CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-0322 – kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c
https://notcve.org/view.php?id=CVE-2022-0322
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS). Se ha encontrado un fallo en la función sctp_make_strreset_req en el archivo net/sctp/sm_make_chunk.c en el protocolo de red SCTP en el kernel de Linux con un acceso de privilegio de usuario local. En este fallo, un intento de usar más búfer del asignado desencadena un problema BUG_ON, conllevando a una denegación de servicio (DOS) • https://bugzilla.redhat.com/show_bug.cgi?id=2042822 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-0322 • CWE-681: Incorrect Conversion between Numeric Types CWE-704: Incorrect Type Conversion or Cast •
CVSS: 8.0EPSS: 0%CPEs: 26EXPL: 0CVE-2021-4157 – kernel: Buffer overwrite in decode_nfs_fh function
https://notcve.org/view.php?id=CVE-2021-4157
An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system. Se encontró un fallo de escritura fuera de los límites de la memoria (1 o 2 bytes de memoria) en el subsistema NFS del kernel de Linux en la forma en que los usuarios usan el mirroring (replicación de archivos con NFS). Un usuario, que tenga acceso al montaje NFS, podría potencialmente usar este fallo para bloquear el sistema o escalar privilegios en el sistema • https://bugzilla.redhat.com/show_bug.cgi?id=2034342 https://lore.kernel.org/lkml/20210517140244.822185482%40linuxfoundation.org https://security.netapp.com/advisory/ntap-20220602-0007 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2021-4157 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 27EXPL: 1CVE-2021-4203 – kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses
https://notcve.org/view.php?id=CVE-2021-4203
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. Se ha encontrado un fallo de lectura de uso de memoria previamente liberada en la función sock_getsockopt() en el archivo net/core/sock.c debido a la carrera de SO_PEERCRED y SO_PEERGROUPS con listen() (y connect()) en el kernel de Linux. En este fallo, un atacante con privilegios de usuario puede bloquear el sistema o filtrar información interna del kernel A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. • https://bugs.chromium.org/p/project-zero/issues/detail?id=2230&can=7&q=modified-after%3Atoday-30&sort=-modified&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve&cells=tiles&redir=1 https://bugzilla.redhat.com/show_bug.cgi?id=2036934 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814 https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet%40gmail.com/T https://security.netapp.com/advisory/ntap-20221111-0003 https:&# • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 2CVE-2021-4150
https://notcve.org/view.php?id=CVE-2021-4150
A use-after-free flaw was found in the add_partition in block/partitions/core.c in the Linux kernel. A local attacker with user privileges could cause a denial of service on the system. The issue results from the lack of code cleanup when device_add call fails when adding a partition to the disk. Se ha encontrado un fallo de uso de memoria previamente liberada en la función add_partition en el archivo block/partitions/core.c en el kernel de Linux. Un atacante local con privilegios de usuario podría causar una denegación de servicio en el sistema. • https://bugzilla.redhat.com/show_bug.cgi?id=2025938 https://lkml.org/lkml/2021/10/18/485 https://lkml.org/lkml/2021/9/6/781 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 2CVE-2021-4149
https://notcve.org/view.php?id=CVE-2021-4149
A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denial of service (DOS) due to a deadlock problem. Se encontró una vulnerabilidad en la función btrfs_alloc_tree_b en el archivo fs/btrfs/extent-tree.c en el kernel de Linux debido a una operación de bloqueo inapropiada en btrfs. En este fallo, un usuario con privilegio local puede causar una denegación de servicio (DOS) debido a un problema de bloqueo • https://bugzilla.redhat.com/show_bug.cgi?id=2026485 https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://lkml.org/lkml/2021/10/18/885 https://lkml.org/lkml/2021/9/13/2565 • CWE-667: Improper Locking •