CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2022-2078 – kernel: buffer overflow in nft_set_desc_concat_parse()
https://notcve.org/view.php?id=CVE-2022-2078
A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code. Se ha encontrado una vulnerabilidad en la función nft_set_desc_concat_parse() del kernel de Linux. Este fallo permite a un atacante desencadenar un desbordamiento de búfer por medio de la función nft_set_desc_concat_parse() , causando una denegación de servicio y posiblemente una ejecución de código • https://github.com/delsploit/CVE-2022-2078 https://bugzilla.redhat.com/show_bug.cgi?id=2096178 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/nf_tables_api.c?id=fecf31ee395b0295f2d7260aa29946b7605f7c85 https://www.debian.org/security/2022/dsa-5161 https://access.redhat.com/security/cve/CVE-2022-2078 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2022-0207 – vdsm: disclosure of sensitive values in log files
https://notcve.org/view.php?id=CVE-2022-0207
A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text. Se encontró una condición de carrera en vdsm. Funcionalidad para ofuscar valores sensibles en archivos de registro que puede conllevar a que los valores sean almacenados en texto sin cifrar. • https://access.redhat.com/security/cve/CVE-2022-0207 https://bugzilla.redhat.com/show_bug.cgi?id=2033697 https://bugzilla.redhat.com/show_bug.cgi?id=2039248 https://gerrit.ovirt.org/c/vdsm/+/118025 https://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=53b0036fc72d3b8877d4e7f047d705e5a4c722e8 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 1CVE-2022-27666 – kernel: buffer overflow in IPsec ESP transformation code
https://notcve.org/view.php?id=CVE-2022-27666
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. Se ha encontrado un fallo de desbordamiento del búfer de la pila en el código de transformación de IPsec ESP en net/ipv4/esp4.c y net/ipv6/esp6.c. Este fallo permite a un atacante local con un privilegio de usuario normal sobrescribir los objetos de la pila del núcleo y puede causar una amenaza de escalada de privilegios local • https://github.com/plummm/CVE-2022-27666 https://bugzilla.redhat.com/show_bug.cgi?id=2061633 https://github.com/torvalds/linux/commit/ebe48d368e97d007bfeb76fcb065d6cfc4c96645 https://security.netapp.com/advisory/ntap-20220429-0001 https://www.debian.org/security/2022/dsa-5127 https://www.debian.org/security/2022/dsa-5173 https://access.redhat.com/security/cve/CVE-2022-27666 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 54EXPL: 1CVE-2022-1011 – kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes
https://notcve.org/view.php?id=CVE-2022-1011
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. Se ha encontrado un fallo de uso después de libre en el sistema de archivos FUSE del kernel de Linux en la forma en que un usuario activa write(). Este defecto permite a un usuario local obtener acceso no autorizado a los datos del sistema de archivos FUSE, lo que resulta en una escalada de privilegios Linux suffers from a vulnerability where FUSE allows use-after-free reads of write() buffers, allowing theft of (partial) /etc/shadow hashes. • https://github.com/xkaneiki/CVE-2022-1011 https://bugzilla.redhat.com/show_bug.cgi?id=2064855 https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://www.debian.org/security/2022/dsa-5173 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-1011 • CWE-416: Use After Free •
CVSS: 9.0EPSS: 0%CPEs: 60EXPL: 2CVE-2022-0435 – kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
https://notcve.org/view.php?id=CVE-2022-0435
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. Se ha encontrado un fallo de desbordamiento de pila en la funcionalidad del protocolo TIPC del kernel de Linux en la forma en que un usuario envía un paquete con contenido malicioso cuando el número de nodos miembros del dominio es superior a los 64 permitidos. Este fallo permite a un usuario remoto bloquear el sistema o posiblemente escalar sus privilegios si presenta acceso a la red TIPC A stack overflow flaw was found in the Linux kernel’s TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. • https://github.com/wlswotmd/CVE-2022-0435 https://bugzilla.redhat.com/show_bug.cgi?id=2048738 https://security.netapp.com/advisory/ntap-20220602-0001 https://www.openwall.com/lists/oss-security/2022/02/10/1 https://access.redhat.com/security/cve/CVE-2022-0435 • CWE-787: Out-of-bounds Write •