CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 1CVE-2021-3631 – libvirt: Insecure sVirt label generation
https://notcve.org/view.php?id=CVE-2021-3631
01 Oct 2021 — A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity. Se ha encontrado un fallo en libvirt mientras genera pares de categorías MCS de SELinux para las etiquetas dinámicas de las máquinas virtuales. Este defecto permite que un huésped explotado acceda a ar... • https://access.redhat.com/errata/RHSA-2021:3631 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.0EPSS: 0%CPEs: 68EXPL: 1CVE-2021-3609 – kernel: race condition in net/can/bcm.c leads to local privilege escalation
https://notcve.org/view.php?id=CVE-2021-3609
23 Jun 2021 — .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. Se ha encontrado un fallo en el protocolo de red CAN BCM en el kernel de Linux, donde un atacante local puede abusar de un fallo en el subsistema CAN para corromper la memoria, bloquear el sistema o escalar privil... • https://bugzilla.redhat.com/show_bug.cgi?id=1971651 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •