CVSS: 7.0EPSS: 0%CPEs: 68EXPL: 1CVE-2021-3609 – kernel: race condition in net/can/bcm.c leads to local privilege escalation
https://notcve.org/view.php?id=CVE-2021-3609
.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. Se ha encontrado un fallo en el protocolo de red CAN BCM en el kernel de Linux, donde un atacante local puede abusar de un fallo en el subsistema CAN para corromper la memoria, bloquear el sistema o escalar privilegios. Esta condición de carrera en el archivo net/can/bcm.c en el kernel de Linux permite una escalada de privilegios local a root A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. • https://bugzilla.redhat.com/show_bug.cgi?id=1971651 https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md https://github.com/torvalds/linux/commit/d5f9023fa61ee8b94f37a93f08e94b136cf1e463 https://security.netapp.com/advisory/ntap-20220419-0004 https://www.openwall.com/lists/oss-security/2021/06/19/1 https://access.redhat.com/security/cve/CVE-2021-3609 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2020-35514
https://notcve.org/view.php?id=CVE-2020-35514
An insecure modification flaw in the /etc/kubernetes/kubeconfig file was found in OpenShift. This flaw allows an attacker with access to a running container which mounts /etc/kubernetes or has local access to the node, to copy this kubeconfig file and attempt to add their own node to the OpenShift cluster. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. This flaw affects versions before openshift4/ose-machine-config-operator v4.7.0-202105111858.p0. Se ha detectado un fallo de modificación no segura en el archivo /etc/kubernetes/kubeconfig en OpenShift. • https://bugzilla.redhat.com/show_bug.cgi?id=1914714 • CWE-266: Incorrect Privilege Assignment •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-1761
https://notcve.org/view.php?id=CVE-2020-1761
A flaw was found in the OpenShift web console, where the access token is stored in the browser's local storage. An attacker can use this flaw to get the access token via physical access, or an XSS attack on the victim's browser. This flaw affects openshift/console versions before openshift/console-4. Se encontró un fallo en la consola web de OpenShift, donde el token de acceso es guardado en el almacenamiento local del navegador. Un atacante puede usar este fallo para obtener el token de acceso por medio de un acceso físico o un ataque de tipo XSS en el navegador de la víctima. • https://bugzilla.redhat.com/show_bug.cgi?id=1813788 • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3495 – kiali/kiali-operator: can deploy specified image to any namespace
https://notcve.org/view.php?id=CVE-2021-3495
An incorrect access control flaw was found in the kiali-operator in versions before 1.33.0 and before 1.24.7. This flaw allows an attacker with a basic level of access to the cluster (to deploy a kiali operand) to use this vulnerability and deploy a given image to anywhere in the cluster, potentially gaining access to privileged service account tokens. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo de control de acceso incorrecto en kiali-operator en versiones anteriores a 1.33.0 y versiones anteriores a 1.24.7. este fallo permite a un atacante con un nivel básico de acceso al clúster (para implementar un operando kiali) usar esta vulnerabilidad e implementar una imagen determinada en cualquier lugar del clúster, potencialmente consiguiendo acceso a tokens de cuentas de servicio privilegiadas. La mayor amenaza de esta vulnerabilidad es la confidencialidad e integridad de los datos, así como la disponibilidad del sistema An incorrect access control flaw was found in the kiali-operator. • https://bugzilla.redhat.com/show_bug.cgi?id=1947361 https://kiali.io/news/security-bulletins/kiali-security-003 https://access.redhat.com/security/cve/CVE-2021-3495 • CWE-281: Improper Preservation of Permissions •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25014 – istio-pilot: requests to debug api can result in panic
https://notcve.org/view.php?id=CVE-2019-25014
A NULL pointer dereference was found in pkg/proxy/envoy/v2/debug.go getResourceVersion in Istio pilot before 1.5.0-alpha.0. If a particular HTTP GET request is made to the pilot API endpoint, it is possible to cause the Go runtime to panic (resulting in a denial of service to the istio-pilot application). Se encontró una desreferencia del puntero NULL en el archivo pkg/proxy/envoy/v2/debug.go en la función getResourceVersion en Istio pilot versiones anteriores a 1.5.0-alpha.0. Si es realizado una petición HTTP GET en particular al endpoint de la API pilot, es posible que el tiempo de ejecución de Go entre en pánico (resultando en una denegación de servicio para la aplicación istio-pilot) An out-of-bounds read flaw was found in istio-pilot. This flaw allows an attacker to send a crafted HTTP GET request to the pilot debug API endpoint. • https://bugzilla.redhat.com/show_bug.cgi?id=1919066 https://github.com/istio/istio/compare/1.4.2...1.5.0-alpha.0 https://access.redhat.com/security/cve/CVE-2019-25014 • CWE-125: Out-of-bounds Read CWE-476: NULL Pointer Dereference •