CVE-2022-2078 – kernel: buffer overflow in nft_set_desc_concat_parse()
https://notcve.org/view.php?id=CVE-2022-2078
A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code. Se ha encontrado una vulnerabilidad en la función nft_set_desc_concat_parse() del kernel de Linux. Este fallo permite a un atacante desencadenar un desbordamiento de búfer por medio de la función nft_set_desc_concat_parse() , causando una denegación de servicio y posiblemente una ejecución de código • https://github.com/delsploit/CVE-2022-2078 https://bugzilla.redhat.com/show_bug.cgi?id=2096178 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/nf_tables_api.c?id=fecf31ee395b0295f2d7260aa29946b7605f7c85 https://www.debian.org/security/2022/dsa-5161 https://access.redhat.com/security/cve/CVE-2022-2078 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVE-2022-0207 – vdsm: disclosure of sensitive values in log files
https://notcve.org/view.php?id=CVE-2022-0207
A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text. Se encontró una condición de carrera en vdsm. Funcionalidad para ofuscar valores sensibles en archivos de registro que puede conllevar a que los valores sean almacenados en texto sin cifrar. • https://access.redhat.com/security/cve/CVE-2022-0207 https://bugzilla.redhat.com/show_bug.cgi?id=2033697 https://bugzilla.redhat.com/show_bug.cgi?id=2039248 https://gerrit.ovirt.org/c/vdsm/+/118025 https://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=53b0036fc72d3b8877d4e7f047d705e5a4c722e8 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2021-3669 – kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts
https://notcve.org/view.php?id=CVE-2021-3669
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS. Se ha encontrado un fallo en el kernel de Linux. La medición del uso de la memoria compartida no escala con grandes recuentos de segmentos de memoria compartida, lo que podría conllevar a el agotamiento de recursos y el DoS. • https://access.redhat.com/security/cve/CVE-2021-3669 https://bugzilla.redhat.com/show_bug.cgi?id=1980619 https://bugzilla.redhat.com/show_bug.cgi?id=1986473 https://security-tracker.debian.org/tracker/CVE-2021-3669 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2021-20316 – samba: Symlink race error can allow metadata read and modify outside of the exported share
https://notcve.org/view.php?id=CVE-2021-20316
A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share. Se ha encontrado un fallo en la forma en que Samba maneja los metadatos de los archivos/directorios. Este fallo permite a un atacante autenticado con permisos para leer o modificar los metadatos del recurso compartido, llevar a cabo esta operación fuera del recurso compartido. • https://access.redhat.com/security/cve/CVE-2021-20316 https://bugzilla.redhat.com/show_bug.cgi?id=2009673 https://bugzilla.samba.org/show_bug.cgi?id=14842 https://security-tracker.debian.org/tracker/CVE-2021-20316 https://security.gentoo.org/glsa/202309-06 https://www.samba.org/samba/security/CVE-2021-20316.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2022-27666 – kernel: buffer overflow in IPsec ESP transformation code
https://notcve.org/view.php?id=CVE-2022-27666
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. Se ha encontrado un fallo de desbordamiento del búfer de la pila en el código de transformación de IPsec ESP en net/ipv4/esp4.c y net/ipv6/esp6.c. Este fallo permite a un atacante local con un privilegio de usuario normal sobrescribir los objetos de la pila del núcleo y puede causar una amenaza de escalada de privilegios local • https://github.com/plummm/CVE-2022-27666 https://bugzilla.redhat.com/show_bug.cgi?id=2061633 https://github.com/torvalds/linux/commit/ebe48d368e97d007bfeb76fcb065d6cfc4c96645 https://security.netapp.com/advisory/ntap-20220429-0001 https://www.debian.org/security/2022/dsa-5127 https://www.debian.org/security/2022/dsa-5173 https://access.redhat.com/security/cve/CVE-2022-27666 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •