CVSS: 8.8EPSS: 51%CPEs: 6EXPL: 10CVE-2022-2588 – Linux Kernel route4_change Double Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-2588
10 Aug 2022 — It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. Se descubrió que la implementación del filtro cls_route en el kernel de Linux no eliminaba un filtro antiguo de la tabla hash antes de liberarlo si su identificador tenía el valor 0. A use-after-free flaw was found in route4_change in the net/sched/cls_route.c filter implementation in the Linux kernel. This flaw allows a local user ... • https://github.com/Markakd/CVE-2022-2588 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 0CVE-2022-1184 – kernel: use-after-free and memory errors in ext4 when mounting and operating on a corrupted image
https://notcve.org/view.php?id=CVE-2022-1184
28 Jul 2022 — A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service. Se ha detectado un fallo de uso de memoria previamente liberada en el archivo fs/ext4/namei.c:dx_insert_block() en el subcomponente del sistema de archivos del kernel de Linux. Este fallo permite a un atacante local con privilegios de usuario causar una denegación de servicio It was discovered that the netli... • https://access.redhat.com/security/cve/CVE-2022-1184 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 31%CPEs: 22EXPL: 10CVE-2022-34918 – kernel: heap overflow in nft_set_elem_init()
https://notcve.org/view.php?id=CVE-2022-34918
04 Jul 2022 — An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c. Se ha detectado un problema en el kernel de Linux versiones hasta 5.18.9. • https://packetstorm.news/files/id/168543 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') CWE-1025: Comparison Using Wrong Factors •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-2084 – sensitive data exposure in cloud-init logs
https://notcve.org/view.php?id=CVE-2022-2084
30 Jun 2022 — Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords. Mike Stroyan discovered that cloud-init could log password hashes when reporting schema failures. An attacker with access to these logs could potentially use this to gain user credentials. • https://github.com/canonical/cloud-init/commit/4d467b14363d800b2185b89790d57871f11ea88c • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 3CVE-2022-29581 – kernel: use-after-free due to improper update of reference count in net/sched/cls_u32.c
https://notcve.org/view.php?id=CVE-2022-29581
17 May 2022 — Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. Una vulnerabilidad de actualización inapropiada del recuento de referencias en net/sched del Kernel de Linux permite a un atacante local causar una escalada de privilegios a root. Este problema afecta a: Las versiones del Kernel de Linux anteriores a 5.18; la versión 4.14 y posterio... • https://github.com/Nidhi77777/linux-4.19.72_CVE-2022-29581 • CWE-416: Use After Free CWE-911: Improper Update of Reference Count •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-28652 – Ubuntu Security Notice USN-6894-1
https://notcve.org/view.php?id=CVE-2022-28652
17 May 2022 — ~/.config/apport/settings parsing is vulnerable to "billion laughs" attack ~/.config/apport/settings el análisis es vulnerable al ataque de "billion laughs" Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use thi... • https://ubuntu.com/security/notices/USN-5427-1 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-28654 – Ubuntu Security Notice USN-6894-1
https://notcve.org/view.php?id=CVE-2022-28654
17 May 2022 — is_closing_session() allows users to fill up apport.log is_closing_session() permite a los usuarios completar apport.log Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use this issue to connect to arbitrary sock... • https://ubuntu.com/security/notices/USN-5427-1 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-28656 – Ubuntu Security Notice USN-6894-1
https://notcve.org/view.php?id=CVE-2022-28656
17 May 2022 — is_closing_session() allows users to consume RAM in the Apport process is_closing_session() permite a los usuarios consumir RAM en el proceso de Apport Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use this iss... • https://ubuntu.com/security/notices/USN-5427-1 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-28657 – Ubuntu Security Notice USN-6894-1
https://notcve.org/view.php?id=CVE-2022-28657
17 May 2022 — Apport does not disable python crash handler before entering chroot Apport no desactiva el controlador de fallos de Python antes de ingresar a chroot Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use this issue... • https://ubuntu.com/security/notices/USN-5427-1 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-28658 – Ubuntu Security Notice USN-6894-1
https://notcve.org/view.php?id=CVE-2022-28658
17 May 2022 — Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing El análisis de argumentos de Apport maneja mal la división de nombres de archivos en núcleos más antiguos, lo que resulta en suplantación de argumentos Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. Gerrit Venema discovered that Apport incorrectly... • https://ubuntu.com/security/notices/USN-5427-1 •