CVSS: 6.2EPSS: 0%CPEs: 7EXPL: 0CVE-2022-23645 – Out-of-bounds read in swtpm
https://notcve.org/view.php?id=CVE-2022-23645
18 Feb 2022 — swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an out-of-bounds access when the byte array representing the state of the TPM is accessed. This will likely crash swtpm or prevent it from starting since the state cannot be understood. Users should upgrade to swtpm v0.... • https://github.com/stefanberger/swtpm/commit/9f740868fc36761de27df3935513bdebf8852d19 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-20320
https://notcve.org/view.php?id=CVE-2021-20320
18 Feb 2022 — A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem. Se encontró un fallo en s390 eBPF JIT en la función bpf_jit_insn en el archivo arch/s390/net/bpf_jit_comp.c en el kernel de Linux. En este fallo, un atacante local con privilegios de usuario especiales puede omitir el verificador y puede conllevar a un problema de confidencialid... • https://bugzilla.redhat.com/show_bug.cgi?id=2010090 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-0135 – Ubuntu Security Notice USN-5309-1
https://notcve.org/view.php?id=CVE-2022-0135
17 Feb 2022 — An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution. Se ha encontrado un problema de escritura fuera de límites en el renderizador virtual OpenGL de VirGL (virglrenderer). Este defecto permite a un invitado malicioso crear un recurso virgil especialmente diseñado y luego emitir un ioctl V... • https://bugzilla.redhat.com/show_bug.cgi?id=2037790 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2021-23177 – libarchive: extracting a symlink with ACLs modifies ACLs of target
https://notcve.org/view.php?id=CVE-2021-23177
17 Feb 2022 — An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges. Un fallo de resolución de enlaces inapropiado mientras es extraído un archivo puede conllevar a un cambio de la lista de control de acceso (ACL)... • https://access.redhat.com/security/cve/CVE-2021-23177 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 1CVE-2021-3773 – kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients
https://notcve.org/view.php?id=CVE-2021-3773
16 Feb 2022 — A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. Un fallo en netfilter podría permitir a un atacante conectado a la red inferir información del endpoint de la conexión openvpn para su posterior uso en ataques de red tradicionales Red Hat Advanced Cluster Management for Kubernetes 2.5.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges tha... • https://github.com/d0rb/CVE-2021-3773 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2022-0561 – libtiff: Denial of Service via crafted TIFF file
https://notcve.org/view.php?id=CVE-2022-0561
11 Feb 2022 — Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712. Un puntero fuente null pasado como argumento a la función memcpy() dentro de TIFFFetchStripThing() en el archivo tif_dirread.c en libtiff versiones 3.9.0 a 4.3.0, podía conllevar a una denegación de servicio por medio de... • https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef • CWE-476: NULL Pointer Dereference •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2021-4159 – Ubuntu Security Notice USN-5790-1
https://notcve.org/view.php?id=CVE-2021-4159
10 Feb 2022 — A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. Se encontró una vulnerabilidad en el verificador EBPF del kernel de Linux cuando son manejadas estructuras de datos internas. Las ubicaciones de memoria interna ... • https://access.redhat.com/security/cve/CVE-2021-4159 • CWE-202: Exposure of Sensitive Information Through Data Queries •
CVSS: 7.8EPSS: 0%CPEs: 79EXPL: 0CVE-2022-0330 – kernel: possible privileges escalation due to missing TLB flush
https://notcve.org/view.php?id=CVE-2022-0330
10 Feb 2022 — A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. Se ha encontrado un fallo de acceso aleatorio a la memoria en la funcionalidad del controlador del kernel de la GPU i915 de Linux en la forma en que un usuario puede ejecutar código malicioso en la GPU. Este fallo permite a un usuario local bloquear el sistema o escal... • http://www.openwall.com/lists/oss-security/2022/11/30/1 • CWE-281: Improper Preservation of Permissions •
CVSS: 9.0EPSS: 60%CPEs: 60EXPL: 2CVE-2022-0435 – kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
https://notcve.org/view.php?id=CVE-2022-0435
10 Feb 2022 — A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. Se ha encontrado un fallo de desbordamiento de pila en la funcionalidad del protocolo TIPC del kernel de Linux en la forma en que un usuario envía un paquete con contenido m... • https://github.com/wlswotmd/CVE-2022-0435 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 2CVE-2022-0529 – Gentoo Linux Security Advisory 202310-17
https://notcve.org/view.php?id=CVE-2022-0529
09 Feb 2022 — A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. Se ha encontrado un fallo en Unzip. La vulnerabilidad se produce durante la conversión de una cadena amplia a una cadena local que conduce a un montón de escritura fuera de límites. • https://github.com/nanaao/unzip_poc • CWE-787: Out-of-bounds Write •