Page 33 of 726 results (0.019 seconds)

CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 1

CVE-2021-3773 – kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients

https://notcve.org/view.php?id=CVE-2021-3773

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. Un fallo en netfilter podría permitir a un atacante conectado a la red inferir información del endpoint de la conexión openvpn para su posterior uso en ataques de red tradicionales • https://github.com/d0rb/CVE-2021-3773 https://bugzilla.redhat.com/show_bug.cgi?id=2004949 https://www.oracle.com/security-alerts/cpujul2022.html https://citizenlab.ca/2024/07/vulnerabilities-in-vpns-paper-presented-at-the-privacy-enhancing-technologies-symposium-2024 https://access.redhat.com/security/cve/CVE-2021-3773 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2022-0487

https://notcve.org/view.php?id=CVE-2022-0487

A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1. Se ha encontrado una vulnerabilidad de uso de memoria previamente liberada en la función rtsx_usb_ms_drv_remove en el archivo drivers/memstick/host/rtsx_usb_ms.c en memstick en el kernel de Linux. En este fallo, un atacante local con un privilegio de usuario puede afectar a la confidencialidad del sistema. • https://bugzilla.redhat.com/show_bug.cgi?id=2044561 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42933c8aa14be1caa9eda41f65cde8a3a95d3e39 https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://www.debian.org/security/2022/dsa-5095 https://www.debian.org/security/2022/dsa-5096 • CWE-416: Use After Free •

CVSS: 7.9EPSS: 0%CPEs: 36EXPL: 1

CVE-2021-3752 – kernel: possible use-after-free in bluetooth module

https://notcve.org/view.php?id=CVE-2021-3752

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se ha encontrado un fallo de uso de memoria previamente liberada en el subsistema Bluetooth del kernel de Linux en la forma en que las llamadas de usuario son conectadas al socket y son desconectadas simultáneamente debido a una condición de carrera. Este fallo permite a un usuario bloquear el sistema o escalar sus privilegios. • https://bugzilla.redhat.com/show_bug.cgi?id=1999544 https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://lore.kernel.org/lkml/20211115165435.133245729%40linuxfoundation.org https://security.netapp.com/advisory/ntap-20220318-0009 https://www.debian.org/security/2022/dsa-5096 https://www.openwall.com/lists/oss-security/2021/09/15/4 https://www.oracle.com/security-alerts/cpujul2022.html https:/ • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1

CVE-2021-4093 – kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io

https://notcve.org/view.php?id=CVE-2021-4093

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario. Se ha encontrado un fallo en el código de AMD de KVM para soportar la Virtualización Segura Encriptada-Estado Encriptado (SEV-ES). Un huésped de KVM que use SEV-ES puede desencadenar lecturas y escrituras fuera de límites en el núcleo anfitrión por medio de un VMGEXIT malicioso para una instrucción de E/S de cadena (por ejemplo, outs o ins) usando el motivo de salida SVM_EXIT_IOIO. • https://bugs.chromium.org/p/project-zero/issues/detail?id=2222 https://bugzilla.redhat.com/show_bug.cgi?id=2028584 https://access.redhat.com/security/cve/CVE-2021-4093 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 2

CVE-2021-4154 – kernel: local privilege escalation by exploiting the fsconfig syscall parameter leads to container breakout

https://notcve.org/view.php?id=CVE-2021-4154

A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system. Se encontró un defecto de uso de memoria previamente liberada en la función cgroup1_parse_param en el archivo kernel/cgroup/cgroup-v1.c en el analizador cgroup v1 del kernel de Linux. Un atacante local con un privilegio de usuario podría causar una escalada de privilegios al explotar el parámetro de syscall fsconfig, conllevando a una ruptura del contenedor y una denegación de servicio en el sistema • https://github.com/Markakd/CVE-2021-4154 https://github.com/veritas501/CVE-2021-4154 https://bugzilla.redhat.com/show_bug.cgi?id=2034514 https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b https://security.netapp.com/advisory/ntap-20220225-0004 https://access.redhat.com/security/cve/CVE-2021-4154 • CWE-416: Use After Free •