CVSS: 7.8EPSS: 36%CPEs: 21EXPL: 3CVE-2023-50387 – bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator
https://notcve.org/view.php?id=CVE-2023-50387
13 Feb 2024 — Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. Ciertos aspectos DNSSEC del protocolo DNS (en RFC 4035 y RFC relacionados) permiten a ataca... • https://github.com/knqyf263/CVE-2023-50387 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0CVE-2024-0607 – Kernel: nf_tables: pointer math issue in nft_byteorder_eval()
https://notcve.org/view.php?id=CVE-2024-0607
18 Jan 2024 — A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element corrupting this array of u32. This flaw allows a local user to cause a denial of service or potentially break NetFilter functionality. • https://access.redhat.com/security/cve/CVE-2024-0607 • CWE-229: Improper Handling of Values •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2024-0408 – Xorg-x11-server: selinux unlabeled glx pbuffer
https://notcve.org/view.php?id=CVE-2024-0408
17 Jan 2024 — A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL. Se encontró una falla en el servidor X.Org. El código GLX PBuffer no llama al gancho XACE al crear el bú... • https://access.redhat.com/errata/RHSA-2024:0320 • CWE-158: Improper Neutralization of Null Byte or NUL Character •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-0409 – Xorg-x11-server: selinux context corruption
https://notcve.org/view.php?id=CVE-2024-0409
17 Jan 2024 — A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context. Se encontró una falla en el servidor X.Org. El código del cursor tanto en Xephyr como en Xwayland utiliza el tipo incorrecto de privado en el momento de la creación. • https://access.redhat.com/errata/RHSA-2024:0320 • CWE-787: Out-of-bounds Write •
CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2023-6915 – Kernel: null pointer dereference vulnerability in ida_free in lib/idr.c
https://notcve.org/view.php?id=CVE-2023-6915
15 Jan 2024 — A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return. Se encontró un problema de desreferencia de puntero null en ida_free en lib/idr.c en el kernel de Linux. Este problema puede permitir que un atacante que utilice esta librería cause un problema de denegación de servicio debido a una verificación faltante en el retorno de una función. We... • https://access.redhat.com/errata/RHSA-2024:2394 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 2CVE-2024-0646 – Kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination
https://notcve.org/view.php?id=CVE-2024-0646
12 Jan 2024 — An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system. Se encontró un fallo de escritura de memoria fuera de los límites en la funcionalidad Transport Layer Security del kernel de Linux en la forma en que un usuario llama a una función splice con un socket ktls como destino. este fallo pe... • https://packetstorm.news/files/id/176534 • CWE-787: Out-of-bounds Write •
CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 2CVE-2023-6531 – Kernel: gc's deletion of an skb races with unix_stream_read_generic() leading to uaf
https://notcve.org/view.php?id=CVE-2023-6531
02 Jan 2024 — A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. Se encontró una falla de use-after-free en el kernel de Linux debido a un problema de ejecución en la eliminación de ejecución de SKB por parte del recolector de basura de Unix con unix_stream_read_generic() en el socket en el que el SKB está en cola. This update for the Linux Kernel 5.3.18-150300_59_153 fixes... • https://packetstorm.news/files/id/176533 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-6228 – Libtiff: heap-based buffer overflow in cpstriptotile() in tools/tiffcp.c
https://notcve.org/view.php?id=CVE-2023-6228
18 Dec 2023 — An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash. Se encontró un problema en la utilidad tiffcp distribuida por el paquete libtiff donde un archivo TIFF manipulado durante el procesamiento puede provocar un desbordamiento de búfer de almacenamiento dinámico y provocar un bloqueo de la aplicación. USN-6644-1 fixed vulnerabilities in LibTIFF. This update provides the correspo... • https://access.redhat.com/errata/RHSA-2024:2289 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2023-6377 – Xorg-x11-server: out-of-bounds memory reads/writes in xkb button actions
https://notcve.org/view.php?id=CVE-2023-6377
13 Dec 2023 — A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. Se encontró una falla en xorg-server. Consultar o cambiar las acciones de los botones XKB, como pasar de un panel táctil a un mouse, puede provocar lecturas y escrituras de memoria fuera de los límites. • http://www.openwall.com/lists/oss-security/2023/12/13/1 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 1%CPEs: 17EXPL: 0CVE-2023-6478 – Xorg-x11-server: out-of-bounds memory read in rrchangeoutputproperty and rrchangeproviderproperty
https://notcve.org/view.php?id=CVE-2023-6478
13 Dec 2023 — A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. Se encontró una falla en xorg-server. Una solicitud especialmente manipulada a RRChangeProviderProperty o RRChangeOutputProperty puede desencadenar un desbordamiento de enteros que puede provocar la divulgación de información confidencial. This vulnerability allows local attackers to disclose sensitive info... • http://www.openwall.com/lists/oss-security/2023/12/13/1 • CWE-190: Integer Overflow or Wraparound •