Page 7 of 63 results (0.012 seconds)

CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 1

Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. Una vulnerabilidad de actualización inapropiada del recuento de referencias en net/sched del Kernel de Linux permite a un atacante local causar una escalada de privilegios a root. Este problema afecta a: Las versiones del Kernel de Linux anteriores a 5.18; la versión 4.14 y posteriores A use-after-free flaw was found in u32_change in net/sched/cls_u32.c in the network subcomponent of the Linux kernel. This flaw allows a local attacker to crash the system, cause a privilege escalation, and leak kernel information. • http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html http://packetstormsecurity.com/files/168191/Kernel-Live-Patch-Security-Notice-LSN-0089-1.html http://www.openwall.com/lists/oss-security/2022/05/18/2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3db09e762dc79584a69c10d74a6b98f89a9979f8 https://kernel.dance/#3db09e762dc79584a69c10d74a6b98f89a9979f8 https://security.netapp.com/advisory/ntap-20220629-0005 https://www.debian.org/security • CWE-416: Use After Free CWE-911: Improper Update of Reference Count •

CVSS: 6.5EPSS: 0%CPEs: 21EXPL: 0

A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash. Se ha encontrado un fallo de uso de memoria previamente liberada en libvirt. • https://access.redhat.com/security/cve/CVE-2021-3975 https://bugzilla.redhat.com/show_bug.cgi?id=2024326 https://github.com/libvirt/libvirt/commit/1ac703a7d0789e46833f4013a3876c2e3af18ec7 https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html https://security.netapp.com/advisory/ntap-20221201-0002 https://ubuntu.com/security/CVE-2021-3975 • CWE-416: Use After Free •

CVSS: 8.6EPSS: 0%CPEs: 27EXPL: 2

A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 se presenta un uso de memoria previamente liberada en el Kernel de Linux en la función tc_new_tfilter que podría permitir a un atacante local alcanzar una escalada de privilegios. La explotación requiere espacios de nombres de usuarios no privilegiados. Recomendamos actualizar el commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 A use-after-free vulnerability was found in the tc_new_tfilter function in net/sched/cls_api.c in the Linux kernel. • http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 https://kernel.dance/#04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 https://security.netapp.com/advisory/ntap-20220506-0007 https://syzkaller.appspot.com/bug?id=2212474c958978ab86525fe6832ac8102c309ffc https://access.redhat.com/security/cve/CVE-2022-1055 https://bugzilla.redhat.com/show_bug.cgi?id=2070220 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 9%CPEs: 50EXPL: 5

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly. Se ha encontrado una vulnerabilidad en la función cgroup_release_agent_write en el archivo kernel/cgroup/cgroup-v1.c del kernel de Linux. Este fallo, bajo determinadas circunstancias, permite el uso de la función cgroups v1 release_agent para escalar privilegios y saltarse el aislamiento del espacio de nombres de forma no esperada • https://github.com/chenaotian/CVE-2022-0492 https://github.com/SofianeHamlaoui/CVE-2022-0492-Checker https://github.com/yoeelingBin/CVE-2022-0492-Container-Escape https://github.com/T1erno/CVE-2022-0492-Docker-Breakout-Checker-and-PoC https://github.com/bb33bb/CVE-2022-0492 http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html http://packetstormsecurity.com/files/17 • CWE-287: Improper Authentication CWE-862: Missing Authorization •

CVSS: 6.2EPSS: 0%CPEs: 8EXPL: 1

There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned Se presenta un fallo en polkit que puede permitir a un usuario no privilegiado causar un bloqueo de polkit, debido al agotamiento del descriptor de archivos del proceso. La mayor amenaza de esta vulnerabilidad es la disponibilidad. NOTA: La duración de la interrupción del proceso de polkit está ligada al proceso que falla y a la creación de uno nuevo There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. • http://packetstormsecurity.com/files/172849/polkit-File-Descriptor-Exhaustion.html https://access.redhat.com/security/cve/cve-2021-4115 https://gitlab.com/redhat/centos-stream/rpms/polkit/-/merge_requests/6/diffs?commit_id=bf900df04dc390d389e59aa10942b0f2b15c531e https://gitlab.freedesktop.org/polkit/polkit/-/issues/141 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VGKWCBS6IDZYYDYM2WIWJM5BL7QQTWPF https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat • CWE-400: Uncontrolled Resource Consumption CWE-403: Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak') •