CVE-2021-3772 – kernel: sctp: Invalid chunks may be used to remotely remove existing associations
https://notcve.org/view.php?id=CVE-2021-3772
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses. Se ha encontrado un fallo en la pila SCTP de Linux. Un atacante ciego puede ser capaz de matar una asociación SCTP existente mediante trozos no válidos si el atacante conoce las direcciones IP y los números de puerto que están siendo usados y el atacante puede enviar paquetes con direcciones IP falsas • https://bugzilla.redhat.com/show_bug.cgi?id=2000694 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://security.netapp.com/advisory/ntap-20221007-0001 https://ubuntu.com/security/CVE-2021-3772 https://www.debian.org/security/2022/dsa-5096 https://www.oracle.com/security-alerts/cp • CWE-354: Improper Validation of Integrity Check Value •
CVE-2021-43527 – nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS)
https://notcve.org/view.php?id=CVE-2021-43527
NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS < 3.73 and NSS < 3.68.1. • https://bugzilla.mozilla.org/show_bug.cgi?id=1737470 https://cert-portal.siemens.com/productcert/pdf/ssa-594438.pdf https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_68_1_RTM https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_73_RTM https://security.gentoo.org/glsa/202212-05 https://security.netapp.com/advisory/ntap-20211229-0002 https://www.mozilla.org/security/advisories/mfsa2021-51 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.starwindsoftw • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVE-2021-43976 – kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device
https://notcve.org/view.php?id=CVE-2021-43976
In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). En el kernel de Linux versiones hasta 5.15.2, la función mwifiex_usb_recv en el archivo drivers/net/wireless/marvell/mwifiex/usb.c permite a un atacante (que puede conectar un dispositivo USB diseñado) causar una denegación de servicio (skb_over_panic) A denial of service flaw was found in mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c in the usb subsystem of the Linux kernel. This is due to a missing clean-up for a malfunctioning usb device with an unknown recv_type. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04d80663f67ccef893061b49ec8a42ff7045ae84 https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X24M7KDC4OJOZNS3RDSYC7ELNELOLQ2N https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YODMYMGZYDXQKGJGX7TJG4XV4L5YLLBD https://patchwork.kernel.org/projec • CWE-459: Incomplete Cleanup •
CVE-2021-3744 – kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
https://notcve.org/view.php?id=CVE-2021-3744
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808. Se ha encontrado un fallo de pérdida de memoria en el kernel de Linux en la función ccp_run_aes_gcm_cmd() en el archivo drivers/crypto/ccp/ccp-ops.c, que permite a atacantes causar una denegación de servicio (consumo de memoria). Esta vulnerabilidad es similar a la anterior CVE-2019-18808 A flaw was found in the Linux kernel. A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service. • http://www.openwall.com/lists/oss-security/2021/09/14/1 https://bugzilla.redhat.com/show_bug.cgi?id=2000627 https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680 https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0 https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM https: • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2021-43389 – kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c
https://notcve.org/view.php?id=CVE-2021-43389
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. Se ha detectado un problema en el kernel de Linux versiones anteriores a 5.14.15. Se presenta un fallo de índice de matriz fuera de límites en la función detach_capi_ctr en el archivo drivers/isdn/capi/kcapi.c An improper validation of an array index and out of bounds memory read in the Linux kernel's Integrated Services Digital Network (ISDN) functionality was found in the way users call ioctl CMTPCONNADD. A local user could use this flaw to crash the system or starve the resources causing denial of service. • http://www.openwall.com/lists/oss-security/2021/11/05/1 https://bugzilla.redhat.com/show_bug.cgi?id=2013180 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48 • CWE-125: Out-of-bounds Read •