CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2021-3501 – kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu->run
https://notcve.org/view.php?id=CVE-2021-3501
05 May 2021 — A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability. Se encontró un fallo en el kernel de Linux en versiones anteriores a 5.12. El valor de internal.ndata, en la API de KVM, es asignado a un índice de matriz, que puede ser actualizado por un... • https://bugzilla.redhat.com/show_bug.cgi?id=1950136 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 37EXPL: 0CVE-2020-27827 – lldp/openvswitch: denial of service via externally triggered memory leak
https://notcve.org/view.php?id=CVE-2020-27827
28 Jan 2021 — A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability. Se encontró un fallo en múltiples versiones de OpenvSwitch. Los paquetes LLDP especialmente diseñados pueden causar que una memoria se pierda cuando se asignan datos para manejar TLV opcionales específicos, potencialmente causan... • https://bugzilla.redhat.com/show_bug.cgi?id=1921438 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-25657 – m2crypto: bleichenbacher timing attacks in the RSA decryption API
https://notcve.org/view.php?id=CVE-2020-25657
12 Jan 2021 — A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality. Se encontró un fallo en todas las versiones publicadas de m2crypto, donde son vulnerables a ataques de sincronización de Bleichenbacher en la API de descifrado RSA por medio del procesamiento cronometrado de texto cifrado PKCS#1 versión v1.5 válido... • https://bugzilla.redhat.com/show_bug.cgi?id=1889823 • CWE-203: Observable Discrepancy CWE-385: Covert Timing Channel •
CVSS: 5.9EPSS: 0%CPEs: 20EXPL: 0CVE-2020-10711 – Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic
https://notcve.org/view.php?id=CVE-2020-10711
12 May 2020 — A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NU... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • CWE-476: NULL Pointer Dereference •
CVSS: 3.7EPSS: 0%CPEs: 7EXPL: 1CVE-2019-14850 – nbdkit: denial of service due to premature opening of back-end connection
https://notcve.org/view.php?id=CVE-2019-14850
01 Apr 2020 — A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker could connect to the nbdkit service and cause it to perform a large amount of work in initializing backend plugins, by simply opening a connection to the service. This vulnerability could cause resource consumption and degradation of service in nbdkit, depending on the plugins configured on the server-side. Se detectó una vulnerabilidad de denegación de servicio en nbdkit versiones 1.12.7, 1.14.1 y 1.15.1. ... • https://bugzilla.redhat.com/show_bug.cgi?id=1757258 • CWE-406: Insufficient Control of Network Message Volume (Network Amplification) •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2012-0877
https://notcve.org/view.php?id=CVE-2012-0877
22 Nov 2019 — PyXML: Hash table collisions CPU usage Denial of Service PyXML: la CPU de colisiones de tablas hash usa una Denegación de Servicio • http://seclists.org/oss-sec/2014/q3/96 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2019-14818 – dpdk: possible memory leak leads to denial of service
https://notcve.org/view.php?id=CVE-2019-14818
13 Nov 2019 — A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition. Se encontró un fallo en todas las versiones de dpdk 17.xx anteriores a 17.11.8, versiones 16.xx anteriores a 16.11.10, versiones 18.xx anteriore... • https://access.redhat.com/errata/RHSA-2020:0165 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 324EXPL: 0CVE-2019-11135 – hw: TSX Transaction Asynchronous Abort (TAA)
https://notcve.org/view.php?id=CVE-2019-11135
12 Nov 2019 — TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. Una condición de tipo TSX Asynchronous Abort en algunas CPU que utilizan ejecución especulativa puede habilitar a un usuario autenticado para permitir potencialmente una divulgación de información por medio de un canal lateral con acceso local. A flaw was found in the way Intel CPUs handle speculative execution of ins... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html • CWE-203: Observable Discrepancy •
CVSS: 9.0EPSS: 84%CPEs: 47EXPL: 30CVE-2019-14287 – sudo 1.8.27 - Security Bypass
https://notcve.org/view.php?id=CVE-2019-14287
15 Oct 2019 — In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command. En Sudo anteriores a 1.8.28, un atacante con acceso a una cuenta Runas ALL sudoer puede omitir ciertas listas negras de políticas y módulos PAM de sesión, y puede causar un registro... • https://www.exploit-db.com/exploits/47502 • CWE-267: Privilege Defined With Unsafe Actions CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.0EPSS: 0%CPEs: 88EXPL: 3CVE-2019-14816 – kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
https://notcve.org/view.php?id=CVE-2019-14816
20 Sep 2019 — There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. Se presenta un desbordamiento del búfer en la región heap de la memoria en el kernel, todas las versiones hasta 5.3 (excluyéndola), en el controlador de chip wifi marvell en el kernel de Linux, que permite a usuarios locales causar una denegación de servicio (bloqueo del sistem... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •