CVE-2021-43395
https://notcve.org/view.php?id=CVE-2021-43395
An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected. Se descubrió un problema en illumos antes de f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04 y SmartOS 20210923. Un usuario local sin privilegios puede provocar un punto muerto y pánico en el kernel mediante llamadas de cambio de nombre y rmdir manipuladas en sistemas de archivos tmpfs. • http://www.tribblix.org/relnotes.html https://github.com/illumos/illumos-gate/blob/069654420de4aade43c63c43cd2896e66945fc8a/usr/src/uts/common/fs/tmpfs/tmp_vnops.c https://github.com/illumos/illumos-gate/blob/b3403853e80914bd0aade9b5b605da4878078173/usr/src/uts/common/fs/tmpfs/tmp_dir.c https://github.com/illumos/illumos-gate/commit/f859e7171bb5db34321e45585839c6c3200ebb90 https://illumos.topicbox.com/groups/developer/T1c9e4f27f8c2f959/security-heads-up-illumos14424 https://jgardner100.wordpress.com/2022/01/20/security-heads-up • CWE-667: Improper Locking •
CVE-2020-27678
https://notcve.org/view.php?id=CVE-2020-27678
An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c. Se detectó un problema en illumos antes del 22-10-2020, como es usado en OmniOS versiones anteriores a r151030by, r151032ay y r151034y y SmartOS versiones anteriores a 20201022. Se presenta un desbordamiento de búfer en la función parse_user_name en la biblioteca lib/libpam/pam_framework.c • https://github.com/illumos/illumos-gate/commit/1d276e0b382cf066dae93640746d8b4c54d15452 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2020-7712 – Command Injection
https://notcve.org/view.php?id=CVE-2020-7712
This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function. Esto afecta al paquete json versiones anteriores a 10.0.0. Es posible inyectar comandos arbitrarios usando la función parseLookup • https://github.com/trentm/json/issues/144 https://github.com/trentm/json/pull/145 https://lists.apache.org/thread.html/r37c0e1807da7ff2bdd028bbe296465a6bbb99e2320dbe661d5d8b33b%40%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r3b04f4e99a19613f88ae088aa18cd271231a3c79dfff8f5efa8cda61%40%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r5f17bfca1d6e7f4b33ae978725b2fd62a9f1b3111696eafa9add802d%40%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r8d2e174230f6d26e16c007546e804c343f1f68956f526daaafa4aaae%40%3Cdev • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2016-9040
https://notcve.org/view.php?id=CVE-2016-9040
An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploit this will result in memory exhaustion, resulting in a full system denial of service. Existe una denegación de servicio (DoS) explotable en el sistema de archivos Hyprlofs de Joyent SmartOS OS 20161110T013148Z. • https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258 • CWE-400: Uncontrolled Resource Consumption •
CVE-2018-3737 – nodejs-sshpk: ReDoS when parsing crafted invalid public keys in lib/formats/ssh.js
https://notcve.org/view.php?id=CVE-2018-3737
sshpk is vulnerable to ReDoS when parsing crafted invalid public keys. sshpk es vulnerable a una denegación de servicio con expresiones regulares (ReDoS) cuando se parsean claves públicas manipuladas no válidas. • https://github.com/ossf-cve-benchmark/CVE-2018-3737 https://hackerone.com/reports/319593 https://access.redhat.com/security/cve/CVE-2018-3737 https://bugzilla.redhat.com/show_bug.cgi?id=1567228 • CWE-185: Incorrect Regular Expression CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •