CVE-2020-8945 – proglottis/gpgme: Use-after-free in GPGME bindings during container image pull
https://notcve.org/view.php?id=CVE-2020-8945
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification. El contenedor Proglottis Go versiones anteriores a 0.1.1 para la biblioteca GPGME, presenta un uso de la memoria previamente liberada, como es demostrado por el uso para las extracciones de imágenes de contenedores para Docker o CRI-O. Esto conlleva a un bloqueo o posible ejecución de código durante una comprobación de la firma GPG. A use-after-free vulnerability was found in the Go GPGME wrapper library, github.com/proglottis/gpgme. • https://access.redhat.com/errata/RHSA-2020:0679 https://access.redhat.com/errata/RHSA-2020:0689 https://access.redhat.com/errata/RHSA-2020:0697 https://bugzilla.redhat.com/show_bug.cgi?id=1795838 https://github.com/containers/image/commit/4c7a23f82ef09127b0ff28366d1cf31316dd6cc1 https://github.com/proglottis/gpgme/compare/v0.1.0...v0.1.1 https://github.com/proglottis/gpgme/pull/23 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIF • CWE-416: Use After Free •
CVE-2019-15718 – systemd: systemd-resolved allows unprivileged users to configure DNS
https://notcve.org/view.php?id=CVE-2019-15718
In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus methods that should be restricted to privileged users, in order to change the system's DNS resolver settings. En systemd versión 240, la función bus_open_system_watch_bind_with_description en el archivo shared/bus-util.c (como es usado en systemd-resolve para conectarse a la instancia del sistema D-Bus), llama a sd_bus_set_trusted, lo que deshabilita los controles de acceso para los mensajes entrantes de D-Bus. Un usuario no privilegiado puede explotar esto mediante la ejecución de métodos D-Bus que deberían estar restringidos para usuarios con privilegios, para cambiar la configuración de la resolución DNS. An improper authorization flaw was discovered in systemd-resolved in the way it configures the exposed DBus interface org.freedesktop.resolve1. • http://www.openwall.com/lists/oss-security/2019/09/03/1 https://access.redhat.com/errata/RHSA-2019:3592 https://access.redhat.com/errata/RHSA-2019:3941 https://bugzilla.redhat.com/show_bug.cgi?id=1746057 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRE5IS24XTF5WNZGH2L7GSQJKARBOEGL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIKGKXZ5OEGOEYURHLJHEMFYNLEGAW5B https://lists.fedoraproject.org/archives/list/package-announce% • CWE-285: Improper Authorization •