Page 22 of 287 results (0.007 seconds)

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations. El archivo net/sunrpc/xdr.c en el kernel de Linux versiones anteriores a 5.13.4, permite a atacantes remotos causar una denegación de servicio (acceso fuera de los límites de xdr_set_page_base) al llevar a cabo muchas operaciones NFS 4.2 READ_PLUS A flaw was found in the Linux kernel that allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations. The highest threat from this vulnerability is to system availability. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4 https://github.com/torvalds/linux/commit/6d1c0f3d28f98ea2736128ed3e46821496dc3a8c https://security.netapp.com/advisory/ntap-20210902-0010 https://access.redhat.com/security/cve/CVE-2021-38201 https://bugzilla.redhat.com/show_bug.cgi?id=1992731 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd. El archivo fs/nfsd/trace.h en el kernel de Linux versiones anteriores a 5.13.4, podría permitir a atacantes remotos causar una denegación de servicio (lectura fuera de los límites en strlen) mediante el envío de tráfico NFS cuando el marco de eventos de rastreo se está usando para nfsd • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4 https://github.com/torvalds/linux/commit/7b08cf62b1239a4322427d677ea9363f0ab677c6 https://security.netapp.com/advisory/ntap-20210902-0010 • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1

btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info. btrfs en el kernel de Linux versiones anteriores a 5.13.4, permite a atacantes causar una denegación de servicio (bloqueo) por medio de procesos que desencadenan la asignación de nuevos trozos del sistema durante los momentos en que hay una escasez de espacio libre en el space_info del sistema • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4 https://github.com/torvalds/linux/commit/1cb3db1cf383a3c7dbda1aa0ce748b0958759947 https://security.netapp.com/advisory/ntap-20210902-0010 • CWE-667: Improper Locking •

CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0

In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior ** EN DISPUTA ** En el archivo drivers/char/virtio_console.c en el kernel de Linux versiones anteriores a 5.13.4, la corrupción o pérdida de datos puede ser desencadenada por un dispositivo no fiable que suministre un valor buf-)len excediendo el tamaño del buffer. NOTA: El proveedor indica que la citada corrupción de datos no es una vulnerabilidad en ningún caso de uso existente; la validación de la longitud se añadió únicamente para la robustez frente a un comportamiento anómalo del sistema operativo anfitrión. • https://access.redhat.com/security/cve/cve-2021-38160 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4 https://github.com/torvalds/linux/commit/d00d8da5869a2608e97cfede094dfc5e11462a46 https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html https://security.netapp.com/advisory/ntap-20210902-0010 https://www.debian.org/security/2021/dsa-4978 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.5EPSS: 0%CPEs: 32EXPL: 1

libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is built to use the macOS native TLS library Secure Transport, an application can ask for the client certificate by name or with a file name - using the same option. If the name exists as a file, it will be used instead of by name.If the appliction runs with a current working directory that is writable by other users (like `/tmp`), a malicious user can create a file name with the same name as the app wants to use by name, and thereby trick the application to use the file based cert instead of the one referred to by name making libcurl send the wrong client certificate in the TLS connection handshake. Las aplicaciones que usan libcurl pueden pedir un certificado de cliente específico para ser usado en una transferencia. Esto se hace con la opción "CURLOPT_SSLCERT" ("--cert" con la herramienta de línea de comandos).Cuando libcurl se construye para usar la biblioteca TLS nativa de macOS Transporte Seguro, una aplicación puede pedir el certificado del cliente por su nombre o con un nombre de archivo - usando la misma opción. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://hackerone.com/reports/1234760 https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cuser • CWE-295: Improper Certificate Validation CWE-840: Business Logic Errors •