CVE-2021-4159
https://notcve.org/view.php?id=CVE-2021-4159
A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. Se encontró una vulnerabilidad en el verificador EBPF del kernel de Linux cuando son manejadas estructuras de datos internas. Las ubicaciones de memoria interna podían ser devueltas al espacio de usuario. • https://access.redhat.com/security/cve/CVE-2021-4159 https://bugzilla.redhat.com/show_bug.cgi?id=2036024 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=294f2fc6da27620a506e6c050241655459ccd6bd https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html https://security-tracker.debian.org/tracker/CVE-2021-4159 • CWE-202: Exposure of Sensitive Information Through Data Queries •
CVE-2022-2978
https://notcve.org/view.php?id=CVE-2022-2978
A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. Se encontró un fallo de uso de memoria previamente liberada en el sistema de archivos NILFS del kernel de Linux en la forma en que el usuario desencadena la función security_inode_alloc para que falle con la siguiente llamada a la función nilfs_mdt_destroy. Un usuario local podría usar este fallo para bloquear el sistema o escalar potencialmente sus privilegios en el sistema. • https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html https://lore.kernel.org/linux-fsdevel/20220816040859.659129-1-dzm91%40hust.edu.cn/T/#u • CWE-416: Use After Free •
CVE-2021-4204 – kernel: improper input validation may lead to privilege escalation
https://notcve.org/view.php?id=CVE-2021-4204
An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information. Se ha encontrado un fallo de acceso a memoria fuera de límites (OOB) en el eBPF del kernel de Linux debido a una comprobación de entrada inapropiada. Este fallo permite a un atacante local con un privilegio especial bloquear el sistema o filtrar información interna. • https://github.com/tr3ee/CVE-2021-4204 https://access.redhat.com/security/cve/CVE-2021-4204 https://bugzilla.redhat.com/show_bug.cgi?id=2039178 https://security-tracker.debian.org/tracker/CVE-2021-4204 https://security.netapp.com/advisory/ntap-20221228-0003 https://www.openwall.com/lists/oss-security/2022/01/11/4 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2021-3736
https://notcve.org/view.php?id=CVE-2021-3736
A flaw was found in the Linux kernel. A memory leak problem was found in mbochs_ioctl in samples/vfio-mdev/mbochs.c in Virtual Function I/O (VFIO) Mediated devices. This flaw could allow a local attacker to leak internal kernel information. Se ha encontrado un fallo en el kernel de Linux. Se encontró un problema de pérdida de memoria en la función mbochs_ioctl en el archivo samples/vfio-mdev/mbochs.c en dispositivos mediados por Virtual Function I/O (VFIO). • https://access.redhat.com/security/cve/CVE-2021-3736 https://bugzilla.redhat.com/show_bug.cgi?id=1995570 https://github.com/torvalds/linux/commit/de5494af4815a4c9328536c72741229b7de88e7f • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2021-3659 – kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c
https://notcve.org/view.php?id=CVE-2021-3659
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo de desreferencia de puntero NULL en el subsistema de red inalámbrica IEEE versión 802.15.4 del kernel de Linux en la forma en que el usuario cierra la conexión LR-WPAN. Este fallo permite a un usuario local bloquear el sistema. • https://access.redhat.com/security/cve/CVE-2021-3659 https://bugzilla.redhat.com/show_bug.cgi?id=1975949 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1165affd484889d4986cf3b724318935a0b120d8 • CWE-252: Unchecked Return Value CWE-476: NULL Pointer Dereference •