CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-40284 – NTFS-3G: buffer overflow issue in NTFS-3G can cause code execution via crafted metadata in an NTFS image
https://notcve.org/view.php?id=CVE-2022-40284
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device. Se descubrió un desbordamiento del búfer en NTFS-3G antes de 2022.10.3. • http://www.openwall.com/lists/oss-security/2022/10/31/2 https://github.com/tuxera/ntfs-3g/releases https://lists.debian.org/debian-lts-announce/2022/11/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2BOQ7YLFT43KLXEN3EB6CS4DP635RJWP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IA2D4PYOR7ABI7BWBMMMYKY2OPHTV2NI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UGDKGXA4R2ZVUQ3CT4D4Y • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0CVE-2022-39379 – Fluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration)
https://notcve.org/view.php?id=CVE-2022-39379
Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution (RCE) vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads. Fluentd setups are only affected if the environment variable `FLUENT_OJ_OPTION_MODE` is explicitly set to `object`. Please note: The option FLUENT_OJ_OPTION_MODE was introduced in Fluentd version 1.13.2. Earlier versions of Fluentd are not affected by this vulnerability. • https://github.com/fluent/fluentd/commit/48e5b85dab1b6d4c273090d538fc11b3f2fd8135 https://github.com/fluent/fluentd/security/advisories/GHSA-fppq-mj76-fpj2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYD5QV66OLDHES6IKVYYM3Y3YID3VVCO • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-42309
https://notcve.org/view.php?id=CVE-2022-42309
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. Entering the error path can be controlled by the guest e.g. by exceeding the quota value of maximum nodes per domain. Xenstore: Los invitados pueden bloquear xenstored Debido a un error en la solución de XSA-115, un invitado malintencionado puede hacer que xenstored use un puntero incorrecto durante la creación del nodo en una ruta de error, lo que resulta en una falla de xenstored o una corrupción de la memoria en xenstored, lo que provoca más daño. El invitado puede controlar el ingreso de la ruta de error, por ejemplo, excediendo el valor de cuota de nodos máximos por dominio. • http://www.openwall.com/lists/oss-security/2022/11/01/4 http://xenbits.xen.org/xsa/advisory-414.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ https://security.gentoo.org/glsa/202402-07 https:// • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-42319
https://notcve.org/view.php?id=CVE-2022-42319
Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. This memory is freed only after the request has been finished completely. A request is regarded to be finished only after the guest has read the response message of the request from the ring page. Thus a guest not reading the response can cause xenstored to not free the temporary memory. This can result in memory shortages causing Denial of Service (DoS) of xenstored. • http://www.openwall.com/lists/oss-security/2022/11/01/6 http://xenbits.xen.org/xsa/advisory-416.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTMITQBGC23MSDHUCAPCVGLMVXIBXQTQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZVXG7OOOXCX6VIPEMLFDPIPUTFAYWPE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLI2NPNEH7CNJO3VZGQNOI4M4EWLNKPZ https://security.gentoo.org/glsa/202402-07 https:// • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 11%CPEs: 9EXPL: 4CVE-2022-3602 – X.509 Email Address 4-byte Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-3602
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. • https://github.com/colmmacc/CVE-2022-3602 https://github.com/eatscrayon/CVE-2022-3602-poc https://github.com/corelight/CVE-2022-3602 https://github.com/cybersecurityworks553/CVE-2022-3602-and-CVE-2022-3786 http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html http://www.openwall.com/lists/oss-security/2022/11/01/15 http://www.openwall.com/lists/oss-security/2022/11/01/16 http://www.openwall.com/lists/oss-security/2022/11/01/17 http://www&# • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •