CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-28356
https://notcve.org/view.php?id=CVE-2022-28356
In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. En el kernel de Linux versiones anteriores a 5.17.1, se encontró un bug de filtrado de refcount en el archivo net/llc/af_llc.c • http://www.openwall.com/lists/oss-security/2022/04/06/1 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1 https://github.com/torvalds/linux/commit/764f4eb6846f5475f1244767d24d25dd86528a4a https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://security.netapp.com/advisory/ntap-20220506-0006 https://www.debian.org/security/2022/dsa-5127 https://www.debian.org/security/2022/dsa-5173 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-1154 – Use after free in utf_ptr2char in vim/vim
https://notcve.org/view.php?id=CVE-2022-1154
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. Un uso de memoria previamente liberada en utf_ptr2char en el repositorio de GitHub vim/vim versiones anteriores a 8.2 A heap use-after-free vulnerability was found in Vim's utf_ptr2char() function of the src/mbyte.c file. This flaw occurs because vim is using a buffer line after it has been freed in the old regexp engine. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-after-free that causes an application to crash, possibly executing code and corrupting memory. • https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5 https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425 https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL https://secur • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-24763 – Infinite Loop in PJSIP
https://notcve.org/view.php?id=CVE-2022-24763
PJSIP is a free and open source multimedia communication library written in the C language. Versions 2.12 and prior contain a denial-of-service vulnerability that affects PJSIP users that consume PJSIP's XML parsing in their apps. Users are advised to update. There are no known workarounds. PJSIP es una biblioteca de comunicación multimedia gratuita y de código abierto escrita en lenguaje C. • https://github.com/pjsip/pjproject/commit/856f87c2e97a27b256482dbe0d748b1194355a21 https://github.com/pjsip/pjproject/security/advisories/GHSA-5x45-qp78-g4p4 https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html https://security.gentoo.org/glsa/202210-37 https://www.debian.org/security/2022/dsa-5285 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-1122 – openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer
https://notcve.org/view.php?id=CVE-2022-1122
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service. Se ha encontrado un fallo en el programa opj2_decompress de openjpeg2 versión 2.4.0, en la forma en que maneja un directorio de entrada con un gran número de archivos. Cuando no asigna un búfer para almacenar los nombres de los archivos del directorio de entrada, llama a free() sobre un puntero no inicializado, conllevando a un fallo de segmentación y una denegación de servicio A flaw was found in the opj2_decompress program in openjpeg2 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service. • https://github.com/uclouvain/openjpeg/issues/1368 https://lists.debian.org/debian-lts-announce/2022/04/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MIWSQFQWXDU4MT3XTVAO6HC7TVL3NHS7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMKBAMK2CAM5TMC5TODKVCE5AAPTD5YV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROSN5NRUFOH7HGLJ4ZSKPGAKLFXJALW4 https://security.gentoo.org/glsa/202209-04 https: • CWE-665: Improper Initialization CWE-824: Access of Uninitialized Pointer •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-26291
https://notcve.org/view.php?id=CVE-2022-26291
lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions zpaq_decompress_buf() and clear_rulist(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted Irz file. Se ha detectado que lrzip versión v0.641, contiene una concurrencia múltiple de uso de memoria previamente liberada entre las funciones zpaq_decompress_buf() y clear_rulist(). Esta vulnerabilidad permite a atacantes causar una Denegación de Servicio (DoS) por medio de un archivo Irz diseñado • https://github.com/ckolivas/lrzip/issues/206 https://lists.debian.org/debian-lts-announce/2022/04/msg00012.html https://www.debian.org/security/2022/dsa-5145 • CWE-416: Use After Free •