CVE-2022-36879 – kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice
https://notcve.org/view.php?id=CVE-2022-36879
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. Se ha detectado un problema en el kernel de Linux versiones hasta 5.18.14. la función xfrm_expand_policies en el archivo net/xfrm/xfrm_policy.c puede causar que un refcount sea descartado dos veces A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). An error while resolving policies in xfrm_bundle_lookup causes the refcount to drop twice, leading to a possible crash and a denial of service. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f85daf0e725358be78dfd208dea5fd665d8cb901 https://github.com/torvalds/linux/commit/f85daf0e725358be78dfd208dea5fd665d8cb901 https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html https://security.netapp.com/advisory/ntap-20220901-0007 https://www.debian.org/security/2022/dsa-5207 https://access.redhat.com/security/cve/CVE-2022-36879 https://bugzilla.r • CWE-911: Improper Update of Reference Count •
CVE-2022-36946 – kernel: DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c
https://notcve.org/view.php?id=CVE-2022-36946
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. La función nfqnl_mangle en el archivo net/netfilter/nfnetlink_queue.c en el kernel de Linux versiones hasta 5.18.14, permite a atacantes remotos causar una denegación de servicio (pánico) porque, en el caso de un veredicto nf_queue con un atributo nfta_payload de un byte, un skb_pull puede encontrar un skb-)len negativo A memory corruption flaw was found in the Linux kernel’s Netfilter subsystem in the way a local user uses the libnetfilter_queue when analyzing a corrupted network packet. This flaw allows a local user to crash the system or a remote user to crash the system when the libnetfilter_queue is used by a local user. • https://github.com/Pwnzer0tt1/CVE-2022-36946 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99a63d36cb3ed5ca3aa6fcb64cffbeaf3b0fb164 https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html https://marc.info/?l=netfilter-devel&m=165883202007292&w=2 https://security.netapp.com/advisory/ntap-20220901-0007 https://www.debian.org/security/2022/dsa-5207 https://access.redhat.com/security/ •
CVE-2022-1973
https://notcve.org/view.php?id=CVE-2022-1973
A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem. Se encontró un defecto de uso de memoria previamente liberada en el kernel de Linux en la función log_replay en el archivo fs/ntfs3/fslog.c en el diario NTFS. Este fallo permite a un atacante local bloquear el sistema y conlleva a un problema de filtrado de información del kernel • https://bugzilla.redhat.com/show_bug.cgi?id=2092542 https://security.netapp.com/advisory/ntap-20230120-0001 • CWE-416: Use After Free •
CVE-2021-33655 – kernel: malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory
https://notcve.org/view.php?id=CVE-2021-33655
When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. Cuando son enviados datos maliciosos al kernel mediante ioctl cmd FBIOPUT_VSCREENINFO, el kernel escribirá memoria fuera de límites An out-of-bounds write flaw was found in the Linux kernel’s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system. • http://www.openwall.com/lists/oss-security/2022/07/19/2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=086ff84617185393a0bbf25830c4f36412a7d3f4 https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html https://www.debian.org/security/2022/dsa-5191 https://access.redhat.com/security/cve/CVE-2021-33655 https://bugzilla.redhat.com/show_bug.cgi?id=2108691 • CWE-787: Out-of-bounds Write •
CVE-2022-2380
https://notcve.org/view.php?id=CVE-2022-2380
The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel. En el kernel de Linux se encontró un acceso a memoria vulnerable fuera de límites en la función drivers/video/fbdev/sm712fb.c:smtcfb_read(). La vulnerabilidad podría resultar en que atacantes locales pudieran bloquear el kernel • https://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev.git/commit/?h=for-next&id=bd771cf5c4254511cc4abb88f3dab3bd58bdf8e8 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •