CVSS: 7.2EPSS: 0%CPEs: 19EXPL: 0CVE-2022-34301 – shim: 3rd party shim allow secure boot bypass
https://notcve.org/view.php?id=CVE-2022-34301
26 Aug 2022 — A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. Se ha encontrado un fallo en los cargadores de arranque de CryptoPro Secure Disk versiones anterior... • https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot • CWE-494: Download of Code Without Integrity Check •
CVSS: 7.2EPSS: 0%CPEs: 19EXPL: 0CVE-2022-34303 – shim: 3rd party shim allow secure boot bypass
https://notcve.org/view.php?id=CVE-2022-34303
26 Aug 2022 — A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. Se ha encontrado un fallo en los cargadores de arranque de Eurosoft versiones anteriores a 01-06-2022. • https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot • CWE-494: Download of Code Without Integrity Check •
CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 1CVE-2021-35937 – rpm: TOCTOU race in checks for unsafe symlinks
https://notcve.org/view.php?id=CVE-2021-35937
25 Aug 2022 — A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró una vulnerabilidad de condición de carrera en rpm. Un usuario local no privilegiado podría usar este fallo para omitir las comprobaciones introducidas en respuest... • https://access.redhat.com/security/cve/CVE-2021-35937 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.7EPSS: 0%CPEs: 5EXPL: 1CVE-2021-35938 – rpm: races with chown/chmod/capabilities calls during installation
https://notcve.org/view.php?id=CVE-2021-35938
25 Aug 2022 — A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se ha encontrado un problema de enlaces simbólicos en rpm. • https://access.redhat.com/security/cve/CVE-2021-35938 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 3.3EPSS: 0%CPEs: 6EXPL: 2CVE-2021-4217 – Ubuntu Security Notice USN-7054-1
https://notcve.org/view.php?id=CVE-2021-4217
24 Aug 2022 — A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. Se ha encontrado un fallo en unzip. La vulnerabilidad es producida debido a un manejo inapropiado de las cadenas Unicode, que puede conllevar a una desreferencia de puntero null. • https://access.redhat.com/security/cve/CVE-2021-4217 • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3714
https://notcve.org/view.php?id=CVE-2021-3714
23 Aug 2022 — A flaw was found in the Linux kernels memory deduplication mechanism. Previous work has shown that memory deduplication can be attacked via a local exploitation mechanism. The same technique can be used if an attacker can upload page sized files and detect the change in access time from a networked service to determine if the page has been merged. Se ha encontrado un fallo en el mecanismo de de duplicación de memoria del kernel de Linux. Trabajos anteriores han demostrado que la de duplicación de memoria pu... • https://access.redhat.com/security/cve/CVE-2021-3714 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 5CVE-2022-2639 – kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
https://notcve.org/view.php?id=CVE-2022-2639
23 Aug 2022 — An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. Se ha encontrado un error de coerción de enteros en el módulo del kernel openvswitch. Dado un número suficien... • https://github.com/bb33bb/CVE-2022-2639-PipeVersion • CWE-192: Integer Coercion Error CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2022-2938 – kernel: use-after-free when psi trigger is destroyed while being polled
https://notcve.org/view.php?id=CVE-2022-2938
23 Aug 2022 — A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects. Se ha encontrado un fallo en la implementación del kernel de Linux de la Información de Bloqueo de Presión. Aunque la función está deshabilitada por defecto, podría permitir a un atacante bloquear el sistema o tener otros efectos secundarios de corrupción de memoria. A flaw was found in the ... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a06247c6804f1a7c86a2e5398a4c1f1db1471848 • CWE-416: Use After Free •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2738 – podman: Security regression of CVE-2020-8945 due to source code management issue
https://notcve.org/view.php?id=CVE-2022-2738
22 Aug 2022 — The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or cause potential code execution in Go applications that use the Go GPGME wrapper library, under certain conditions, during GPG signature verification. La versión de podman publicada para Red Hat Enterprise Linux 7 Extras por medio del aviso RHSA... • https://access.redhat.com/security/cve/CVE-2022-2738 • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2739 – podman: Security regression of CVE-2020-14370 due to source code management issue
https://notcve.org/view.php?id=CVE-2022-2739
22 Aug 2022 — The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. This issue could possibly allow an attacker to gain access to sensitive information stored in environment variables. La versión de podman publicada para Red Hat Enterprise Linux 7 Extras por medio del aviso RHSA-2022:2190 incluía una versión incorrecta de podman que carecía de la correcci... • https://access.redhat.com/security/cve/CVE-2022-2739 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-312: Cleartext Storage of Sensitive Information •