CVSS: 9.0EPSS: 25%CPEs: 47EXPL: 21CVE-2019-14287 – sudo 1.8.27 - Security Bypass
https://notcve.org/view.php?id=CVE-2019-14287
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command. En Sudo anteriores a 1.8.28, un atacante con acceso a una cuenta Runas ALL sudoer puede omitir ciertas listas negras de políticas y módulos PAM de sesión, y puede causar un registro incorrecto, mediante la invocación sudo con un ID de usuario creado. Por ejemplo, esto permite la omisión de la configuración root y el registro USER= para un comando "sudo -u \#$((0xffffffff))". • https://www.exploit-db.com/exploits/47502 https://github.com/n0w4n/CVE-2019-14287 https://github.com/shallvhack/Sudo-Security-Bypass-CVE-2019-14287 https://github.com/CMNatic/Dockerized-CVE-2019-14287 https://github.com/axax002/sudo-vulnerability-CVE-2019-14287 https://github.com/N3rdyN3xus/CVE-2019-14287 https://github.com/DewmiApsara/CVE-2019-14287 https://github.com/MariliaMeira/CVE-2019-14287 https://github.com/edsonjt81/CVE-2019-14287- https://github.com/SachinthaDeSilva-cmd& • CWE-267: Privilege Defined With Unsafe Actions CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.4EPSS: 0%CPEs: 32EXPL: 1CVE-2019-14823 – JSS: OCSP policy "Leaf and Chain" implicitly trusts the root certificate
https://notcve.org/view.php?id=CVE-2019-14823
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle. Se detectó un fallo en la implementación de la política OCSP "Leaf and Chain" en las versiones de CryptoManager de JSS versiones posteriores a 4.4.6, 4.5.3, 4.6.0, donde confiaba implícitamente en el certificado raíz de una cadena de certificados. Es posible que las aplicaciones que utilizan esta política no verifiquen correctamente la cadena y puedan ser vulnerables a ataques de tipo Man in the Middle. A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager, where it implicitly trusted the root certificate of a certificate chain. • https://access.redhat.com/errata/RHSA-2019:3067 https://access.redhat.com/errata/RHSA-2019:3225 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14823 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ENEN4DQBE6WOGEP5BQ5X62WZM7ZQEEBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O53NXVKMF7PJCPMCJQHLMSYCUGDHGBVE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZZWZLNALV6AOIBIHB3ZMNA5AGZMZAIY https:& • CWE-295: Improper Certificate Validation CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 8.8EPSS: 0%CPEs: 41EXPL: 0CVE-2019-8720 – WebKitGTK Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2019-8720
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues. WebKitGTK contains a memory corruption vulnerability which can allow an attacker to perform remote code execution. • https://bugzilla.redhat.com/show_bug.cgi?id=1876611 https://webkitgtk.org/security/WSA-2019-0005.html https://access.redhat.com/security/cve/CVE-2019-8720 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.0EPSS: 0%CPEs: 12EXPL: 0CVE-2019-17055 – kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol
https://notcve.org/view.php?id=CVE-2019-17055
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. La función base_sock_create en el archivo drivers/isdn/mISDN/socket.c en el módulo de red AF_ISDN en el kernel de Linux versiones hasta 5.3.2 no aplica CAP_NET_RAW, lo que significa que los usuarios no privilegiados pueden crear un socket en bruto, también se conoce como CID-b91ee4aa2a21. A vulnerability was found in the Linux kernel’s implementation of the AF_ISDN protocol, which does not enforce the CAP_NET_RAW capability. This flaw can allow unprivileged users to create a raw socket for this protocol. This could further allow the user to control the availability of an existing ISDN circuit. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00039.html http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://access.redhat.com/errata/RHSA-2020:0790 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b91ee4aa2 • CWE-250: Execution with Unnecessary Privileges CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 60EXPL: 0CVE-2019-14821 – Kernel: KVM: OOB memory access via mmio ring buffer
https://notcve.org/view.php?id=CVE-2019-14821
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system. Se encontró un problema de acceso fuera de límites en el kernel de Linux, todas las versiones hasta 5.3, en la manera en que el hipervisor KVM del kernel de Linux implementa la operación de escritura MMIO Coalesced. Opera en un objeto MMIO ring buffer "struct kvm_coalesced_mmio", en donde los índices de escritura "ring-)first" y "ring-)last" podrían ser suministrados por un proceso de espacio de usuario del host. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.openwall.com/lists/oss-security/2019/09/20/1 https://access.redhat.com/errata/RHSA-2019:3309 https://access.redhat.com/errata/RHSA-2019:3517&# • CWE-787: Out-of-bounds Write •