CVSS: 8.6EPSS: 0%CPEs: 12EXPL: 0CVE-2022-2601 – grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass
https://notcve.org/view.php?id=CVE-2022-2601
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism. Se encontró un desbordamiento del búfer en grub_font_construct_glyph(). Una fuente pf2 manipulada maliciosamente puede provocar un desbordamiento al calcular el valor max_glyph_size, asignando un búfer más pequeño de lo necesario para el glifo, lo que además provoca un desbordamiento del búfer y una escritura fuera de los límites basada en el heap. • https://bugzilla.redhat.com/show_bug.cgi?id=2112975#c0 https://security.gentoo.org/glsa/202311-14 https://security.netapp.com/advisory/ntap-20230203-0004 https://access.redhat.com/security/cve/CVE-2022-2601 https://bugzilla.redhat.com/show_bug.cgi?id=2112975 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-3500 – keylime: exception handling and impedance match in tornado_requests
https://notcve.org/view.php?id=CVE-2022-3500
A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore. Se encontró una vulnerabilidad en keylime. Este problema de seguridad ocurre en algunas circunstancias, debido a algunas excepciones manejadas incorrectamente, existe la posibilidad de que un agente deshonesto pueda crear errores en el verificador que detuviera los intentos de atestación para ese host dejándolo en un estado atestado pero sin verificarlo más. A vulnerability was found in keylime. • https://access.redhat.com/security/cve/CVE-2022-3500 https://github.com/keylime/keylime/pull/1128 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z https://bugzilla.redhat.com/show_bug.cgi?id=2135343 • CWE-248: Uncaught Exception •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3787 – device-mapper-multipath: Regression of CVE-2022-41974 fix in Red Hat Enterprise Linux
https://notcve.org/view.php?id=CVE-2022-3787
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This issue occurs because an attacker can repeat a keyword, which is mishandled when arithmetic ADD is used instead of bitwise OR. This could lead to local privilege escalation to root. • https://bugzilla.redhat.com/show_bug.cgi?id=2138959 https://access.redhat.com/security/cve/CVE-2022-3787 • CWE-285: Improper Authorization •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-3821 – systemd: buffer overrun in format_timespan() function
https://notcve.org/view.php?id=CVE-2022-3821
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service. Se descubrió un problema de error de uno en uno en Systemd en la función format_timespan() de time-util.c. Un atacante podría proporcionar valores específicos de tiempo y precisión que provoquen una saturación del búfer en format_timespan(), lo que provocará una Denegación de Servicio (DoS). An off-by-one error flaw was found in systemd in the format_timespan() function of time-util.c. • https://bugzilla.redhat.com/show_bug.cgi?id=2139327 https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e https://github.com/systemd/systemd/issues/23928 https://github.com/systemd/systemd/pull/23933 https://lists.debian.org/debian-lts-announce/2023/06/msg00036.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P https://security.gentoo.org/glsa/202305-15 https://access.redhat.com/security/cve/CVE-2022- • CWE-193: Off-by-one Error •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-2963
https://notcve.org/view.php?id=CVE-2022-2963
A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can cause a crash or segmentation fault. Una vulnerabilidad encontrada en jasper. Esta vulnerabilidad de seguridad es producida debido a un fallo de filtrad de memoria en la función cmdopts_parse que puede causar un fallo o una falla de segmentación • https://access.redhat.com/security/cve/CVE-2022-2963 https://bugzilla.redhat.com/show_bug.cgi?id=2118587 https://github.com/jasper-software/jasper/issues/332 • CWE-401: Missing Release of Memory after Effective Lifetime •