CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-27651 – buildah: Default inheritable capabilities for linux container should be empty
https://notcve.org/view.php?id=CVE-2022-27651
A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities, enabling an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. This has the potential to impact confidentiality and integrity. Se ha encontrado un fallo en buildah por el que los contenedores eran iniciados incorrectamente con permisos por defecto no vacíos. Se ha encontrado un bug en Moby (Docker Engine) donde los contenedores eran iniciados incorrectamente con capacidades de proceso Linux heredables no vacías, permitiendo a un atacante con acceso a programas con capacidades de archivo heredables elevar esas capacidades al conjunto permitido cuando execve(2) se ejecuta. • https://bugzilla.redhat.com/show_bug.cgi?id=2066840 https://github.com/containers/buildah/commit/e7e55c988c05dd74005184ceb64f097a0cfe645b https://github.com/containers/buildah/security/advisories/GHSA-c3g4-w6cv-6v7h https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25YI27MENCEPZTTGRVU6BQD5V53FNI52 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VWH6X6HOFPO6HTESF42HIJZEPXSWVIO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org& • CWE-276: Incorrect Default Permissions •
CVSS: 3.6EPSS: 0%CPEs: 3EXPL: 0CVE-2020-35501
https://notcve.org/view.php?id=CVE-2020-35501
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem Se ha encontrado un fallo en la implementación de reglas de auditoría en los kernels de Linux, donde una llamada al sistema puede no ser registrada correctamente por el subsistema de auditoría • https://bugzilla.redhat.com/show_bug.cgi?id=1908577 • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-27191 – golang: crash in a golang.org/x/crypto/ssh server
https://notcve.org/view.php?id=CVE-2022-27191
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey. El paquete golang.org/x/crypto/ssh anterior a 0.0.0-20220314234659-1baeb1ce4c0b para Go permite a un atacante bloquear un servidor en ciertas circunstancias que implican AddHostKey A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability. • https://groups.google.com/g/golang-announce https://groups.google.com/g/golang-announce/c/-cp44ypCT5s https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF https://lists.fedoraproject.org/archives/list/package-announce%40lis • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 0%CPEs: 54EXPL: 1CVE-2022-1011 – kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes
https://notcve.org/view.php?id=CVE-2022-1011
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. Se ha encontrado un fallo de uso después de libre en el sistema de archivos FUSE del kernel de Linux en la forma en que un usuario activa write(). Este defecto permite a un usuario local obtener acceso no autorizado a los datos del sistema de archivos FUSE, lo que resulta en una escalada de privilegios Linux suffers from a vulnerability where FUSE allows use-after-free reads of write() buffers, allowing theft of (partial) /etc/shadow hashes. • https://github.com/xkaneiki/CVE-2022-1011 https://bugzilla.redhat.com/show_bug.cgi?id=2064855 https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://www.debian.org/security/2022/dsa-5173 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-1011 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 17%CPEs: 8EXPL: 0CVE-2022-0711 – haproxy: Denial of service via set-cookie2 header
https://notcve.org/view.php?id=CVE-2022-0711
A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability. Se ha encontrado un fallo en la forma en que HAProxy procesa las respuestas HTTP que contienen el encabezado "Set-Cookie2". Este fallo podría permitir a un atacante enviar paquetes de respuesta HTTP diseñados que conllevaran a un bucle infinito, resultando eventualmente en una situación de denegación de servicio. • https://access.redhat.com/security/cve/cve-2022-0711 https://github.com/haproxy/haproxy/commit/bfb15ab34ead85f64cd6da0e9fb418c9cd14cee8 https://www.debian.org/security/2022/dsa-5102 https://www.mail-archive.com/haproxy%40formilux.org/msg41833.html https://access.redhat.com/security/cve/CVE-2022-0711 https://bugzilla.redhat.com/show_bug.cgi?id=2053666 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •