CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 1CVE-2020-10942 – kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field
https://notcve.org/view.php?id=CVE-2020-10942
In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls. En el kernel de Linux versiones anteriores a 5.5.8, la función get_raw_socket en el archivo drivers/vhost/net.c carece de una comprobación de un campo sk_family, que podría permitir a atacantes desencadenar una corrupción de pila del kernel por medio de llamadas de sistema diseñadas. A stack buffer overflow issue was found in the get_raw_socket() routine of the Host kernel accelerator for virtio net (vhost-net) driver. It could occur while doing an ictol(VHOST_NET_SET_BACKEND) call, and retrieving socket name in a kernel stack variable via get_raw_socket(). A user able to perform ioctl(2) calls on the '/dev/vhost-net' device may use this flaw to crash the kernel resulting in DoS issue. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html http://www.openwall.com/lists/oss-security/2020/04/15/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.8 https://git.kernel.org/linus/42d84c8490f9f0931786f1623191fcab397c3d64 https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://lkml.org/lkm • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2020-1951
https://notcve.org/view.php?id=CVE-2020-1951
A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23. Un archivo PSD cuidadosamente diseñado o corrupto puede causar un bucle infinito en PSDParser de Apache Tika en versiones 1.0-1.23. • https://lists.apache.org/thread.html/rd8c1b42bd0e31870d804890b3f00b13d837c528f7ebaf77031323172%40%3Cdev.tika.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/03/msg00035.html https://usn.ubuntu.com/4564-1 https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2020.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2020-1950 – tika: excessive memory usage in PSDParser
https://notcve.org/view.php?id=CVE-2020-1950
A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 1.0-1.23. Un archivo PSD cuidadosamente diseñado o corrupto puede causar un uso de memoria excesivo en el PSDParser de Apache Tika en versiones 1.0-1.23. A flaw was found in Apache Tika’s PSDParser, where a carefully crafted or corrupt PSD file can cause excessive memory usage. The highest threat from this vulnerability is to system availability. • https://lists.apache.org/thread.html/r463b1a67817ae55fe022536edd6db34e8f9636971188430cbcf8a8dd%40%3Cdev.tika.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/03/msg00035.html https://usn.ubuntu.com/4564-1 https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://access.redhat.com/security/cve/CVE-2020-1950 https://bugzilla.redhat.com/show_bug.cgi?id=1822759 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0CVE-2019-18860 – squid: Mishandled HTML in the host parameter to cachemgr.cgi results in insecure behaviour
https://notcve.org/view.php?id=CVE-2019-18860
Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi. Squid versiones anteriores a 4.9, cuando determinados navegadores web son usados, maneja inapropiadamente HTML en el parámetro host (también se conoce como hostname) en el archivo cachemgr.cgi. A flaw was found in squid. Squid, when certain web browsers are used, mishandles HTML in the host parameter to cachemgr.cgi which could result in squid behaving in unsecure way. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html https://github.com/squid-cache/squid/pull/504 https://github.com/squid-cache/squid/pull/505 https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html https://usn.ubuntu.com/4356-1 https://www.debian.org/security/2020/dsa-4732 https://access.redhat.com/security/cve/CVE-2019-18860 https://bugzilla.redhat.com/show_bug.cgi?id=1817121 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 63EXPL: 0CVE-2020-8832 – Ubuntu 18.04 Linux kernel i915 incomplete fix for CVE-2019-14615
https://notcve.org/view.php?id=CVE-2020-8832
The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information. Se detectó que la solución para el kernel de Linux en Ubuntu versión 18.04 LTS para CVE-2019-14615 ("El kernel de Linux no borró apropiadamente las estructuras de datos en los conmutadores de contexto para determinados procesadores gráficos de Intel") estaba incompleta, lo que significa que en las versiones de kernel anteriores a 4.15.0-91.92, un atacante podría usar esta vulnerabilidad para exponer información confidencial. • https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840 https://security.netapp.com/advisory/ntap-20200430-0004 https://usn.ubuntu.com/usn/usn-4302-1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •