CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-12363 – kernel: Improper input validation in some Intel(R) Graphics Drivers
https://notcve.org/view.php?id=CVE-2020-12363
Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access. Una comprobación inapropiada de la entrada en algunos Intel® Graphics Drivers para Windows* versiones anteriores a 26.20.100.7212 y versiones anteriores a 5.5 del kernel de Linux, puede permitir a un usuario privilegiado habilitar potencialmente una denegación de servicio por medio de un acceso local A flaw was found in the Linux kernel. Improper input validation in some Intel(R) Graphics Drivers may allow a privileged user to potentially enable a denial of service via local access. • https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html https://access.redhat.com/security/cve/CVE-2020-12363 https://bugzilla.redhat.com/show_bug.cgi?id=1930249 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-26932
https://notcve.org/view.php?id=CVE-2021-26932
An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the backend driver then loops over the results, performing follow-up actions based on the success or failure of each operation. Unfortunately, when running in PV mode, the Linux backend drivers mishandle this: Some errors are ignored, effectively implying their success from the success of related batch elements. In other cases, errors resulting from one batch element lead to further batch elements not being inspected, and hence successful ones to not be possible to properly unmap upon error recovery. Only systems with Linux backends running in PV mode are vulnerable. • http://xenbits.xen.org/xsa/advisory-361.html https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ebee0eab08594b2bd5db716288a4f1ae5936e9bc https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XQR52ICKRK3GC4HDWLMWF2U55YGAR63 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWQWPWYZRX •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-12362 – kernel: Integer overflow in Intel(R) Graphics Drivers
https://notcve.org/view.php?id=CVE-2020-12362
Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access. Un desbordamiento de enteros en el firmware para algunos Intel® Graphics Drivers para Windows* versiones anteriores a 26.20.100.7212 y versiones anteriores a 5.5 del kernel de Linux, puede permitir a un usuario privilegiado habilitar potencialmente una escalada de privilegios por medio de un acceso local A flaw was found in the Linux kernel. An integer overflow in the firmware for some Intel(R) Graphics Drivers may allow a privileged user to potentially enable an escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html https://access.redhat.com/security/cve/CVE-2020-12362 https://bugzilla.redhat.com/show_bug.cgi?id=1930246 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-26930
https://notcve.org/view.php?id=CVE-2021-26930
An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later processing, resulting in the caller assuming successful mapping, and hence subsequent operations trying to access space that wasn't mapped. In another case, internal state would be insufficiently updated, preventing safe recovery from the error. • http://xenbits.xen.org/xsa/advisory-365.html https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=871997bc9e423f05c7da7c9178e62dde5df2a7f8 https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XQR52ICKRK3GC4HDWLMWF2U55YGAR63 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWQWPWYZRX •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3348 – kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c
https://notcve.org/view.php?id=CVE-2021-3348
nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71. En la función nbd_add_socket en el archivo drivers/block/nbd.c en el kernel de Linux versiones hasta 5.10.12, presenta un uso de la memoria previamente liberada de ndb_queue_rq que podría ser desencadenado por atacantes locales (con acceso al dispositivo nbd) por medio de una petición de E/S en un punto determinado durante la configuración del dispositivo, también se conoce como CID-b98e762e3d71 A use after free flaw in the Linux kernel network block device (NBD) subsystem was found in the way user calls an ioctl NBD_SET_SOCK at a certain point during device setup. • http://www.openwall.com/lists/oss-security/2021/02/01/1 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b98e762e3d71e893b221f871825dc64694cfb258 https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html https://www.openwall.com/lists/oss-security/2021/01/28/3 https://access.redhat.com/security/cve/CVE-2021-3348 https://bugzilla.redhat.com/show_bug.cgi?id=1921958 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •