CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22055
https://notcve.org/view.php?id=CVE-2021-22055
The SchedulerServer in Vmware photon allows remote attackers to inject logs through \r in the package parameter. Attackers can also insert malicious data and fake entries. El SchedulerServer en Vmware photon permite a atacantes remotos inyectar registrosmedainte \r en el parámetro del paquete. Los atacantes también pueden insertar datos maliciosos y entradas falsas • https://github.com/vmware/photon/wiki/log_injection_vulnerability • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22942 – kernel: failing usercopy allows for use-after-free exploitation
https://notcve.org/view.php?id=CVE-2022-22942
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer. El controlador vmwgfx contiene una vulnerabilidad de escalada de privilegios local que permite a los usuarios sin permisos obtener acceso a archivos abiertos por otros procesos en el sistema a través de un puntero de "archivo" colgante. A use-after-free flaw was found in the Linux kernel’s vmw_execbuf_copy_fence_user function in drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c in vmwgfx. This flaw allows a local attacker with user privileges to cause a privilege escalation problem. If the vmwgfx driver fails to copy the fence_rep object to userland, it tries to recover by deallocating the (already populated) file descriptor. • https://github.com/vmware/photon/wiki/Security-Update-3.0-356 https://github.com/vmware/photon/wiki/Security-Update-4.0-148 https://www.openwall.com/lists/oss-security/2022/01/27/4 https://access.redhat.com/security/cve/CVE-2022-22942 https://bugzilla.redhat.com/show_bug.cgi?id=2044809 • CWE-416: Use After Free •