CVSS: 5.3EPSS: 0%CPEs: 29EXPL: 0CVE-2024-28834 – Gnutls: vulnerable to minerva side-channel information leak
https://notcve.org/view.php?id=CVE-2024-28834
21 Mar 2024 — A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel. Se encontró una falla en GnuTLS. El ataque Minerva es una vulnerabilidad criptográfica que explota el comportamiento determinista en sistemas ... • http://www.openwall.com/lists/oss-security/2024/03/22/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 0CVE-2024-28835 – Gnutls: potential crash during chain building/verification
https://notcve.org/view.php?id=CVE-2024-28835
21 Mar 2024 — A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command. Se ha descubierto una falla en GnuTLS donde se puede inducir una falla de la aplicación al intentar verificar un paquete .pem especialmente manipulado usando el comando "certtool --verify-chain". USN-6733-1 fixed vulnerabilities in GnuTLS. This update provides the corresponding updates for Ubuntu 24.04 LTS. It was discovered tha... • http://www.openwall.com/lists/oss-security/2024/03/22/1 • CWE-248: Uncaught Exception •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-46841 – x86: shadow stack vs exceptions from emulation stubs
https://notcve.org/view.php?id=CVE-2023-46841
20 Mar 2024 — Recent x86 CPUs offer functionality named Control-flow Enforcement Technology (CET). A sub-feature of this are Shadow Stacks (CET-SS). CET-SS is a hardware feature designed to protect against Return Oriented Programming attacks. When enabled, traditional stacks holding both data and return addresses are accompanied by so called "shadow stacks", holding little more than return addresses. Shadow stacks aren't writable by normal instructions, and upon function returns their contents are used to check for possi... • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A •
CVSS: 4.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-46840 – VT-d: Failure to quarantine devices in !HVM builds
https://notcve.org/view.php?id=CVE-2023-46840
20 Mar 2024 — Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen. Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen. Multiple vulnerabilities have been discovered in Xen, the worst of which could lead to privilege escalation. Versions greater than or equal to 4.17.4 are affected. • https://xenbits.xenproject.org/xsa/advisory-450.html •
CVSS: 5.3EPSS: 0%CPEs: 15EXPL: 0CVE-2023-46839 – pci: phantom functions assigned to incorrect contexts
https://notcve.org/view.php?id=CVE-2023-46839
20 Mar 2024 — PCI devices can make use of a functionality called phantom functions, that when enabled allows the device to generate requests using the IDs of functions that are otherwise unpopulated. This allows a device to extend the number of outstanding requests. Such phantom functions need an IOMMU context setup, but failure to setup the context is not fatal when the device is assigned. Not failing device assignment when such failure happens can lead to the primary device being assigned to a guest, while some of the ... • https://xenbits.xenproject.org/xsa/advisory-449.html •
CVSS: 7.7EPSS: 0%CPEs: 11EXPL: 0CVE-2024-0793 – Kube-controller-manager: malformed hpa v1 manifest causes crash
https://notcve.org/view.php?id=CVE-2024-0793
20 Mar 2024 — A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn. Red Hat OpenShift Container Platform release 4.12.53 is now available with updates to packages and images that fix several bugs and add enhancements. • https://access.redhat.com/errata/RHSA-2024:0741 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 35EXPL: 0CVE-2024-2616 – Mozilla: Improve handling of out-of-memory conditions in ICU
https://notcve.org/view.php?id=CVE-2024-2616
19 Mar 2024 — To harden ICU against exploitation, the behavior for out-of-memory conditions was changed to crash instead of attempt to continue. This vulnerability affects Firefox ESR < 115.9 and Thunderbird < 115.9. Para proteger a la UCI contra la explotación, el comportamiento de las condiciones de falta de memoria se cambió para que falle en lugar de intentar continuar. Esta vulnerabilidad afecta a Firefox ESR <115.9 y Thunderbird <115.9. The Mozilla Foundation Security Advisory describes this flaw as: To harde... • https://bugzilla.mozilla.org/show_bug.cgi?id=1846197 •
CVSS: 10.0EPSS: 0%CPEs: 35EXPL: 0CVE-2024-2614 – Mozilla: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9
https://notcve.org/view.php?id=CVE-2024-2614
19 Mar 2024 — Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. Errores de seguridad de la memoria presentes en Firefox 123, Firefox ESR 115.8 y Thunderbird 115.8. Algunos de estos errores mostraron evidencia de corrupción de memoria y suponemos... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1685358%2C1861016%2C1880405%2C1881093 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 0%CPEs: 35EXPL: 0CVE-2024-2612 – Mozilla: Self referencing object could have potentially led to a use-after-free
https://notcve.org/view.php?id=CVE-2024-2612
19 Mar 2024 — If an attacker could find a way to trigger a particular code path in `SafeRefPtr`, it could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. Si un atacante pudiera encontrar una manera de activar una ruta de código particular en `SafeRefPtr`, podría haber provocado un bloqueo o potencialmente aprovecharse para lograr la ejecución del código. Esta vulnerabilidad afecta a Firefox < 124, Fire... • https://bugzilla.mozilla.org/show_bug.cgi?id=1879444 • CWE-416: Use After Free •
CVSS: 6.4EPSS: 0%CPEs: 35EXPL: 0CVE-2024-2611 – Mozilla: Clickjacking vulnerability could have led to a user accidentally granting permissions
https://notcve.org/view.php?id=CVE-2024-2611
19 Mar 2024 — A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. Una demora faltante en el momento en que se usó el bloqueo del puntero podría haber permitido que una página maliciosa engañara a un usuario para que otorgara permisos. Esta vulnerabilidad afecta a Firefox < 124, Firefox ESR < 115.9 y Thunderbird < 115.9. The Mozilla Foundation Security Ad... • https://bugzilla.mozilla.org/show_bug.cgi?id=1876675 • CWE-449: The UI Performs the Wrong Action •