CVSS: 4.9EPSS: 0%CPEs: 9EXPL: 0CVE-2022-0494 – kernel: information leak in scsi_ioctl()
https://notcve.org/view.php?id=CVE-2022-0494
A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality. Se ha identificado un fallo de filtrado de información del kernel en la función scsi_ioctl en el archivo drivers/scsi/scsi_ioctl.c en el kernel de Linux. este fallo permite a un atacante local con un privilegio de usuario especial (CAP_SYS_ADMIN o CAP_SYS_RAWIO) crear problemas de confidencialidad • https://bugzilla.redhat.com/show_bug.cgi?id=2039448 https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://lore.kernel.org/all/20220216084038.15635-1-tcs.kernel%40gmail.com https://www.debian.org/security/2022/dsa-5161 https://www.debian.org/security/2022/dsa-5173 https://access.redhat.com/security/cve/CVE-2022-0494 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 1CVE-2022-0854 – kernel: swiotlb information leak with DMA_FROM_DEVICE
https://notcve.org/view.php?id=CVE-2022-0854
A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space. Se ha encontrado un fallo de pérdida de memoria en el subsistema DMA del kernel de Linux, en la forma en que un usuario llama a DMA_FROM_DEVICE. Este fallo permite a un usuario local leer memoria aleatoria del espacio del kernel • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/kernel/dma/swiotlb.c?h=v5.17-rc8&id=aa6f8dcbab473f3a3c7454b74caa46d36cdc5d13 https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://www.debian.org/security/2022/dsa-5161 https://www.debian.org/security/2022/dsa-5173 https://access.redhat.com/security/cve/CVE-2022-0854 https://bugzilla.redhat.com/show_bug.cgi?id=2058395 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 1CVE-2022-27666 – kernel: buffer overflow in IPsec ESP transformation code
https://notcve.org/view.php?id=CVE-2022-27666
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. Se ha encontrado un fallo de desbordamiento del búfer de la pila en el código de transformación de IPsec ESP en net/ipv4/esp4.c y net/ipv6/esp6.c. Este fallo permite a un atacante local con un privilegio de usuario normal sobrescribir los objetos de la pila del núcleo y puede causar una amenaza de escalada de privilegios local • https://github.com/plummm/CVE-2022-27666 https://bugzilla.redhat.com/show_bug.cgi?id=2061633 https://github.com/torvalds/linux/commit/ebe48d368e97d007bfeb76fcb065d6cfc4c96645 https://security.netapp.com/advisory/ntap-20220429-0001 https://www.debian.org/security/2022/dsa-5127 https://www.debian.org/security/2022/dsa-5173 https://access.redhat.com/security/cve/CVE-2022-27666 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 0%CPEs: 34EXPL: 0CVE-2022-0742 – Memory leak in ICMP6 in Linux Kernel
https://notcve.org/view.php?id=CVE-2022-0742
Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc. Una pérdida de memoria en la implementación de icmp6 en el Kernel de Linux versión 5.13+, permite a un atacante remoto hacer DoS a un host haciendo que salga de la memoria por medio de paquetes icmp6 de tipo 130 o 131. Recomendamos actualizar el commit 2d3916f3189172d5c69d33065c3c21119fe539fc • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2d3916f3189172d5c69d33065c3c21119fe539fc https://security.netapp.com/advisory/ntap-20220425-0001 https://www.openwall.com/lists/oss-security/2022/03/15/3 • CWE-275: Permission Issues CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 54EXPL: 1CVE-2022-1011 – kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes
https://notcve.org/view.php?id=CVE-2022-1011
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. Se ha encontrado un fallo de uso después de libre en el sistema de archivos FUSE del kernel de Linux en la forma en que un usuario activa write(). Este defecto permite a un usuario local obtener acceso no autorizado a los datos del sistema de archivos FUSE, lo que resulta en una escalada de privilegios Linux suffers from a vulnerability where FUSE allows use-after-free reads of write() buffers, allowing theft of (partial) /etc/shadow hashes. • https://github.com/xkaneiki/CVE-2022-1011 https://bugzilla.redhat.com/show_bug.cgi?id=2064855 https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://www.debian.org/security/2022/dsa-5173 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-1011 • CWE-416: Use After Free •