CVE-2020-35680
https://notcve.org/view.php?id=CVE-2020-35680
smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted pattern of client activity, because the filter state machine does not properly maintain the I/O channel between the SMTP engine and the filters layer. El archivo smtpd/lka_filter.c en OpenSMTPD versiones anteriores a 6.8.0p1, en determinadas configuraciones, permite a atacantes remotos causar una denegación de servicio (desreferencia del puntero NULL y fallo del demonio) por medio de un patrón diseñado de actividad del cliente, porque la máquina de estado del filtro no mantiene apropiadamente el canal de I/O entre el motor SMTP y la capa de filtros • https://github.com/openbsd/src/commit/6c3220444ed06b5796dedfd53a0f4becd903c0d1 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LKTFBQCHGMVPR4IZWHQIYAPM5J3LN3J https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYAYXRV2DM5K4RU7RHCDZSA2UF6VCTRC https://poolp.org/posts/2020-12-24/december-2020-opensmtpd-6.8.0p1-released-fixed-several-bugs-proposed-several-diffs-book-is-on-github https://security.gentoo.org/glsa/202105-12 https://www.mail-archive.com • CWE-476: NULL Pointer Dereference •
CVE-2020-27846 – crewjam/saml: authentication bypass in saml authentication
https://notcve.org/view.php?id=CVE-2020-27846
A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se presenta una vulnerabilidad de verificación de firmas en crewjam/saml. Este fallo permite a un atacante omitir la autenticación SAML. • https://bugzilla.redhat.com/show_bug.cgi?id=1907670 https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9 https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YUTKIRWT6TWU7DS6GF3EOANVQBFQZYI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICP3YRY2VUCNCF2VFUSK77ZMRIC77FEM https://mattermos • CWE-115: Misinterpretation of Input •
CVE-2020-35381
https://notcve.org/view.php?id=CVE-2020-35381
jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a GET call. jsonparser versión 1.0.0, permite a atacantes causar una denegación de servicio (pánico: error de tiempo de ejecución: límites de corte fuera de rango) por medio de una llamada GET • https://github.com/buger/jsonparser/issues/219 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27EA7OGCELV7QFAGVIHODHWKMKGFVIUZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LJO5N7YTDEUSTKYTNA372CE6VHCZJWUG •
CVE-2020-29486
https://notcve.org/view.php?id=CVE-2020-29486
An issue was discovered in Xen through 4.14.x. Nodes in xenstore have an ownership. In oxenstored, a owner could give a node away. However, node ownership has quota implications. Any guest can run another guest out of quota, or create an unbounded number of nodes owned by dom0, thus running xenstored out of memory A malicious guest administrator can cause a denial of service against a specific guest or against the whole host. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2C6M6S3CIMEBACH6O7V4H2VDANMO6TVA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBLV6L6Q24PPQ2CRFXDX4Q76KU776GKI https://security.gentoo.org/glsa/202107-30 https://www.debian.org/security/2020/dsa-4812 https://xenbits.xenproject.org/xsa/advisory-352.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2020-29481
https://notcve.org/view.php?id=CVE-2020-29481
An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to Xenstore nodes from the previous domain(s) with the same domid. Because all Xenstore entries of a guest below /local/domain/<domid> are being deleted by Xen tools when a guest is destroyed, only Xenstore entries of other guests still running are affected. • http://www.openwall.com/lists/oss-security/2020/12/16/3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2C6M6S3CIMEBACH6O7V4H2VDANMO6TVA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBLV6L6Q24PPQ2CRFXDX4Q76KU776GKI https://www.debian.org/security/2020/dsa-4812 https://xenbits.xenproject.org/xsa/advisory-322.html • CWE-269: Improper Privilege Management •