CVE-2021-4034 – Red Hat Polkit Out-of-Bounds Read and Write Vulnerability
https://notcve.org/view.php?id=CVE-2021-4034
A local privilege escalation vulnerability was found on polkit's pkexec utility. ... When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine. • id=2025869 https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034 https://www.starwindsoftware.com/security/sw-20220818-0001 https://www.suse.com/support/kb/doc/? • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVE-2021-22600 – Linux Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-22600
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://security.netapp.com/advisory/ntap-20230110-0002 https://www.debian.org/security/2022/dsa-5096 • CWE-415: Double Free •
CVE-2022-23120
https://notcve.org/view.php?id=CVE-2022-23120
A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to escalate privileges and run arbitrary code in the context of root. • https://success.trendmicro.com/solution/000290104 https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2021-4154 – kernel: local privilege escalation by exploiting the fsconfig syscall parameter leads to container breakout
https://notcve.org/view.php?id=CVE-2021-4154
A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system. Se encontró un defecto de uso de memoria previamente liberada en la función cgroup1_parse_param en el archivo kernel/cgroup/cgroup-v1.c en el analizador cgroup v1 del kernel de Linux. Un atacante local con un privilegio de usuario podría causar una escalada de privilegios al explotar el parámetro de syscall fsconfig, conllevando a una ruptura del contenedor y una denegación de servicio en el sistema • https://github.com/Markakd/CVE-2021-4154 https://github.com/veritas501/CVE-2021-4154 https://bugzilla.redhat.com/show_bug.cgi?id=2034514 https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b https://security.netapp.com/advisory/ntap-20220225-0004 https://access.redhat.com/security/cve/CVE-2021-4154 • CWE-416: Use After Free •
CVE-2022-0185 – Linux Kernel Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2022-0185
This allows an attacker to open a filesystem that does not support the Filesystem Context API and ultimately escalate privileges. • https://github.com/Crusaders-of-Rust/CVE-2022-0185 https://github.com/chenaotian/CVE-2022-0185 https://github.com/veritas501/CVE-2022-0185-PipeVersion https://github.com/featherL/CVE-2022-0185-exploit https://github.com/dcheng69/CVE-2022-0185-Case-Study https://github.com/khaclep007/CVE-2022-0185 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2 https://security.netapp.com/advisory/ntap-20220225-0003 https://www.openwall.com/lists/o • CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •