CVSS: 8.6EPSS: 0%CPEs: 14EXPL: 2CVE-2022-2132 – dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
https://notcve.org/view.php?id=CVE-2022-2132
28 Aug 2022 — A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK. Se ha encontrado un fallo en la lista de entradas permitidas en DPDK. Este problema permite a un atacante remoto causar una denegación de servicio al enviar un encabezado Vhost diseñado a DPDK The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, o... • https://bugs.dpdk.org/show_bug.cgi?id=1031 • CWE-770: Allocation of Resources Without Limits or Throttling CWE-791: Incomplete Filtering of Special Elements •
CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 2CVE-2021-3864
https://notcve.org/view.php?id=CVE-2021-3864
26 Aug 2022 — A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a result, if the descendant process crashes and core_pattern is set to a relative value, its core dump is stored in the current directory with uid:gid permissions. An unprivileged local user with eligible root SUID bina... • https://github.com/walac/cve-2021-3864 • CWE-284: Improper Access Control •
CVSS: 7.2EPSS: 0%CPEs: 19EXPL: 0CVE-2022-34301 – shim: 3rd party shim allow secure boot bypass
https://notcve.org/view.php?id=CVE-2022-34301
26 Aug 2022 — A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. Se ha encontrado un fallo en los cargadores de arranque de CryptoPro Secure Disk versiones anterior... • https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot • CWE-494: Download of Code Without Integrity Check •
CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 0CVE-2022-34302 – shim: 3rd party shim allow secure boot bypass
https://notcve.org/view.php?id=CVE-2022-34302
26 Aug 2022 — A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. Se ha encontrado un fallo en los cargadores de arranque de New Horizon Datasys versiones anteriores a... • https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot • CWE-494: Download of Code Without Integrity Check •
CVSS: 7.2EPSS: 0%CPEs: 19EXPL: 0CVE-2022-34303 – shim: 3rd party shim allow secure boot bypass
https://notcve.org/view.php?id=CVE-2022-34303
26 Aug 2022 — A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. Se ha encontrado un fallo en los cargadores de arranque de Eurosoft versiones anteriores a 01-06-2022. • https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot • CWE-494: Download of Code Without Integrity Check •
CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 1CVE-2021-35937 – rpm: TOCTOU race in checks for unsafe symlinks
https://notcve.org/view.php?id=CVE-2021-35937
25 Aug 2022 — A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró una vulnerabilidad de condición de carrera en rpm. Un usuario local no privilegiado podría usar este fallo para omitir las comprobaciones introducidas en respuest... • https://access.redhat.com/security/cve/CVE-2021-35937 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.7EPSS: 0%CPEs: 5EXPL: 1CVE-2021-35938 – rpm: races with chown/chmod/capabilities calls during installation
https://notcve.org/view.php?id=CVE-2021-35938
25 Aug 2022 — A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se ha encontrado un problema de enlaces simbólicos en rpm. • https://access.redhat.com/security/cve/CVE-2021-35938 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 3.3EPSS: 0%CPEs: 6EXPL: 2CVE-2021-4217 – Ubuntu Security Notice USN-7054-1
https://notcve.org/view.php?id=CVE-2021-4217
24 Aug 2022 — A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. Se ha encontrado un fallo en unzip. La vulnerabilidad es producida debido a un manejo inapropiado de las cadenas Unicode, que puede conllevar a una desreferencia de puntero null. • https://access.redhat.com/security/cve/CVE-2021-4217 • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3714
https://notcve.org/view.php?id=CVE-2021-3714
23 Aug 2022 — A flaw was found in the Linux kernels memory deduplication mechanism. Previous work has shown that memory deduplication can be attacked via a local exploitation mechanism. The same technique can be used if an attacker can upload page sized files and detect the change in access time from a networked service to determine if the page has been merged. Se ha encontrado un fallo en el mecanismo de de duplicación de memoria del kernel de Linux. Trabajos anteriores han demostrado que la de duplicación de memoria pu... • https://access.redhat.com/security/cve/CVE-2021-3714 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 24EXPL: 0CVE-2022-2873 – kernel: an out-of-bounds vulnerability in i2c-ismt driver
https://notcve.org/view.php?id=CVE-2022-2873
22 Aug 2022 — An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system. Se ha encontrado un fallo de acceso a memoria fuera de límites en el controlador de host iSMT SMBus del kernel de Linux, en la forma en que un usuario desencadena I2C_SMBUS_BLOCK_DATA (con el ioctl I2C_SMBUS) con datos de entrada maliciosos. Este ... • https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html • CWE-131: Incorrect Calculation of Buffer Size •