CVSS: 5.5EPSS: 0%CPEs: 44EXPL: 0CVE-2022-36879 – kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice
https://notcve.org/view.php?id=CVE-2022-36879
27 Jul 2022 — An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. Se ha detectado un problema en el kernel de Linux versiones hasta 5.18.14. la función xfrm_expand_policies en el archivo net/xfrm/xfrm_policy.c puede causar que un refcount sea descartado dos veces A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). An error while resolving policies in xfrm_bundle_lookup causes the re... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f85daf0e725358be78dfd208dea5fd665d8cb901 • CWE-911: Improper Update of Reference Count •
CVSS: 10.0EPSS: 83%CPEs: 50EXPL: 1CVE-2022-2068 – The c_rehash script allows command injection
https://notcve.org/view.php?id=CVE-2022-2068
21 Jun 2022 — In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where... • https://packetstorm.news/files/id/182466 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 797EXPL: 0CVE-2022-21151 – Debian Security Advisory 5178-1
https://notcve.org/view.php?id=CVE-2022-21151
12 May 2022 — Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Una eliminación de la optimización del procesador o la modificación del código crítico para la seguridad de algunos procesadores Intel(R) puede permitir que un usuario autenticado permita potencialmente una divulgación de información por medio del acceso local It was discovered that some Intel processors did not i... • https://security.netapp.com/advisory/ntap-20220826-0003 •
CVSS: 7.5EPSS: 0%CPEs: 43EXPL: 0CVE-2022-1473 – Resource leakage when decoding certificates and keys
https://notcve.org/view.php?id=CVE-2022-1473
03 May 2022 — The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will expand without bounds and the process might be terminated by the operating system causing a denial of service. Also traversing the empty hash table entries will take increasingly more time. Typically such long liv... • https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf • CWE-401: Missing Release of Memory after Effective Lifetime CWE-459: Incomplete Cleanup •
CVSS: 10.0EPSS: 72%CPEs: 59EXPL: 5CVE-2022-1292 – The c_rehash script allows command injection
https://notcve.org/view.php?id=CVE-2022-1292
03 May 2022 — The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). • https://github.com/alcaparra/CVE-2022-1292 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.3EPSS: 0%CPEs: 43EXPL: 0CVE-2022-1343 – OCSP_basic_verify may incorrectly verify the response signing certificate
https://notcve.org/view.php?id=CVE-2022-1343
03 May 2022 — The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate fails to verify. It is anticipated that most users of `OCSP_basic_verify` will not use the OCSP_NOCHECKS flag. In this case the `OCSP_basic_verify` function will return a negative value (indicating a fatal error) in the case of a certif... • https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf • CWE-295: Improper Certificate Validation •
CVSS: 5.9EPSS: 0%CPEs: 43EXPL: 0CVE-2022-1434 – Incorrect MAC key used in the RC4-MD5 ciphersuite
https://notcve.org/view.php?id=CVE-2022-1434
03 May 2022 — The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an OpenSSL 3.0 recipient such that the modified data would still pass the MAC integrity check. Note that data sent from an OpenSSL 3.0 endpoint to a non-OpenSSL 3.0 endpoint will always be rejected by the recipient and the connection wil... • https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.1EPSS: 2%CPEs: 34EXPL: 0CVE-2022-0742 – Memory leak in ICMP6 in Linux Kernel
https://notcve.org/view.php?id=CVE-2022-0742
18 Mar 2022 — Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc. Una pérdida de memoria en la implementación de icmp6 en el Kernel de Linux versión 5.13+, permite a un atacante remoto hacer DoS a un host haciendo que salga de la memoria por medio de paquetes icmp6 de tipo 130 o 131. Recomendamos actualizar el commit 2d3916f3189172d5c... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2d3916f3189172d5c69d33065c3c21119fe539fc • CWE-275: Permission Issues CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1358EXPL: 0CVE-2021-0156
https://notcve.org/view.php?id=CVE-2021-0156
09 Feb 2022 — Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local access. Una comprobación de entrada inapropiada en el firmware de algunos procesadores Intel(R) puede permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de acceso local • https://security.netapp.com/advisory/ntap-20220210-0007 • CWE-20: Improper Input Validation •
CVSS: 6.6EPSS: 0%CPEs: 1360EXPL: 0CVE-2021-0124
https://notcve.org/view.php?id=CVE-2021-0124
09 Feb 2022 — Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access. Un control de acceso inapropiado en el firmware de algunos procesadores Intel(R) puede permitir a un usuario privilegiado una escalada de privilegios mediante acceso físico • https://security.netapp.com/advisory/ntap-20220210-0007 •