Page 26 of 149 results (0.010 seconds)

CVSS: 7.4EPSS: 5%CPEs: 79EXPL: 0

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance. ntpd en ntp versiones anteriores a 4.2.8p14 y versiones 4.3.x versiones anteriores a 4.3.100, permite a atacantes remotos causar una denegación de servicio (salida del demonio o cambio de hora del sistema) mediante la predicción de las marcas de tiempo de transmisión para su uso en paquetes falsificados. La víctima debe confiar en fuentes de tiempo IPv4 no autenticadas. Debe haber un atacante fuera de la ruta que pueda consultar el tiempo desde la instancia ntpd de la víctima A high-performance ntpd instance that gets its time from unauthenticated IPv4 time sources may be vulnerable to an off-path attacker who can query time from the victim's ntpd instance. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html http://support.ntp.org/bin/view/Main/NtpBug3596 https://bugs.ntp.org/show_bug.cgi?id=3596 https://security.gentoo.org/glsa/202007-12 https://security.netapp.com/advisory/ntap-20200625-0004 https://www.oracle.com/security-alerts/cpujan2022.html https://access.redhat.com/security/cve/CVE-2020-13817 https://bugzilla.redhat.com/show_bug& • CWE-330: Use of Insufficiently Random Values CWE-358: Improperly Implemented Security Check for Standard •

CVSS: 6.5EPSS: 0%CPEs: 45EXPL: 0

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. En la función gadget_dev_desc_UDC_store en el archivo drivers/usb/gadget/configfs.c en el kernel de Linux versión 3.16 hasta la versión 5.6.13, se basa en kstrdup sin considerar la posibilidad de un valor "\0" interno, lo que permite a atacantes desencadenar una lectura fuera de límites, también se conoce como CID-15753588bcd4 • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=d126cf46f829d146dde3e6a8963e095ac6cfcd1c https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=15753588bcd4bbffae1cca33c8ced5722477fe1f https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012 • CWE-125: Out-of-bounds Read •

CVSS: 5.3EPSS: 0%CPEs: 44EXPL: 0

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. El controlador VFIO PCI en el kernel de Linux versiones hasta 5.6.13, maneja inapropiadamente los intentos para acceder al espacio de memoria deshabilitado. A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory address spaces. If a user attempts to access the read/write devices' MMIO address space when it is disabled, some h/w devices issue an interrupt to the CPU to indicate a fatal error condition, crashing the system. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html http://www.openwall.com/lists/oss-security/2020/05/19/6 https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org • CWE-248: Uncaught Exception CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 2

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8. Se detectó un problema en el kernel de Linux versiones anteriores a 5.4.17. El archivo drivers/spi/spi-dw.c, permite a atacantes causar un pánico por medio de llamadas concurrentes a las funciones dw_spi_irq y dw_spi_transfer_one, también se conoce como CID-19b61392c5a8. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.17 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19b61392c5a852b4e8a0bf35aecb969983c5932d https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://lkml.org/lkml/2020& • CWE-662: Improper Synchronization •

CVSS: 6.7EPSS: 0%CPEs: 44EXPL: 0

An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040. Se detectó un problema en el kernel de Linux versiones hasta 5.6.11. La función sg_write, carece de una llamada a sg_remove_request en un determinado caso de fallo, también se conoce como CID-83c6f2390040. A vulnerability was found in sg_write in drivers/scsi/sg.c in the SCSI generic (sg) driver subsystem. This flaw allows an attacker with local access and special user or root privileges to cause a denial of service if the allocated list is not cleaned with an invalid (Sg_fd * sfp) pointer at the time of failure, also possibly causing a kernel internal information leak problem. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=83c6f2390040f188cc25b270b4befeb5628c1aee https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ES5C6ZCMALBEBMKNNCTBSLLSYGFZG3FF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora • CWE-416: Use After Free •