CVSS: 3.2EPSS: 0%CPEs: 5EXPL: 0CVE-2020-25743
https://notcve.org/view.php?id=CVE-2020-25743
hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call. El archivo hw/ide/pci.c en QEMU versiones anteriores a 5.1.1, puede desencadenar una desreferencia del puntero NULL porque carece de una comprobación de puntero antes de una llamada de ide_cancel_dma_sync • http://www.openwall.com/lists/oss-security/2020/09/29/1 https://bugzilla.redhat.com/show_bug.cgi?id=1881409 https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05967.html https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Fide_nullptr1b • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2020-25641 – kernel: soft-lockups in iov_iter_copy_from_user_atomic() could result in DoS
https://notcve.org/view.php?id=CVE-2020-25641
A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability. Se encontró un fallo en la implementación de biovecs del kernel de Linux en versiones anteriores a 5.9-rc7. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00042.html http://www.openwall.com/lists/oss-security/2020/10/06/9 https://bugzilla.redhat.com/show_bug.cgi?id=1881424 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e24969022cbd61ddc586f14824fc205661bb124 https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/2020/ • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2020-25643 – kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow
https://notcve.org/view.php?id=CVE-2020-25643
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo de corrupción de la memoria en el kernel de Linux en versiones anteriores a 5.9-rc7, en el módulo HDLC_PPP en la manera en que recibe paquetes malformados por el protocolo PPP. Un usuario remoto podría usar este fallo para bloquear el sistema o causar una denegación de servicio A flaw was found in the HDLC_PPP module of the Linux kernel. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00042.html https://bugzilla.redhat.com/show_bug.cgi?id=1879981 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=66d42ed8b25b64eb63111a2b8582c5afc8bf1105 https://lists.debian.org/debian-lts-announce/2020/10/msg00028.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/ • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2020-14370 – podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API
https://notcve.org/view.php?id=CVE-2020-14370
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables. Se encontró una vulnerabilidad de divulgación de información en containers/podman en versiones anteriores a 2.0.5. Cuando se usa la API Varlink obsoleta o la API REST compatible con Docker, si son creados varios contenedores en un período corto, las variables de entorno desde el primer contenedor son filtradas hacia los contenedores posteriores. • https://bugzilla.redhat.com/show_bug.cgi?id=1874268 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV https://access.redhat.com/security/cve/CVE-2020-14370 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 1CVE-2020-14331 – kernel: kernel: buffer over write in vgacon_scroll
https://notcve.org/view.php?id=CVE-2020-14331
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en la implementación del kernel de Linux del código de video invertido en consolas VGA cuando un atacante local intenta cambiar el tamaño de la consola, llamando un ioctl VT_RESIZE, lo que causa una escritura fuera de límites. Este fallo permite a un usuario local con acceso a la consola VGA bloquear el sistema, escalando potencialmente sus privilegios en el sistema. • https://bugzilla.redhat.com/show_bug.cgi?id=1858679 https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html https://lists.openwall.net/linux-kernel/2020/07/29/234 https://www.openwall.com/lists/oss-security/2020/07/28/2 https://access.redhat.com/security/cve/CVE-2020-14331 • CWE-787: Out-of-bounds Write •