CVSS: 7.5EPSS: 2%CPEs: 8EXPL: 0CVE-2023-2156 – Linux Kernel IPv6 RPL Protocol Reachable Assertion Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-2156
A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the RPL protocol. • http://www.openwall.com/lists/oss-security/2023/05/17/8 http://www.openwall.com/lists/oss-security/2023/05/17/9 http://www.openwall.com/lists/oss-security/2023/05/18/1 http://www.openwall.com/lists/oss-security/2023/05/19/1 https://bugzilla.redhat.com/show_bug.cgi?id=2196292 https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html https://security.netapp.com/advisory/ntap-20230622-0001 https://www.debian.org/security/2023/dsa-5448 https:// • CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-40302 – frr: denial of service by crafting a BGP OPEN message with an option of type 0xff
https://notcve.org/view.php?id=CVE-2022-40302
An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case. Se descubrió un problema en bgpd en FRRouting (FRR) a través de 8.4. Al crear un mensaje BGP OPEN con una opción de tipo 0xff (longitud extendida de RFC 9072), los atacantes pueden provocar una denegación de servicio (error de aserción y reinicio del servicio, o lectura fuera de los límites). • https://github.com/FRRouting/frr/releases https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html https://www.debian.org/security/2023/dsa-5495 https://access.redhat.com/security/cve/CVE-2022-40302 https://bugzilla.redhat.com/show_bug.cgi?id=2196090 • CWE-125: Out-of-bounds Read CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-40318 – frr: denial of service by crafting a BGP OPEN message with an option of type in bgp_open_option_parse in the bgp_open.c 0xff
https://notcve.org/view.php?id=CVE-2022-40318
An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case. NOTE: this behavior occurs in bgp_open_option_parse in the bgp_open.c file, a different location (with a different attack vector) relative to CVE-2022-40302. Se descubrió un problema en bgpd en FRRouting (FRR) hasta 8.4. • https://github.com/FRRouting/frr/releases https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html https://www.debian.org/security/2023/dsa-5495 https://access.redhat.com/security/cve/CVE-2022-40318 https://bugzilla.redhat.com/show_bug.cgi?id=2196091 • CWE-125: Out-of-bounds Read CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-43681 – frr: out-of-bounds read exists in the BGP daemon of FRRouting
https://notcve.org/view.php?id=CVE-2022-43681
An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads of out of the bounds of the packet, throwing a SIGABRT signal and exiting. This results in a bgpd daemon restart, causing a Denial-of-Service condition. Existe una lectura fuera de los límites en el daemon BGP de FRRouting FRR hasta 8.4. Al enviar un mensaje BGP OPEN con formato incorrecto que termina con el octeto de longitud de la opción (o la palabra de longitud de la opción, en el caso de un mensaje OPEN extendido), el código FRR se lee fuera de los límites del paquete, lanzando una señal SIGABRT y saliendo. • https://forescout.com https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html https://www.debian.org/security/2023/dsa-5495 https://access.redhat.com/security/cve/CVE-2022-43681 https://bugzilla.redhat.com/show_bug.cgi?id=2196088 • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2468
https://notcve.org/view.php?id=CVE-2023-2468
Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop.html https://crbug.com/1416380 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6P5RJ6UD37IPBWU3GPQNMIUFVOVCGSLY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3V6GPGMY6ZWVWPECMQGGOKQVATXJ5BA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4JI552XDFD6DYFU6WNCRBCAXWOFOOSF https://security.gentoo.org/glsa/202309-17 https://www.deb •