Page 21 of 982 results (0.007 seconds)

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-29648

https://notcve.org/view.php?id=CVE-2021-29648

An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolved_ids and resolved_sizes are intentionally uninitialized in the vmlinux BPF Type Format (BTF), which can cause a system crash upon an unexpected access attempt (in map_create in kernel/bpf/syscall.c or check_btf_info in kernel/bpf/verifier.c), aka CID-350a5c4dd245. Se ha descubierto un problema en el kernel de Linux en versiones anteriores a la 5.11.11. El subsistema BPF no considera adecuadamente que resolved_ids y resolved_sizes están intencionadamente sin inicializar en el Formato de Tipo BPF (BTF) de vmlinux, lo que puede causar un fallo del sistema ante un intento de acceso inesperado (en map_create en kernel/bpf/syscall.c o check_btf_info en kernel/bpf/verifier.c), también conocido como CID-350a5c4dd245. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.11 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=350a5c4dd2452ea999cc5e1d4a8dbf12de2f97ef https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RZGMUP6QEHJJEKPMLKOSPWYMW7PXFC2M https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VTADK5ELGTATGW2RK3K5MBJ2WGYCPZCM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WKRNELXLVFDY6Y • CWE-307: Improper Restriction of Excessive Authentication Attempts •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-29649

https://notcve.org/view.php?id=CVE-2021-29649

An issue was discovered in the Linux kernel before 5.11.11. The user mode driver (UMD) has a copy_process() memory leak, related to a lack of cleanup steps in kernel/usermode_driver.c and kernel/bpf/preload/bpf_preload_kern.c, aka CID-f60a85cad677. Se ha descubierto un problema en el kernel de Linux en versiones anteriores a la 5.11.11. El controlador de modo de usuario (UMD) tiene una fuga de memoria copy_process(), relacionada con una falta de pasos de limpieza en kernel/usermode_driver.c y kernel/bpf/preload/bpf_preload_kern.c, también conocido como CID-f60a85cad677. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.11 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f60a85cad677c4f9bb4cadd764f1d106c38c7cf8 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RZGMUP6QEHJJEKPMLKOSPWYMW7PXFC2M https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VTADK5ELGTATGW2RK3K5MBJ2WGYCPZCM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WKRNELXLVFDY6Y • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-29650 – kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS

https://notcve.org/view.php?id=CVE-2021-29650

An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf. Se ha descubierto un problema en el kernel de Linux en versiones anteriores a la 5.11.11. El subsistema netfilter permite a los atacantes causar una denegación de servicio (panic) porque net/netfilter/x_tables.c e include/linux/netfilter/x_tables.h carecen de una barrera de memoria completa al asignar un nuevo valor de tabla, también conocido como CID-175e476b8cdf. A denial-of-service (DoS) flaw was identified in the Linux kernel due to an incorrect memory barrier in xt_replace_table in net/netfilter/x_tables.c in the netfilter subsystem. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.11 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=175e476b8cdf2a4de7432583b49c871345e4f8a1 https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RZGMUP6QEHJJEKPMLKOSPWYMW7PXFC2M https://lists.fedoraproject.org/archives/list/package-announce%40lists.f • CWE-662: Improper Synchronization •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1

CVE-2021-29424

https://notcve.org/view.php?id=CVE-2021-29424

The Net::Netmask module before 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses. El módulo Net::Netmask versiones anteriores a 2.0000 para Perl no considera apropiadamente los caracteres cero extraños al comienzo de una cadena de dirección IP, lo que (en algunas situaciones) permite a atacantes omitir el control de acceso basado en direcciones IP • https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CBJVLXJSWN6DKSF5ADUEERI6M23R3GGP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JF4CYIZELC3NISB3RMV4OCI4GYBC557B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y7JIPQAY5OZ5D3DA7INQILU7SGHTHMWB https://metacpan.org/changes/distribution/Net-Netmask#L11-22 https://security.netapp.com • CWE-704: Incorrect Type Conversion or Cast •

CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0

CVE-2021-1799 – webkitgtk: Access to restricted ports on arbitrary servers via port redirection

https://notcve.org/view.php?id=CVE-2021-1799

A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricted ports on arbitrary servers. Se abordó un problema de redirección de puertos con una comprobación de puertos adicional. Este problema es corregido en macOS Big Sur versión 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS versión 14.4, watchOS versión 7.3, iOS versión 14.4 y iPadOS versión 14.4, Safari versión 14.0.3. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN6ZOD62CTO54CHTMJTHVEF6R2Y532TJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3L6ZZOU5JS7E3RFYGLP7UFLXCG7TNLU https://security.gentoo.org/glsa/202104-03 https://support.apple.com/en-us/HT212146 https://support.apple.com/en-us/HT212147 https://support.apple.com/en-us/HT212148 https://support.apple.com/en-us/HT212149 https://support.apple.com/en-us/HT212152 https:/&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •