CVE-2021-3814 – 3scale: missing validation of access token
https://notcve.org/view.php?id=CVE-2021-3814
It was found that 3scale's APIdocs does not validate the access token, in the case of invalid token, it uses session auth instead. This conceivably bypasses access controls and permits unauthorized information disclosure. Se ha detectado que la APIdocs de 3scale no comprueba el token de acceso, en el caso de un token inválido, usa en su lugar el auth de sesión. Esto podría omitir los controles de acceso y permitir una divulgación de información no autorizada A flaw was found in 3scale's API docs, where it does not validate the access token. In the case of an invalid token, it uses session auth instead. • https://bugzilla.redhat.com/show_bug.cgi?id=2004322 https://access.redhat.com/security/cve/CVE-2021-3814 • CWE-862: Missing Authorization •
CVE-2021-3752 – kernel: possible use-after-free in bluetooth module
https://notcve.org/view.php?id=CVE-2021-3752
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se ha encontrado un fallo de uso de memoria previamente liberada en el subsistema Bluetooth del kernel de Linux en la forma en que las llamadas de usuario son conectadas al socket y son desconectadas simultáneamente debido a una condición de carrera. Este fallo permite a un usuario bloquear el sistema o escalar sus privilegios. • https://bugzilla.redhat.com/show_bug.cgi?id=1999544 https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://lore.kernel.org/lkml/20211115165435.133245729%40linuxfoundation.org https://security.netapp.com/advisory/ntap-20220318-0009 https://www.debian.org/security/2022/dsa-5096 https://www.openwall.com/lists/oss-security/2021/09/15/4 https://www.oracle.com/security-alerts/cpujul2022.html https:/ • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVE-2020-25634
https://notcve.org/view.php?id=CVE-2020-25634
A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials. This flaw allows an attacker to view sensitive information or modify service APIs. Versions before 3scale-2.10.0-ER1 are affected. Se encontró un fallo en la URL de documentos de la API de Red Hat 3scale, donde puede acceder sin credenciales. Este fallo permite a un atacante visualizar información confidencial o modificar las API de servicio. • https://bugzilla.redhat.com/show_bug.cgi?id=1880201 • CWE-284: Improper Access Control CWE-306: Missing Authentication for Critical Function •
CVE-2019-14836 – 3scale: dev portal missing protection against login CSRF
https://notcve.org/view.php?id=CVE-2019-14836
A vulnerability was found that the 3scale dev portal does not employ mechanisms for protection against login CSRF. An attacker could use this flaw to access unauthorized information or conduct further attacks. Se ha encontrado una vulnerabilidad en el portal de desarrollo de 3scale que no emplea mecanismos de protección contra el CSRF de inicio de sesión. Un atacante podría utilizar este fallo para acceder a información no autorizada o realizar otros ataques It was found that the 3scale dev portal does not employ mechanisms for protection against login CSRF. An attacker could use this flaw to access unauthorized information or conduct further attacks. • https://bugzilla.redhat.com/show_bug.cgi?id=1847605 https://access.redhat.com/security/cve/CVE-2019-14836 https://bugzilla.redhat.com/show_bug.cgi?id=1750928 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2020-10711 – Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic
https://notcve.org/view.php?id=CVE-2020-10711
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10711 https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://security.netapp.com/advisory/ntap-20200608-0001 https://usn.ubuntu.com/4411-1 https://usn.ubuntu.com/4412-1 https://usn.ubuntu.com/4413-1 https://usn.ubuntu.com/4414-1 https://usn.ubuntu& • CWE-476: NULL Pointer Dereference •