CVE-2022-27776 – curl: auth/cookie leak on redirect
https://notcve.org/view.php?id=CVE-2022-27776
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number. Una vulnerabilidad de credenciales insuficientemente protegidas fijada en curl versión 7.83.0, podría filtrar datos de autenticación o de encabezados de cookies en redireccionamientos HTTP al mismo host pero con otro número de puerto A vulnerability was found in curl. This security flaw allows leak authentication or cookie header data on HTTP redirects to the same host but another port number. Sending the same set of headers to a server on a different port number is a problem for applications that pass on custom `Authorization:` or `Cookie:`headers. Those headers often contain privacy-sensitive information or data. • https://hackerone.com/reports/1547048 https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B https://security.gentoo.org/glsa/202212-01 https://security.netapp.com/advisory/ntap-20220609-0008 https://www.debian.org/security/2022/dsa-5197 https://access.redh • CWE-522: Insufficiently Protected Credentials •
CVE-2022-1678
https://notcve.org/view.php?id=CVE-2022-1678
An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients. Se ha detectado un problema en el Kernel de Linux de la 4.18 a 4.19, una actualización inapropiada de la referencia sock en el paso TCP puede conllevar a una pérdida de memoria/netns, que puede ser usada por clientes remotos • https://anas.openanolis.cn/cves/detail/CVE-2022-1678 https://anas.openanolis.cn/errata/detail/ANSA-2022:0143 https://bugzilla.openanolis.cn/show_bug.cgi?id=61 https://gitee.com/anolis/cloud-kernel/commit/bed537da691b https://github.com/torvalds/linux/commit/0a70f118475e037732557796accd0878a00fc25a https://lore.kernel.org/all/20200602080425.93712-1-kerneljasonxing%40gmail.com https://security.netapp.com/advisory/ntap-20220715-0001 • CWE-911: Improper Update of Reference Count •
CVE-2022-1587 – pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c
https://notcve.org/view.php?id=CVE-2022-1587
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers. Se ha detectado una vulnerabilidad de lectura fuera de límites en la biblioteca PCRE2 en la función get_recurse_data_length() del archivo pcre2_jit_compile.c. Este problema afecta a las recursiones en expresiones regulares compiladas en JIT causadas por transferencias de datos duplicadas • https://bugzilla.redhat.com/show_bug.cgi?id=2077983%2C https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0 https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/ • CWE-125: Out-of-bounds Read •
CVE-2022-1586 – pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c
https://notcve.org/view.php?id=CVE-2022-1586
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT. Se ha detectado una vulnerabilidad de lectura fuera de límites en la biblioteca PCRE2 en la función compile_xclass_matchingpath() del archivo pcre2_jit_compile.c. Esto implica un problema de coincidencia de propiedades unicode en expresiones regulares compiladas en JIT. • https://bugzilla.redhat.com/show_bug.cgi?id=2077976%2C https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a%2C https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ https: • CWE-125: Out-of-bounds Read •
CVE-2022-30594 – kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option
https://notcve.org/view.php?id=CVE-2022-30594
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. El kernel de Linux versiones anteriores a 5.17.2, maneja inapropiadamente los permisos de seccomp. La ruta de código PTRACE_SEIZE permite a atacantes omitir las restricciones previstas al establecer el flag PT_SUSPEND_SECCOMP A flaw was found in the Linux kernel. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag, possibly disabling seccomp. • http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html http://packetstormsecurity.com/files/170362/Linux-PT_SUSPEND_SECCOMP-Permission-Bypass-Ptracer-Death-Race.html https://bugs.chromium.org/p/project-zero/issues/detail?id=2276 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3 https://github.com/torvalds/linux/commit/ee1fee900537b5d9560e9f937402de • CWE-276: Incorrect Default Permissions CWE-862: Missing Authorization •