CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0CVE-2020-8622 – A truncated TSIG response can lead to an assertion failure
https://notcve.org/view.php?id=CVE-2020-8622
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. En BIND versiones 9.0.0 -) 9.11.21, 9.12.0 -) 9.16.5, 9.17.0 -) 9.17.3, también afecta a versiones 9.9.3-S1 -) 9.11.21-S1 de BIND 9 Supported Preview Edition, un atacante sobre la ruta de la red para una petición firmada por TSIG, u operando el servidor que recibe la petición firmada por TSIG, podría enviar una respuesta truncada a esa petición, desencadenando un fallo de aserción y causando que el servidor salga. Alternativamente, un atacante fuera de la ruta tendría que adivinar correctamente cuándo fue enviada una petición firmada por TSIG, junto con otras características del paquete y mensaje, y falsificar una respuesta truncada para desencadenar un fallo de aserción, causando la salida del servidor. A flaw was found in bind. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2020-8622 https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP https://security. • CWE-400: Uncontrolled Resource Consumption CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2020-8621 – Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c
https://notcve.org/view.php?id=CVE-2020-8621
In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected. En BIND versiones 9.14.0 -) 9.16.5, 9.17.0 -) 9.17.3, si un servidor está configurado con minimización de QNAME y "forward first", entonces un atacante que pueda enviarle consultas puede ser capaz de desencadenar la condición que causará que el servidor se bloquee. Los servidores con "forward only" no están afectados. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2020-8621 https://security.gentoo.org/glsa/202008-19 https://security.netapp.com/advisory/ntap-20200827-0003 https://usn.ubuntu.com/4468-1 https://www.synology.com/security/advisory/Synology_SA_20_19 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 2%CPEs: 12EXPL: 0CVE-2020-8620
https://notcve.org/view.php?id=CVE-2020-8620
In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit. En BIND versiones 9.15.6 -) 9.16.5, 9.17.0 -) 9.17.3, un atacante que puede establecer una conexión TCP con el servidor y enviar datos en esa conexión puede explotar esto para desencadenar el fallo de aserción, causando la salida del servidor. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2020-8620 https://security.gentoo.org/glsa/202008-19 https://security.netapp.com/advisory/ntap-20200827-0003 https://usn.ubuntu.com/4468-1 https://www.synology.com/security/advisory/Synology_SA_20_19 • CWE-617: Reachable Assertion •
CVSS: 3.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-12829
https://notcve.org/view.php?id=CVE-2020-12829
In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash the QEMU process in sm501_2d_operation() in hw/display/sm501.c on the host, resulting in a denial of service. En QEMU versiones hasta 5.0.0, se encontró un desbordamiento de enteros en la implementación del controlador de pantalla SM501. Este fallo ocurre en la macro COPY_AREA al manejar operaciones de escritura MMIO por medio de la devolución de llamada de sm501_2d_engine_write(). • https://bugzilla.redhat.com/show_bug.cgi?id=1808510 https://usn.ubuntu.com/4467-1 https://www.debian.org/security/2020/dsa-4760 • CWE-190: Integer Overflow or Wraparound •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2020-14415
https://notcve.org/view.php?id=CVE-2020-14415
oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position. La función oss_write en el archivo audio/ossaudio.c en QEMU versiones anteriores a 5.0.0, maneja inapropiadamente una posición de búfer • https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=7a4ede0047a8613b0e3b72c9d351038f013dd357 https://usn.ubuntu.com/4467-1 • CWE-369: Divide By Zero •