Page 2 of 27 results (0.023 seconds)

CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 1

CVE-2021-3773 – kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients

https://notcve.org/view.php?id=CVE-2021-3773

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. Un fallo en netfilter podría permitir a un atacante conectado a la red inferir información del endpoint de la conexión openvpn para su posterior uso en ataques de red tradicionales • https://github.com/d0rb/CVE-2021-3773 https://bugzilla.redhat.com/show_bug.cgi?id=2004949 https://www.oracle.com/security-alerts/cpujul2022.html https://citizenlab.ca/2024/07/vulnerabilities-in-vpns-paper-presented-at-the-privacy-enhancing-technologies-symposium-2024 https://access.redhat.com/security/cve/CVE-2021-3773 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.4EPSS: 0%CPEs: 35EXPL: 0

CVE-2021-20322 – kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies

https://notcve.org/view.php?id=CVE-2021-20322

A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. Se encontró un fallo en el procesamiento de los errores ICMP recibidos (fragmento ICMP necesario y redireccionamiento ICMP) en la funcionalidad del kernel de Linux que permite la capacidad de escanear rápidamente los puertos UDP abiertos. Este fallo permite a un usuario remoto fuera de la ruta de acceso omitir efectivamente la aleatorización del puerto de origen UDP. • https://bugzilla.redhat.com/show_bug.cgi?id=2014230 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6&id=4785305c05b25a242e5314cc821f54ade4c18810 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6&id=6457378fe796815c973f631a1904e147d6ee33b1 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6&id=67d6d681e15b578c1725bad8ad079e05d1c48a8e https://git.kernel.org/pub/scm/linux/ke • CWE-330: Use of Insufficiently Random Values •

CVSS: 7.9EPSS: 0%CPEs: 36EXPL: 1

CVE-2021-3752 – kernel: possible use-after-free in bluetooth module

https://notcve.org/view.php?id=CVE-2021-3752

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se ha encontrado un fallo de uso de memoria previamente liberada en el subsistema Bluetooth del kernel de Linux en la forma en que las llamadas de usuario son conectadas al socket y son desconectadas simultáneamente debido a una condición de carrera. Este fallo permite a un usuario bloquear el sistema o escalar sus privilegios. • https://bugzilla.redhat.com/show_bug.cgi?id=1999544 https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://lore.kernel.org/lkml/20211115165435.133245729%40linuxfoundation.org https://security.netapp.com/advisory/ntap-20220318-0009 https://www.debian.org/security/2022/dsa-5096 https://www.openwall.com/lists/oss-security/2021/09/15/4 https://www.oracle.com/security-alerts/cpujul2022.html https:/ • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 2

CVE-2022-0286 – kernel: Local denial of service in bond_ipsec_add_sa

https://notcve.org/view.php?id=CVE-2022-0286

A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service. Se ha encontrado un fallo en el kernel de Linux. Una desreferencia de puntero null en la función bond_ipsec_add_sa() puede conllevar a una denegación de servicio local A NULL pointer dereference flaw was found in the Linux kernel’s bonding driver in the way a user bonds non existing or fake device. This flaw allows a local user to crash the system, causing a denial of service. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40 https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-0286 https://bugzilla.redhat.com/show_bug.cgi?id=2037019 • CWE-476: NULL Pointer Dereference •

CVSS: 7.4EPSS: 0%CPEs: 33EXPL: 0

CVE-2021-4083 – kernel: fget: check that the fd still exists after getting a ref to it

https://notcve.org/view.php?id=CVE-2021-4083

A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4. Se ha encontrado un fallo de lectura de memoria previamente liberada en la recolección de basura del kernel de Linux para los manejadores de archivos de socket de dominio Unix en la forma en que los usuarios llaman a close() y fget() simultáneamente y puede potencialmente desencadenar una condición de carrera. Este fallo permite a un usuario local bloquear el sistema o escalar sus privilegios en el sistema. • https://bugzilla.redhat.com/show_bug.cgi?id=2029923 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9 https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://security.netapp.com/advisory/ntap-20220217-0005 https://www.debian.org/security/2022/dsa-5096 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-202 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •