CVE-2019-12527 – squid: heap-based buffer overflow in HttpHeader::getAuth
https://notcve.org/view.php?id=CVE-2019-12527
An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buffer overflow with user controlled data. Se detectó un problema en Squid versiones 4.0.23 hasta 4.7. Al comprobar la autenticación básica con la función HttpHeader::getAuth, Squid utiliza un búfer global para almacenar los datos descodificados. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html http://www.securityfocus.com/bid/109143 http://www.squid-cache.org/Versions/v4/changesets http://www.squid-cache.org/Versions/v4/changesets/squid-4-7f73e9c5d17664b882ed32590e6af310c247f320.patch https://access.redhat.com/errata/RHSA-2019:2593 https://github.com/squid-cache/squid/commits/v4 https://lists.fedoraproject.org/archives/list/package-announce%40li • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2019-13313 – Libosinfo: osinfo-install-script option leaks password via command line argument
https://notcve.org/view.php?id=CVE-2019-13313
libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line. libosinfo versión 1.5.0, permite a los usuarios locales descubrir credenciales mediante la enumeración de un proceso, porque las credenciales son pasadas en un script de instalación de osinfo por medio de la línea de comandos. A flaw was found in libosinfo, version 1.5.0, where the script for automated guest installations, 'osinfo-install-script', accepts user and admin passwords via command line arguments. This could allow guest passwords to leak to other system users via a process listing. • http://www.openwall.com/lists/oss-security/2019/07/08/3 https://access.redhat.com/errata/RHSA-2019:3387 https://gitlab.com/libosinfo/libosinfo/-/tags https://gitlab.com/libosinfo/libosinfo/blob/master/NEWS https://libosinfo.org/download https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AZU4IPPIR73NYC6E733QR26O5ZI6MMKJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEZUZKC6YK4E3NXM7XKZOXY5X5PJSPIR https://lists.fedoraproject • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2019-12817 – kernel: ppc: unrelated processes being able to read/write to each other's virtual memory
https://notcve.org/view.php?id=CVE-2019-12817
arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected. En el archivo arch/powerpc/mm/mmu_context_book3s64.c en el kernel de Linux anterior a versión 5.1.15 para powerpc, presenta un error (bug) por el cual procesos no relacionados pueden leer y escribir en la memoria virtual de otros bajo ciertas condiciones por medio de un mmap superior a 512 TB. Sólo un subconjunto de sistemas powerpc están afectados. A flaw was found in the way the Linux kernel's memory subsystem on certain 64-bit PowerPCs with the hash page table MMU handled memory above 512TB. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html http://www.openwall.com/lists/oss-security/2019/06/24/5 http://www.securityfocus.com/bid/108884 https://access.redhat.com/errata/RHSA-2019:2703 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.15 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ca72d88378b2f2444d3ec145dd442d449d3fefbc https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/messag • CWE-787: Out-of-bounds Write •
CVE-2019-10126 – kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c
https://notcve.org/view.php?id=CVE-2019-10126
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences. Se encontró un defecto en el kernel de Linux. Un desbordamiento de búfer en la región heap de la memoria en la función mwifiex_uap_parse_tail_ies en el archivo drivers/net/wireless/marvell/mwifiex/ie.c, podría provocar corrupción de la memoria y posiblemente otras consecuencias. A flaw was found in the mwifiex implementation in the Linux kernel. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://www.securityfocus.com/bid/108817 https://access.redhat.com/errat • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2019-11356 – cyrus-imapd: buffer overflow in CalDAV request handling triggered by a long iCalendar property name
https://notcve.org/view.php?id=CVE-2019-11356
The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. La función CalDAV en httpd en Cyrus IMAP 2.5.x a 2.5.12 y 3.0.x a 3.0.9 permite a los atacantes remotos ejecutar código arbitrario a través de una operación HTTP PUT diseñada para un evento con un nombre de propiedad largo de iCalendar. A flaw was found in the CalDAV feature in httpd in Cyrus IMAP. This flaw allows a remote attacker to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. • https://access.redhat.com/errata/RHSA-2019:1771 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGO43JS7IFDNITHXOOHOP6JHRKRDIYY6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PICSZDC3UGEUZ27VXGGM6OFI67D3KKLZ https://seclists.org/bugtraq/2019/Jun/9 https://usn.ubuntu.com/4566-1 https://www.cyrusimap.org/imap/download/release-notes/2.5/index.html https://www.cyrusimap.org/imap/download/release-notes/2.5/x/2.5.13& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •