EXPL: 1CVE-2023-2602 – libcap: Memory Leak on pthread_create() Error
https://notcve.org/view.php?id=CVE-2023-2602
A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory. • https://bugzilla.redhat.com/show_bug.cgi?id=2209114 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ57ICDLMVYEREXQGZWL4GWI7FRJCRQT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPEGCFMCN5KGCFX5Y2VTKR732TTD4ADW https://www.x41-dsec.de/static/reports/X41-libcap-Code-Review-2023-OSTIF-Final-Report.pdf https://access.redhat.com/security/cve/CVE-2023-2602 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.8EPSS: 10%CPEs: 8EXPL: 0CVE-2022-46341 – X.Org Server ProcXIPassiveUngrabDevice Improper Validation of Array Index Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-46341
A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. Se encontró una vulnerabilidad en X.Org. Esta falla de seguridad se produce porque el controlador de la solicitud XIPassiveUngrab accede a la memoria fuera de los límites cuando se invoca con un código clave o un código de botón alto. • https://access.redhat.com/security/cve/CVE-2022-46341 https://bugzilla.redhat.com/show_bug.cgi?id=2151756 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA https://security.gentoo.org/glsa/202305-30 https://ww • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 7%CPEs: 8EXPL: 0CVE-2022-46340 – X.Org Server XTestFakeInput Type Confusion Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-46340
A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. This issue does not affect systems where client and server use the same byte order. Se encontró una vulnerabilidad en X.Org. • https://access.redhat.com/security/cve/CVE-2022-46340 https://bugzilla.redhat.com/show_bug.cgi?id=2151755 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWTH3SNJ3GKYDSN7I3QDGWYEPSMWU6EP https://lists.fedoraproject.org/archives/list/package-announce% • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •