CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 2CVE-2023-42753 – Kernel: netfilter: potential slab-out-of-bound access due to integer underflow
https://notcve.org/view.php?id=CVE-2023-42753
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. Se encontró una vulnerabilidad de indexación de matrices en el subsistema netfilter del kernel de Linux. Una macro faltante podría provocar un error de cálculo del desplazamiento de la matriz `h->nets`, proporcionando a los atacantes la primitiva de incrementar/disminuir arbitrariamente un búfer de memoria fuera de límites. • http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html https://access.redhat.com/errata/RHSA-2023:7370 https://access.redhat.com/errata/RHSA-2023:7379 https://access.redhat.com/errata/RHSA-2023:7382 https://access.redhat.com/errata/RHSA-2023:7389 https://access.redhat.com/errata/RHSA-2023:7411 https://access.redhat.com/errata/RHSA-2023:7418 https://access.redhat.com/errata/RHSA-2023:7539 https://access.redhat.com/errata/RHSA-2023:7558 h • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-4137 – Keycloak: reflected xss attack
https://notcve.org/view.php?id=CVE-2022-4137
A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker. Se encontró una vulnerabilidad reflejada de scross-site scripting (XSS) en el endpoint de OAuth 'oob' debido a un manejo incorrecto de bytes nulos. • https://access.redhat.com/errata/RHSA-2023:1043 https://access.redhat.com/errata/RHSA-2023:1044 https://access.redhat.com/errata/RHSA-2023:1045 https://access.redhat.com/errata/RHSA-2023:1049 https://access.redhat.com/security/cve/CVE-2022-4137 https://bugzilla.redhat.com/show_bug.cgi?id=2148496 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-81: Improper Neutralization of Script in an Error Message Web Page •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-5156 – Glibc: dos due to memory leak in getaddrinfo.c
https://notcve.org/view.php?id=CVE-2023-5156
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash. Se encontró una falla en la librería GNU C. Una solución reciente para CVE-2023-4806 introdujo la posibilidad de una pérdida de memoria, lo que puede provocar un bloqueo de la aplicación. • http://www.openwall.com/lists/oss-security/2023/10/03/4 http://www.openwall.com/lists/oss-security/2023/10/03/5 http://www.openwall.com/lists/oss-security/2023/10/03/6 http://www.openwall.com/lists/oss-security/2023/10/03/8 https://access.redhat.com/security/cve/CVE-2023-5156 https://bugzilla.redhat.com/show_bug.cgi?id=2240541 https://security.gentoo.org/glsa/202402-01 https://sourceware.org/bugzilla/show_bug.cgi?id=30884 https://sourceware.org/git& • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.9EPSS: 0%CPEs: 29EXPL: 0CVE-2023-4806 – Glibc: potential use-after-free in getaddrinfo()
https://notcve.org/view.php?id=CVE-2023-4806
A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags. Se encontró una falla en glibc. • http://www.openwall.com/lists/oss-security/2023/10/03/4 http://www.openwall.com/lists/oss-security/2023/10/03/5 http://www.openwall.com/lists/oss-security/2023/10/03/6 http://www.openwall.com/lists/oss-security/2023/10/03/8 https://access.redhat.com/errata/RHSA-2023:5453 https://access.redhat.com/errata/RHSA-2023:5455 https://access.redhat.com/errata/RHSA-2023:7409 https://access.redhat.com/security/cve/CVE-2023-4806 https://bugzilla.redhat.com/sho • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 38EXPL: 1CVE-2023-4527 – Glibc: stack read overflow in getaddrinfo in no-aaaa mode
https://notcve.org/view.php?id=CVE-2023-4527
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash. Se encontró una falla en glibc. Cuando se llama a la función getaddrinfo con la familia de direcciones AF_UNSPEC y el sistema está configurado con el modo no-aaaa a través de /etc/resolv.conf, una respuesta DNS a través de TCP de más de 2048 bytes puede potencialmente revelar el contenido de la pila de memoria a través de los datos de la dirección devuelta por la función, y puede provocar un crash. • http://www.openwall.com/lists/oss-security/2023/09/25/1 https://access.redhat.com/errata/RHSA-2023:5453 https://access.redhat.com/errata/RHSA-2023:5455 https://access.redhat.com/security/cve/CVE-2023-4527 https://bugzilla.redhat.com/show_bug.cgi?id=2234712 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA https: • CWE-121: Stack-based Buffer Overflow CWE-125: Out-of-bounds Read •