CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 1CVE-2019-19922 – kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications
https://notcve.org/view.php?id=CVE-2019-19922
kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.) El archivo kernel/sched/fair.c en el kernel de Linux versiones anteriores a 5.3.9, cuando la función cpu.cfs_quota_us es usada (por ejemplo, con Kubernetes), permite a atacantes causar una denegación de servicio contra aplicaciones no vinculadas a la CPU al generar una carga de trabajo que desencadena vencimiento de corte no deseado, también se conoce como CID-de53fd7aedb1. (En otras palabras, aunque esta caducidad de corte se vería típicamente con cargas de trabajo benignas, es posible que un atacante pueda calcular cuántas peticiones extraviadas se requieren para forzar a un clúster Kubernetes completo a un estado de bajo rendimiento causado por la caducidad de corte, y garantizar que un ataque DDoS envió esa cantidad de peticiones perdidas. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de53fd7aedb100f03e5d2231cfce0e4993282425 https://github.com/kubernetes/kubernetes/issues/67577 https://github.com/torvalds/linux/commit/de53fd7aedb100f03e5d2231cfce0e4993282425 https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://relistan.com/the-kernel-may-be-slowing-down-your-app https://security.netapp.com/advisory/ntap-20200204-0002 https:/& • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0CVE-2019-19920
https://notcve.org/view.php?id=CVE-2019-19920
sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval (rather than direct parsing and/or use of the taint feature). This issue is similar to CVE-2018-11805. sa-exim versión 4.2.1, permite a atacantes ejecutar código arbitrario si pueden escribir un archivo .cf o una regla. Esto se presenta porque el archivo Greylisting.pm se basa en eval (en lugar de análisis directo y/o uso de la funcionalidad taint). Este problema es similar a CVE-2018-11805. • https://bugs.debian.org/946829#24 https://lists.debian.org/debian-lts-announce/2020/01/msg00006.html https://marc.info/?l=spamassassin-users&m=157668107325768&w=2 https://marc.info/?l=spamassassin-users&m=157668305026635&w=2 https://usn.ubuntu.com/4520-1 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 80%CPEs: 28EXPL: 2CVE-2019-17571 – log4j: deserialization of untrusted data in SocketServer
https://notcve.org/view.php?id=CVE-2019-17571
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. Incluido en Log4j versión 1.2 existe una clase SocketServer que es vulnerable a la deserialización de datos no confiables, que pueden ser explotada para ejecutar código arbitrario remotamente cuando se combina con un dispositivo de deserialización al escuchar el tráfico de red no confiable para datos de registro. Esto afecta a Log4j versiones desde 1.2 hasta 1.2.17. A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. • https://github.com/shadow-horse/CVE-2019-17571 https://github.com/Al1ex/CVE-2019-17571 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00022.html https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E https://lists.apache& • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2012-6111
https://notcve.org/view.php?id=CVE-2012-6111
gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function gnome-keyring no descarta los secretos almacenados cuando se usa la función gnome_keyring_lock_all_sync. • http://www.openwall.com/lists/oss-security/2013/01/17/4 https://access.redhat.com/security/cve/cve-2012-6111 https://bugzilla.gnome.org/show_bug.cgi?id=690466 https://security-tracker.debian.org/tracker/CVE-2012-6111 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2012-5639
https://notcve.org/view.php?id=CVE-2012-5639
LibreOffice and OpenOffice automatically open embedded content LibreOffice y OpenOffice abren automáticamente el contenido insertado. • http://www.openwall.com/lists/oss-security/2012/12/14/1 http://www.openwall.com/lists/oss-security/2023/12/28/6 http://www.openwall.com/lists/oss-security/2024/01/03/6 http://www.openwall.com/lists/oss-security/2024/01/03/7 https://access.redhat.com/security/cve/cve-2012-5639 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5639 https://lists.apache.org/thread.html/r253f92d0e6511d07a79774002e1d9db1d20b24bff27914a5adb14ccb%40%3Cissues.openoffice.apache.org%3E https://sec • CWE-668: Exposure of Resource to Wrong Sphere •