CVE-2020-25643 – kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow
https://notcve.org/view.php?id=CVE-2020-25643
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo de corrupción de la memoria en el kernel de Linux en versiones anteriores a 5.9-rc7, en el módulo HDLC_PPP en la manera en que recibe paquetes malformados por el protocolo PPP. Un usuario remoto podría usar este fallo para bloquear el sistema o causar una denegación de servicio A flaw was found in the HDLC_PPP module of the Linux kernel. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00042.html https://bugzilla.redhat.com/show_bug.cgi?id=1879981 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=66d42ed8b25b64eb63111a2b8582c5afc8bf1105 https://lists.debian.org/debian-lts-announce/2020/10/msg00028.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/ • CWE-20: Improper Input Validation •
CVE-2020-26541 – kernel: security bypass in certs/blacklist.c and certs/system_keyring.c
https://notcve.org/view.php?id=CVE-2020-26541
The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c. El kernel de Linux versiones hasta 5.8.13, no aplica apropiadamente el mecanismo de protección Secure Boot Forbidden Signature Database (también se conoce como dbx). Esto afecta a los archivos certs/blacklist.c y certs/system_keyring.c A flaw was found in the Linux kernel in certs/blacklist.c, When signature entries for EFI_CERT_X509_GUID are contained in the Secure Boot Forbidden Signature Database, the entries are skipped. This can cause a security threat and breach system integrity, confidentiality and even lead to a denial of service problem. • https://lkml.org/lkml/2020/9/15/1871 https://access.redhat.com/security/cve/CVE-2020-26541 https://bugzilla.redhat.com/show_bug.cgi?id=1886285 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2020-26088
https://notcve.org/view.php?id=CVE-2020-26088
A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a. Una falta de comprobación de CAP_NET_RAW en la creación de sockets NFC en el archivo net/nfc/rawsock.c en el Kernel de Linux versiones anteriores a 5.8.2, podría ser usada por unos atacantes locales para crear sockets sin procesar, omitiendo los mecanismos de seguridad, también se conoce como CID-26896f01467a. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.2 https://github.com/torvalds/linux/commit/26896f01467a28651f7a536143fe5ac8449d4041 https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html https: • CWE-276: Incorrect Default Permissions •
CVE-2020-14390
https://notcve.org/view.php?id=CVE-2020-14390
A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. Se encontró un fallo en el kernel de Linux en las versiones anteriores a 5.9-rc6. Cuando se cambia el tamaño de la pantalla, puede ocurrir una escritura de memoria fuera de límites conllevando a una corrupción de la memoria o una denegación de servicio.La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html https://bugzilla.redhat.com/show_bug.cgi?id=1876788 https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html • CWE-787: Out-of-bounds Write •
CVE-2020-14385 – kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt
https://notcve.org/view.php?id=CVE-2020-14385
A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, or otherwise rendered inaccessible until it is remounted, leading to a denial of service. The highest threat from this vulnerability is to system availability. Se encontró un fallo en el kernel de Linux versiones anteriores a 5.9-rc4. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14385 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f4020438fab05364018c91f7e02ebdd192085933 https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html https://usn.ubuntu.com/4576-1 https://access.redhat.com/security/cve/CVE-2020-14385 https://bugzilla.redhat.com/show_bug.cgi?id=1874800 • CWE-131: Incorrect Calculation of Buffer Size •