CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-36351 – hw: intel: Improper input validation in some Intel(R) PROSet/Wireless WiFi
https://notcve.org/view.php?id=CVE-2022-36351
Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access. La validación de entrada incorrecta en algunos programas Intel(R) PROSet/Wireless WiFi y Killer(TM) WiFi puede permitir que un usuario no autenticado habilite potencialmente la denegación de servicio a través del acceso adyacente. An improper input validation flaw was found in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software that may allow an unauthenticated user to enable a denial of service via adjacent access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY https://access& • CWE-20: Improper Input Validation •
CVSS: 7.9EPSS: 0%CPEs: 19EXPL: 0CVE-2022-40964 – hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi
https://notcve.org/view.php?id=CVE-2022-40964
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. Un control de acceso inadecuado para algunos programas Intel(R) PROSet/Wireless WiFi y Killer(TM) WiFi puede permitir que un usuario con privilegios habilite potencialmente una escalada de privilegios mediante acceso local. An improper access control flaw was found in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software that may allow a privileged user to enable escalation of privilege via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY https://access& • CWE-284: Improper Access Control •
CVSS: 8.2EPSS: 0%CPEs: 8EXPL: 0CVE-2022-46329 – hw: intel: Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi
https://notcve.org/view.php?id=CVE-2022-46329
Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. Un fallo en el mecanismo de protección de algunos software de Intel(R) PROSet/Wireless WiFi puede permitir que un usuario con privilegios habilite potencialmente una escalada de privilegios mediante acceso local. Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to enable escalation of privilege via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY https://access& • CWE-693: Protection Mechanism Failure •
CVSS: 8.2EPSS: 0%CPEs: 19EXPL: 0CVE-2022-27635 – hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi
https://notcve.org/view.php?id=CVE-2022-27635
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. Un control de acceso inadecuado para algunos programas Intel(R) PROSet/Wireless WiFi y Killer(TM) WiFi puede permitir que un usuario con privilegios habilite potencialmente una escalada de privilegios mediante acceso local. Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to enable escalation of privilege via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY https://access& • CWE-284: Improper Access Control •
CVSS: 6.7EPSS: 0%CPEs: 18EXPL: 1CVE-2023-4273 – Kernel: exfat: stack overflow in exfat_get_uniname_from_ext_entry
https://notcve.org/view.php?id=CVE-2023-4273
A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack. Se ha encontrado un fallo en el controlador exFAT del núcleo de Linux. La vulnerabilidad se encuentra en la implementación de la función de reconstrucción de nombres de archivo, que se encarga de leer entradas de nombres de archivo de un índice de directorio y fusionar partes de nombres de archivo pertenecientes a un archivo en un único nombre de archivo largo. • https://access.redhat.com/errata/RHSA-2023:6583 https://access.redhat.com/security/cve/CVE-2023-4273 https://bugzilla.redhat.com/show_bug.cgi?id=2221609 https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorapr • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •