CVE-2021-3773 – kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients
https://notcve.org/view.php?id=CVE-2021-3773
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. Un fallo en netfilter podría permitir a un atacante conectado a la red inferir información del endpoint de la conexión openvpn para su posterior uso en ataques de red tradicionales • https://github.com/d0rb/CVE-2021-3773 https://bugzilla.redhat.com/show_bug.cgi?id=2004949 https://www.oracle.com/security-alerts/cpujul2022.html https://citizenlab.ca/2024/07/vulnerabilities-in-vpns-paper-presented-at-the-privacy-enhancing-technologies-symposium-2024 https://access.redhat.com/security/cve/CVE-2021-3773 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2022-0617 – kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback
https://notcve.org/view.php?id=CVE-2022-0617
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. Se encontró un fallo de desreferencia de puntero null en la funcionalidad UDF file system del kernel de Linux en la forma en que el usuario desencadena la función udf_file_write_iter para la imagen UDF maliciosa. Un usuario local podría usar este fallo para bloquear el sistema. • http://www.openwall.com/lists/oss-security/2022/04/13/2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7fc3b7c2981bbd1047916ade327beccb90994eee https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ea8569194b43f0f01f0a84c689388542c7254a1f https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://lore.kernel.org/lkml/20220114172329.ygzry5rlz64ua2nr%40quack3.lan/T h • CWE-476: NULL Pointer Dereference •
CVE-2022-25258
https://notcve.org/view.php?id=CVE-2022-25258
An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur. Se ha descubierto un problema en drivers/usb/gadget/composite.c en el kernel de Linux anterior a la versión 5.16.10. El subsistema USB Gadget carece de cierta validación de las solicitudes de descriptor del SO de la interfaz (las que tienen un índice de matriz grande y las asociadas a la recuperación de punteros de función NULL). • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10 https://github.com/szymonh/d-os-descriptor https://github.com/torvalds/linux/commit/75e5b4849b81e19e9efe1654b30d7f3151c33c2c https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCW2KZYJ2H6BKZE3CVLHRIXYDGNYYC5P https://security.netapp.com/advisory/ntap-20221028-0007 https:/ • CWE-476: NULL Pointer Dereference •
CVE-2021-44879
https://notcve.org/view.php?id=CVE-2021-44879
In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference. En la función gc_data_segment en el archivo fs/f2fs/gc.c en el kernel de Linux versiones anteriores a 5.16.3, no son considerados los archivos especiales, conllevando a una desreferencia de puntero NULL de move_data_page • https://bugzilla.kernel.org/show_bug.cgi?id=215231 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9056d6489f5a41cfbb67f719d2c0ce61ead72d9f https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html https://lore.kernel.org/linux-f2fs-devel/20211206144421.3735-3-chao%40kernel.org/T • CWE-476: NULL Pointer Dereference •
CVE-2021-45402
https://notcve.org/view.php?id=CVE-2021-45402
The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak." La función check_alu_op() en el archivo kernel/bpf/verifier.c en el kernel de Linux versiones hasta v5.16-rc5, no actualizaba correctamente los límites mientras manejaba la instrucción mov32, que permite a usuarios locales obtener información de direcciones potencialmente confidencial, también se conoce como "pointer leak." • https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=3cf2b61eb06765e27fec6799292d9fb46d0b7e60 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=b1a7288dedc6caf9023f2676b4f5ed34cf0d4029 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=e572ff80f05c33cd0cb4860f864f5c9c044280b6 • CWE-668: Exposure of Resource to Wrong Sphere •