CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 2CVE-2022-34526
https://notcve.org/view.php?id=CVE-2022-34526
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities. Se ha descubierto un desbordamiento de pila en la función _TIFFVGetField de Tiffsplit v4.4.0. Esta vulnerabilidad permite a los atacantes provocar una denegación de servicio (DoS) a través de un archivo TIFF manipulado analizado por las utilidades "tiffsplit" o "tiffcrop" • https://gitlab.com/libtiff/libtiff/-/issues/433 https://gitlab.com/libtiff/libtiff/-/issues/486 https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FC6LWPAEKYJ57LSHX4SBFMLRMLOZTHIJ https://security.netapp.com/advisory/ntap-20220930-0002 https://www.debian.org/security/2023/dsa-5333 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 44EXPL: 0CVE-2022-36879 – kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice
https://notcve.org/view.php?id=CVE-2022-36879
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. Se ha detectado un problema en el kernel de Linux versiones hasta 5.18.14. la función xfrm_expand_policies en el archivo net/xfrm/xfrm_policy.c puede causar que un refcount sea descartado dos veces A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). An error while resolving policies in xfrm_bundle_lookup causes the refcount to drop twice, leading to a possible crash and a denial of service. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f85daf0e725358be78dfd208dea5fd665d8cb901 https://github.com/torvalds/linux/commit/f85daf0e725358be78dfd208dea5fd665d8cb901 https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html https://security.netapp.com/advisory/ntap-20220901-0007 https://www.debian.org/security/2022/dsa-5207 https://access.redhat.com/security/cve/CVE-2022-36879 https://bugzilla.r • CWE-911: Improper Update of Reference Count •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 1CVE-2022-36946 – kernel: DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c
https://notcve.org/view.php?id=CVE-2022-36946
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. La función nfqnl_mangle en el archivo net/netfilter/nfnetlink_queue.c en el kernel de Linux versiones hasta 5.18.14, permite a atacantes remotos causar una denegación de servicio (pánico) porque, en el caso de un veredicto nf_queue con un atributo nfta_payload de un byte, un skb_pull puede encontrar un skb-)len negativo A memory corruption flaw was found in the Linux kernel’s Netfilter subsystem in the way a local user uses the libnetfilter_queue when analyzing a corrupted network packet. This flaw allows a local user to crash the system or a remote user to crash the system when the libnetfilter_queue is used by a local user. • https://github.com/Pwnzer0tt1/CVE-2022-36946 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99a63d36cb3ed5ca3aa6fcb64cffbeaf3b0fb164 https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html https://marc.info/?l=netfilter-devel&m=165883202007292&w=2 https://security.netapp.com/advisory/ntap-20220901-0007 https://www.debian.org/security/2022/dsa-5207 https://access.redhat.com/security/ •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-21569 – mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
https://notcve.org/view.php?id=CVE-2022-21569
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). • https://security.netapp.com/advisory/ntap-20220729-0004 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-21569 https://bugzilla.redhat.com/show_bug.cgi?id=2115301 •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-21556 – mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
https://notcve.org/view.php?id=CVE-2022-21556
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Integrity and Availability impacts). • https://security.netapp.com/advisory/ntap-20220729-0004 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-21556 https://bugzilla.redhat.com/show_bug.cgi?id=2115300 •