CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 2CVE-2022-1016 – kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM
https://notcve.org/view.php?id=CVE-2022-1016
A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. Se ha encontrado un fallo en el kernel de Linux en el archivo net/netfilter/nf_tables_core.c:nft_do_chain, que puede causar un uso de memoria previamente liberada. Este problema necesita manejar "return" con las precondiciones apropiadas, ya que puede conllevar a un problema de filtrado de información del kernel causado por un atacante local no privilegiado • http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016 https://access.redhat.com/security/cve/CVE-2022-1016 https://bugzilla.redhat.com/show_bug.cgi?id=2066614 https://seclists.org/oss-sec/2022/q1/205 • CWE-824: Access of Uninitialized Pointer CWE-909: Missing Initialization of Resource •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 2CVE-2022-25308 – fribidi: Stack based buffer overflow
https://notcve.org/view.php?id=CVE-2022-25308
A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service. Se ha encontrado un fallo de desbordamiento del búfer en la región stack de la memoria en el paquete Fribidi. Este fallo permite a un atacante pasar un archivo especialmente diseñado a la aplicación Fribidi, lo que conlleva a una posible pérdida de memoria o una denegación de servicio. • https://access.redhat.com/security/cve/CVE-2022-25308 https://bugzilla.redhat.com/show_bug.cgi?id=2047890 https://github.com/fribidi/fribidi/issues/181 https://github.com/fribidi/fribidi/pull/184 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2022-25310 – fribidi: SEGV in fribidi_remove_bidi_marks
https://notcve.org/view.php?id=CVE-2022-25310
A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service. Se ha encontrado un fallo de segmentación (SEGV) en el paquete Fribidi que afecta a la función fribidi_remove_bidi_marks() del archivo lib/fribidi.c. Este fallo permite a un atacante pasar un archivo especialmente diseñado a Fribidi, conllevando a un bloqueo y causando una denegación de servicio. • https://access.redhat.com/security/cve/CVE-2022-25310 https://bugzilla.redhat.com/show_bug.cgi?id=2047923 https://github.com/fribidi/fribidi/issues/183 https://github.com/fribidi/fribidi/pull/186 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2022-25309 – fribidi: Heap-buffer-overflow in fribidi_cap_rtl_to_unicode
https://notcve.org/view.php?id=CVE-2022-25309
A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and causing a denial of service. Se ha encontrado un fallo de desbordamiento de búfer en la región heap de la memoria en el paquete Fribidi y afecta a la función fribidi_cap_rtl_to_unicode() del archivo fribidi-char-sets-cap-rtl.c. Este fallo permite a un atacante pasar un archivo especialmente diseñado a la aplicación Fribidi con la opción "--caprtl", conllevando a un bloqueo y causando una denegación de servicio. • https://access.redhat.com/security/cve/CVE-2022-25309 https://bugzilla.redhat.com/show_bug.cgi?id=2047896 https://github.com/fribidi/fribidi/commit/f22593b82b5d1668d1997dbccd10a9c31ffea3b3 https://github.com/fribidi/fribidi/issues/182 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2022-27649 – podman: Default inheritable capabilities for linux container should be empty
https://notcve.org/view.php?id=CVE-2022-27649
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. Se ha encontrado un fallo en Podman, donde los contenedores eran iniciados incorrectamente con permisos por defecto no vacíos. Se ha encontrado una vulnerabilidad en Moby (Docker Engine), donde los contenedores eran iniciados incorrectamente con capacidades de proceso Linux heredables no vacías. • https://bugzilla.redhat.com/show_bug.cgi?id=2066568 https://github.com/containers/podman/commit/aafa80918a245edcbdaceb1191d749570f1872d0 https://github.com/containers/podman/security/advisories/GHSA-qvf8-p83w-v58j https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org&#x • CWE-276: Incorrect Default Permissions •