CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2022-47518
https://notcve.org/view.php?id=CVE-2022-47518
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames. Se descubrió un problema en el kernel de Linux anterior a 6.0.11. La falta de validación del número de canales en drivers/net/wireless/microchip/wilc1000/cfg80211.c en el controlador inalámbrico WILC1000 puede provocar un desbordamiento de búfer de almacenamiento dinámico al copiar la lista de canales operativos desde marcos de administración de Wi-Fi. • https://github.com/torvalds/linux/commit/0cdfa9e6f0915e3d243e2393bfa8a22e12d553b0 https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lore.kernel.org/r/20221123153543.8568-5-philipturnbull%40github.com https://security.netapp.com/advisory/ntap-20230113-0007 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2022-47521
https://notcve.org/view.php?id=CVE-2022-47521
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi management frames. Se descubrió un problema en el kernel de Linux anterior a 6.0.11. La falta de validación de IEEE80211_P2P_ATTR_CHANNEL_LIST en drivers/net/wireless/microchip/wilc1000/cfg80211.c en el controlador inalámbrico WILC1000 puede desencadenar un desbordamiento de búfer de almacenamiento dinámico al analizar el atributo del canal operativo desde los marcos de administración de Wi-Fi. • https://github.com/torvalds/linux/commit/f9b62f9843c7b0afdaecabbcebf1dbba18599408 https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lore.kernel.org/r/20221123153543.8568-4-philipturnbull%40github.com https://security.netapp.com/advisory/ntap-20230113-0007 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2022-47520
https://notcve.org/view.php?id=CVE-2022-47520
An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. Se descubrió un problema en el kernel de Linux anterior a 6.0.11. La falta de validación de compensación en drivers/net/wireless/microchip/wilc1000/hif.c en el controlador inalámbrico WILC1000 puede desencadenar una lectura fuera de los límites al analizar un elemento de información Robust Security Network (RSN) de un paquete Netlink. • https://github.com/torvalds/linux/commit/cd21d99e595ec1d8721e1058dcdd4f1f7de1d793 https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lore.kernel.org/r/20221123153543.8568-2-philipturnbull%40github.com https://security.netapp.com/advisory/ntap-20230113-0007 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-42328
https://notcve.org/view.php?id=CVE-2022-42328
Guests can trigger deadlock in Linux netback driver T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The patch for XSA-392 introduced another issue which might result in a deadlock when trying to free the SKB of a packet dropped due to the XSA-392 handling (CVE-2022-42328). Additionally when dropping packages for other reasons the same deadlock could occur in case of netpoll being active for the interface the xen-netback driver is connected to (CVE-2022-42329). Los invitados pueden provocar un punto muerto en Linux netback driver T. Este registro de información CNA se relaciona con múltiples CVE; el texto explica qué aspectos/vulnerabilidades corresponden a cada CVE.] • http://www.openwall.com/lists/oss-security/2022/12/08/2 http://www.openwall.com/lists/oss-security/2022/12/08/3 http://www.openwall.com/lists/oss-security/2022/12/09/2 https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html https://xenbits.xenproject.org/xsa/advisory-424.txt • CWE-667: Improper Locking •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-3643
https://notcve.org/view.php?id=CVE-2022-3643
Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) assumption in the rest of the Linux network stack that packet protocol headers are all contained within the linear section of the SKB and some NICs behave badly if this is not the case. This has been reported to occur with Cisco (enic) and Broadcom NetXtrem II BCM5780 (bnx2x) though it may be an issue with other NICs/drivers as well. In case the frontend is sending requests with split headers, netback will forward those violating above mentioned assumption to the networking core, resulting in said misbehavior. • http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html http://www.openwall.com/lists/oss-security/2022/12/07/2 https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html https://xenbits.xenproject.org/xsa/advisory-423.txt • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •