CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-20320
https://notcve.org/view.php?id=CVE-2021-20320
A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem. Se encontró un fallo en s390 eBPF JIT en la función bpf_jit_insn en el archivo arch/s390/net/bpf_jit_comp.c en el kernel de Linux. En este fallo, un atacante local con privilegios de usuario especiales puede omitir el verificador y puede conllevar a un problema de confidencialidad • https://bugzilla.redhat.com/show_bug.cgi?id=2010090 https://lore.kernel.org/bpf/20210902185229.1840281-1-johan.almbladh%40anyfinetworks.com • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 79EXPL: 0CVE-2022-0330 – kernel: possible privileges escalation due to missing TLB flush
https://notcve.org/view.php?id=CVE-2022-0330
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. Se ha encontrado un fallo de acceso aleatorio a la memoria en la funcionalidad del controlador del kernel de la GPU i915 de Linux en la forma en que un usuario puede ejecutar código malicioso en la GPU. Este fallo permite a un usuario local bloquear el sistema o escalar sus privilegios en el mismo A random memory access flaw was found in the Linux kernel’s GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. • http://www.openwall.com/lists/oss-security/2022/11/30/1 https://bugzilla.redhat.com/show_bug.cgi?id=2042404 https://security.netapp.com/advisory/ntap-20220526-0001 https://www.openwall.com/lists/oss-security/2022/01/25/12 https://access.redhat.com/security/cve/CVE-2022-0330 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2022-25314 – expat: Integer overflow in copyString()
https://notcve.org/view.php?id=CVE-2022-25314
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. En Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, se presenta un desbordamiento de enteros en copyString An integer overflow flaw was found in expat. This issue affects the encoding name parameter at the parser creation time, which is often hard-coded (rather than user input), takes a value in the gigabytes to trigger, and on a 64-bit machine. This flaw can cause a denial of service. • http://www.openwall.com/lists/oss-security/2022/02/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/560 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM https://security.gentoo.org/glsa/202209-24 https://security.netapp.com/advisory/ntap-20220303-0008 htt • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 2%CPEs: 9EXPL: 1CVE-2022-25315 – expat: Integer overflow in storeRawNames()
https://notcve.org/view.php?id=CVE-2022-25315
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. En Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, se presenta un desbordamiento de enteros en storeRawNames An integer overflow was found in expat. The issue occurs in storeRawNames() by abusing the m_buffer expansion logic to allow allocations very close to INT_MAX and out-of-bounds heap writes. This flaw can cause a denial of service or potentially arbitrary code execution. • http://www.openwall.com/lists/oss-security/2022/02/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/559 https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM https://security.gentoo.org/glsa&# • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 1%CPEs: 9EXPL: 2CVE-2022-25313 – expat: Stack exhaustion in doctype parsing
https://notcve.org/view.php?id=CVE-2022-25313
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. En Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, un atacante puede desencadenar un agotamiento de pila en build_model por medio de una gran profundidad de anidamiento en el elemento DTD A flaw was found in expat. A stack exhaustion in doctype parsing could be triggered by a file with a large number of opening braces, resulting in a denial of service. • https://github.com/Trinadh465/external_expat-2.1.0_CVE-2022-25313 https://github.com/ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25313 http://www.openwall.com/lists/oss-security/2022/02/19/1 https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/558 https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU https • CWE-674: Uncontrolled Recursion CWE-770: Allocation of Resources Without Limits or Throttling •