CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-2007 – Linux Kernel DPT I2O Controller Time-Of-Check Time-Of-Use Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-2007
13 Apr 2023 — The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. This vulnerability allows local attackers to disclose sensitive information on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target... • https://github.com/torvalds/linux/commit/b04e75a4a8a81887386a0d2dbf605a48e779d2a0 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-667: Improper Locking •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 5CVE-2022-43680 – expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate
https://notcve.org/view.php?id=CVE-2022-43680
24 Oct 2022 — In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. En libexpat versiones hasta 2.4.9, se presenta un uso de memoria previamente liberada causado por la destrucción excesiva de un DTD compartido en XML_ExternalEntityParserCreate en situaciones fuera de memoria A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-mem... • https://github.com/Trinadh465/external_expat-2.1.0_CVE-2022-43680 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 44EXPL: 0CVE-2022-36879 – kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice
https://notcve.org/view.php?id=CVE-2022-36879
27 Jul 2022 — An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. Se ha detectado un problema en el kernel de Linux versiones hasta 5.18.14. la función xfrm_expand_policies en el archivo net/xfrm/xfrm_policy.c puede causar que un refcount sea descartado dos veces A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). An error while resolving policies in xfrm_bundle_lookup causes the re... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f85daf0e725358be78dfd208dea5fd665d8cb901 • CWE-911: Improper Update of Reference Count •
CVSS: 10.0EPSS: 71%CPEs: 50EXPL: 1CVE-2022-2068 – The c_rehash script allows command injection
https://notcve.org/view.php?id=CVE-2022-2068
21 Jun 2022 — In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where... • https://packetstorm.news/files/id/182466 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2022-1678
https://notcve.org/view.php?id=CVE-2022-1678
25 May 2022 — An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients. Se ha detectado un problema en el Kernel de Linux de la 4.18 a 4.19, una actualización inapropiada de la referencia sock en el paso TCP puede conllevar a una pérdida de memoria/netns, que puede ser usada por clientes remotos • https://anas.openanolis.cn/cves/detail/CVE-2022-1678 • CWE-911: Improper Update of Reference Count •
CVSS: 9.1EPSS: 0%CPEs: 18EXPL: 0CVE-2022-1587 – pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c
https://notcve.org/view.php?id=CVE-2022-1587
16 May 2022 — An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers. Se ha detectado una vulnerabilidad de lectura fuera de límites en la biblioteca PCRE2 en la función get_recurse_data_length() del archivo pcre2_jit_compile.c. Este problema afecta a las recursiones en expresiones regulares compiladas en JIT causadas por transfere... • https://bugzilla.redhat.com/show_bug.cgi?id=2077983%2C • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 19EXPL: 0CVE-2022-1586 – pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c
https://notcve.org/view.php?id=CVE-2022-1586
16 May 2022 — An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT. Se ha detectado una vulnerabilidad de lectura fuera de límites en la biblioteca PCRE2 en la función compile_xclass_matchingpath() del archivo pcre2_jit_compile.c. Esto implica un probl... • https://bugzilla.redhat.com/show_bug.cgi?id=2077976%2C • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 3CVE-2022-30594 – kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option
https://notcve.org/view.php?id=CVE-2022-30594
12 May 2022 — The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. El kernel de Linux versiones anteriores a 5.17.2, maneja inapropiadamente los permisos de seccomp. La ruta de código PTRACE_SEIZE permite a atacantes omitir las restricciones previstas al establecer el flag PT_SUSPEND_SECCOMP A flaw was found in the Linux kernel. The PTRACE_SEIZE code path allows attackers to bypass intended restri... • https://packetstorm.news/files/id/170362 • CWE-276: Incorrect Default Permissions CWE-862: Missing Authorization •
CVSS: 7.4EPSS: 0%CPEs: 28EXPL: 4CVE-2022-29824 – libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write
https://notcve.org/view.php?id=CVE-2022-29824
03 May 2022 — In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. En libxml2 versiones anteriores a 2.9.14, varias funciones de manejo de búferes en buf.c (xmlBuf*) y tree.c (xmlBuffer*) no comprueban los desbor... • https://packetstorm.news/files/id/167345 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 1CVE-2022-29968 – Ubuntu Security Notice USN-5471-1
https://notcve.org/view.php?id=CVE-2022-29968
02 May 2022 — An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private. Se ha detectado un problema en el kernel de Linux versiones hasta 5.17.5. La función io_rw_init_file en el archivo fs/io_uring.c carece de la inicialización de kiocb-)private It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot res... • https://github.com/jprx/CVE-2022-29968 • CWE-909: Missing Initialization of Resource •