CVSS: 8.8EPSS: 0%CPEs: 26EXPL: 0CVE-2021-28660
https://notcve.org/view.php?id=CVE-2021-28660
rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base. La función rtw_wx_set_scan en el archivo drivers/staging/rtl8188eu/os_dep/ioctl_linux.c en el kernel de Linux versiones hasta 5.11.6, permite escribir más allá del final de la matriz -)ssid[]. NOTA: desde la perspectiva de las versiones de kernel.org, las ID de CVE no se usan normalmente para drivers/staging/* (trabajo sin terminar); sin embargo, los integradores de sistemas pueden tener situaciones en las que un problema de drivers/staging sea relevante para su propia base de clientes • http://www.openwall.com/lists/oss-security/2022/11/18/1 http://www.openwall.com/lists/oss-security/2022/11/21/2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=74b6b20df8cfe90ada777d621b54c32e69e27cd7 https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJPVQZPY3DHPV5I3IVNMSMO6D3PKZISX https:/&#x • CWE-787: Out-of-bounds Write •
CVSS: 3.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-20239 – kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure
https://notcve.org/view.php?id=CVE-2021-20239
A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality. Se encontró un fallo en el kernel de Linux en versiones anteriores a 5.4.92 en el protocolo BPF. Este fallo permite a un atacante con una cuenta local filtrar información sobre las direcciones internas del kernel. • https://bugzilla.redhat.com/show_bug.cgi?id=1923636 https://access.redhat.com/security/cve/CVE-2021-20239 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-822: Untrusted Pointer Dereference •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 2CVE-2021-3411
https://notcve.org/view.php?id=CVE-2021-3411
A flaw was found in the Linux kernel in versions prior to 5.10. A violation of memory access was found while detecting a padding of int3 in the linking state. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en el kernel de Linux en versiones anteriores a 5.10. Se encontró una violación del acceso a la memoria al detectar un relleno de int3 en el estado de enlace. • http://blog.pi3.com.pl/?p=831 https://bugzilla.redhat.com/show_bug.cgi?id=1928236 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20268
https://notcve.org/view.php?id=CVE-2021-20268
An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se encontró un fallo de acceso fuera de límites en la implementación del comprobador de código eBPF en el kernel de Linux, en la manera en que un usuario que ejecuta el script eBPF llama a las funciones dev_map_init_map o sock_map_alloc. Este fallo permite a un usuario local bloquear el sistema o posiblemente escalar sus privilegios. • https://bugzilla.redhat.com/show_bug.cgi?id=1923816 https://lore.kernel.org/bpf/CACAyw99bEYWJCSGqfLiJ9Jp5YE1ZsZSiJxb4RFUTwbofipf0dA%40mail.gmail.com/T/#m8929643e99bea9c18ed490a7bc2591145eac6444 https://security.netapp.com/advisory/ntap-20210409-0006 • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2021-27365 – kernel: heap buffer overflow in the iSCSI subsystem
https://notcve.org/view.php?id=CVE-2021-27365
An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message. Se detectó un problema en el kernel de Linux versiones hasta 5.11.3. Determinadas estructuras de datos iSCSI no tienen restricciones de longitud o comprobaciones apropiadas y pueden exceder el valor PAGE_SIZE. • http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html https://bugzilla.suse.com/show_bug.cgi?id=1182715 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec98ea7070e94cc25a422ec97d1421e28d97b7ee https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f9dbdf97a5bd92b1a49cee3d591b55b11fd7a6d5 https://lists.debian.org/debian-lts-announce/2021/03&# • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •