CVE-2022-3602 – X.509 Email Address 4-byte Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-3602
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. • https://github.com/colmmacc/CVE-2022-3602 https://github.com/eatscrayon/CVE-2022-3602-poc https://github.com/corelight/CVE-2022-3602 https://github.com/cybersecurityworks553/CVE-2022-3602-and-CVE-2022-3786 http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html http://www.openwall.com/lists/oss-security/2022/11/01/15 http://www.openwall.com/lists/oss-security/2022/11/01/16 http://www.openwall.com/lists/oss-security/2022/11/01/17 http://www • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2020-14394
https://notcve.org/view.php?id=CVE-2020-14394
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service. Se ha encontrado un fallo de bucle infinito en la emulación del controlador USB xHCI de QEMU mientras es calculada la longitud del anillo de petición de transferencia (TRB). Este fallo permite a un usuario invitado privilegiado colgar el proceso de QEMU en el host, resultando en una denegación de servicio. • https://bugzilla.redhat.com/show_bug.cgi?id=1908004 https://gitlab.com/qemu-project/qemu/-/issues/646 https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2021-42778
https://notcve.org/view.php?id=CVE-2021-42778
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo. Se ha encontrado un problema de doble liberación de la pila en Opensc versiones anteriores a 0.22.0, en la función sc_pkcs15_free_tokeninfo • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185 https://bugzilla.redhat.com/show_bug.cgi?id=2016083 https://github.com/OpenSC/OpenSC/commit/f015746d https://security.gentoo.org/glsa/202209-03 • CWE-415: Double Free CWE-672: Operation on a Resource after Expiration or Release •
CVE-2021-42779
https://notcve.org/view.php?id=CVE-2021-42779
A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid. Se encontró un problema de uso de memoria previamente liberada de la pila en Opensc versiones anteriores a 0.22.0, en la función sc_file_valid • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843 https://bugzilla.redhat.com/show_bug.cgi?id=2016086 https://github.com/OpenSC/OpenSC/commit/1db88374 https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html https://security.gentoo.org/glsa/202209-03 • CWE-416: Use After Free •
CVE-2021-42780
https://notcve.org/view.php?id=CVE-2021-42780
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library. Se ha encontrado un problema de tipo use after return En Opensc versiones anteriores a 0.22.0, en la función insert_pin que podría bloquear los programas que usan la biblioteca • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28383 https://bugzilla.redhat.com/show_bug.cgi?id=2016139 https://github.com/OpenSC/OpenSC/commit/5df913b7 https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html https://security.gentoo.org/glsa/202209-03 • CWE-252: Unchecked Return Value •