CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2023-2731 – libtiff: null pointer deference in LZWDecode() in libtiff/tif_lzw.c
https://notcve.org/view.php?id=CVE-2023-2731
17 May 2023 — A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service. It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafte... • https://access.redhat.com/security/cve/CVE-2023-2731 • CWE-476: NULL Pointer Dereference •
CVSS: 3.7EPSS: 0%CPEs: 4EXPL: 0CVE-2023-32251 – Kernel: ksmbd brute force delay bypass via asynchronous requests
https://notcve.org/view.php?id=CVE-2023-32251
17 May 2023 — A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the intended anti-brute-force protection, potentially allowing attackers to conduct dictionary attacks more efficiently against user credentials or other authentication mechanisms. Se ha identificado una vulnerabilidad ... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b096d97f47326b1e2dbdef1c91fab69ffda54d17 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32256 – Kernel: ksmbd race issue from smb2 close and logoff with multichannel
https://notcve.org/view.php?id=CVE-2023-32256
17 May 2023 — A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue. Se detectó una falla en el componente ksmbd del kernel de Linux. Una condición de ejecución entre la operación de cierre de smb2 y el cierre de sesión en conexiones multicanal podría provocar un problema de use-after-free. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Li... • https://access.redhat.com/security/cve/CVE-2023-32256 • CWE-421: Race Condition During Access to Alternate Channel •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-2593 – Kernel: ksmbd memory exhaustion denial-of-service vulnerability
https://notcve.org/view.php?id=CVE-2023-2593
17 May 2023 — A flaw exists within the Linux kernel's handling of new TCP connections. The issue results from the lack of memory release after its effective lifetime. This vulnerability allows an unauthenticated attacker to create a denial of service condition on the system. Existe una falla en el manejo de nuevas conexiones TCP por parte del kernel de Linux. El problema se debe a la falta de liberación de memoria tras su vida útil. • https://lore.kernel.org/lkml/CAH2r5msyEy20e=FBx6wPWWc3kXzNR4b+zHshSqidRdFKVf_7Jg@mail.gmail.com • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32253 – Kernel: deadlock in ksmbd_find_crypto_ctx()
https://notcve.org/view.php?id=CVE-2023-32253
17 May 2023 — A flaw was found in the Linux kernel's ksmbd component. A deadlock is triggered by sending multiple concurrent session setup requests, possibly leading to a denial of service. Se detectó una falla en el componente ksmbd del kernel de Linux. El envío simultáneo de múltiples solicitudes de configuración de sesión provoca un bloqueo, lo que podría provocar una denegación de servicio. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Linux Kernel. • https://access.redhat.com/security/cve/CVE-2023-32253 • CWE-413: Improper Resource Locking •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-32255 – Kernel: memory leak via ksmbd session setup request with unknown ntlmssp message type
https://notcve.org/view.php?id=CVE-2023-32255
17 May 2023 — A flaw was found in the Linux kernel's ksmbd component. A memory leak can occur if a client sends a session setup request with an unknown NTLMSSP message type, potentially leading to resource exhaustion. Se detectó una falla en el componente ksmbd del kernel de Linux. Puede producirse una fuga de memoria si un cliente envía una solicitud de configuración de sesión con un tipo de mensaje NTLMSSP desconocido, lo que podría provocar el agotamiento de recursos. This vulnerability allows remote attackers to crea... • https://access.redhat.com/security/cve/CVE-2023-32255 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 2%CPEs: 9EXPL: 0CVE-2023-2295 – libreswan: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux
https://notcve.org/view.php?id=CVE-2023-2295
16 May 2023 — A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package ... • https://access.redhat.com/errata/RHSA-2023:3107 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2023-1729 – LibRaw: a heap-buffer-overflow in raw2image_ex()
https://notcve.org/view.php?id=CVE-2023-1729
15 May 2023 — A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash. Zinuo Han and Ao Wang discovered that the Android DNG SDK, vendored in digiKam, did not correctly parse certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. • https://bugzilla.redhat.com/show_bug.cgi?id=2188240 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-2700 – libvirt: Memory leak in virPCIVirtualFunctionList cleanup
https://notcve.org/view.php?id=CVE-2023-2700
15 May 2023 — A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup. A vulnerability was found in libvirt. This security flaw occurs due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr ... • https://access.redhat.com/security/cve/CVE-2023-2700 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-2454 – postgresql: schema_element defeats protective search_path changes
https://notcve.org/view.php?id=CVE-2023-2454
12 May 2023 — schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code. A flaw was found in PostgreSQL. Certain database calls could permit an attacker with elevated database-level privileges to execute arbitrary code. Alexander Lakhin discovered that PostgreSQL incorrectly handled certain CREATE privileges. An authenticated user could possibly use this issue to execute ar... • https://access.redhat.com/security/cve/CVE-2023-2454 • CWE-20: Improper Input Validation •