Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2022-0515
Vulnerability from csaf_certbund
Published
2022-06-29 22:00
Modified
2023-06-08 22:00
Summary
IBM Spectrum Protect: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Spectrum Protect ist eine zentralisierte Backuplösung für Systeme im Netzwerk.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Windows
- Sonstiges
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "IBM Spectrum Protect ist eine zentralisierte Backupl\u00f6sung f\u00fcr Systeme im Netzwerk.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- MacOS X\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2022-0515 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0515.json" }, { "category": "self", "summary": "WID-SEC-2022-0515 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0515" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6151-1 vom 2023-06-09", "url": "https://ubuntu.com/security/notices/USN-6151-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-5984-1 vom 2023-03-29", "url": "https://www.cybersecurity-help.cz/vdb/SB2023032948" }, { "category": "external", "summary": "IBM Security Advisory vom 2022-06-29", "url": "https://www.ibm.com/support/pages/node/6596399" }, { "category": "external", "summary": "IBM Security Advisory vom 2022-06-29", "url": "https://www.ibm.com/support/pages/node/6596907" }, { "category": "external", "summary": "IBM Security Advisory vom 2022-06-29", "url": "https://www.ibm.com/support/pages/node/6596881" }, { "category": "external", "summary": "IBM Security Advisory vom 2022-06-29", "url": "https://www.ibm.com/support/pages/node/6596741" }, { "category": "external", "summary": "IBM Security Advisory vom 2022-06-29", "url": "https://www.ibm.com/support/pages/node/6596883" }, { "category": "external", "summary": "IBM Security Advisory vom 2022-06-29", "url": "https://www.ibm.com/support/pages/node/6596971" }, { "category": "external", "summary": "IBM Security Advisory vom 2022-06-29", "url": "https://www.ibm.com/support/pages/node/6596895" }, { "category": "external", "summary": "IBM Security Advisory vom 2022-06-29", "url": "https://www.ibm.com/support/pages/node/6596379" }, { "category": "external", "summary": "IBM Security Advisory vom 2022-06-29", "url": "https://www.ibm.com/support/pages/node/6596877" }, { "category": "external", "summary": "IBM Security Advisory vom 2022-06-29", "url": "https://www.ibm.com/support/pages/node/6596875" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2022-027 vom 2022-07-21", "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-027.html" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2022-029 vom 2022-07-21", "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-029.html" }, { "category": "external", "summary": "IBM Security Bulletin 6618019 vom 2022-09-03", "url": "https://www.ibm.com/blogs/psirt/security-bulletin-information-disclosure-and-denial-of-service-vulnerabilities-in-the-ibm-spectrum-protect-backup-archive-client-may-affect-ibm-spectrum-protect-for-space-management-cve-2022-22478/" } ], "source_lang": "en-US", "title": "IBM Spectrum Protect: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-06-08T22:00:00.000+00:00", "generator": { "date": "2024-02-15T16:50:32.847+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2022-0515", "initial_release_date": "2022-06-29T22:00:00.000+00:00", "revision_history": [ { "date": "2022-06-29T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2022-07-20T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Amazon aufgenommen" }, { "date": "2022-09-04T22:00:00.000+00:00", "number": "3", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2023-03-29T22:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2023-06-08T22:00:00.000+00:00", "number": "5", "summary": "Neue Updates von Ubuntu aufgenommen" } ], "status": "final", "version": "5" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "398363", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM Spectrum Protect 8.1", "product": { "name": "IBM Spectrum Protect 8.1", "product_id": "T010033", "product_identification_helper": { "cpe": "cpe:/a:ibm:spectrum_protect:8.1" } } }, { "category": "product_name", "name": "IBM Spectrum Protect 10.1", "product": { "name": "IBM Spectrum Protect 10.1", "product_id": "T023649", "product_identification_helper": { "cpe": "cpe:/a:ibm:spectrum_protect:10.1" } } } ], "category": "product_name", "name": "Spectrum Protect" } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-25704", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2020-25704" }, { "cve": "CVE-2020-29368", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2020-29368" }, { "cve": "CVE-2020-36322", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2020-36322" }, { "cve": "CVE-2020-36385", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2020-36385" }, { "cve": "CVE-2021-20269", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-20269" }, { "cve": "CVE-2021-20321", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-20321" }, { "cve": "CVE-2021-20322", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-20322" }, { "cve": "CVE-2021-21781", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-21781" }, { "cve": "CVE-2021-28950", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-28950" }, { "cve": "CVE-2021-28971", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-28971" }, { "cve": "CVE-2021-29650", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-29650" }, { "cve": "CVE-2021-31916", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-31916" }, { "cve": "CVE-2021-35550", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-35550" }, { "cve": "CVE-2021-35603", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-35603" }, { "cve": "CVE-2021-3573", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-3573" }, { "cve": "CVE-2021-3635", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-3635" }, { "cve": "CVE-2021-3669", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-3669" }, { "cve": "CVE-2021-3764", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-3764" }, { "cve": "CVE-2021-38201", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-38201" }, { "cve": "CVE-2021-38561", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-38561" }, { "cve": "CVE-2021-4002", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-4002" }, { "cve": "CVE-2021-4028", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-4028" }, { "cve": "CVE-2021-4083", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-4083" }, { "cve": "CVE-2021-4154", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-4154" }, { "cve": "CVE-2021-4155", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-4155" }, { "cve": "CVE-2021-4157", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-4157" }, { "cve": "CVE-2021-41864", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-41864" }, { "cve": "CVE-2021-4197", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-4197" }, { "cve": "CVE-2021-4203", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-4203" }, { "cve": "CVE-2021-43565", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-43565" }, { "cve": "CVE-2021-44733", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-44733" }, { "cve": "CVE-2021-45485", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-45485" }, { "cve": "CVE-2021-45486", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2021-45486" }, { "cve": "CVE-2022-0185", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-0185" }, { "cve": "CVE-2022-0286", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-0286" }, { "cve": "CVE-2022-0492", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-0492" }, { "cve": "CVE-2022-0778", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-0778" }, { "cve": "CVE-2022-0847", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-0847" }, { "cve": "CVE-2022-0850", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-0850" }, { "cve": "CVE-2022-1011", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-1011" }, { "cve": "CVE-2022-22472", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-22472" }, { "cve": "CVE-2022-22474", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-22474" }, { "cve": "CVE-2022-22478", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-22478" }, { "cve": "CVE-2022-22487", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-22487" }, { "cve": "CVE-2022-22494", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-22494" }, { "cve": "CVE-2022-22496", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-22496" }, { "cve": "CVE-2022-22942", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-22942" }, { "cve": "CVE-2022-24675", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-24675" }, { "cve": "CVE-2022-24842", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-24842" }, { "cve": "CVE-2022-27536", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-27536" }, { "cve": "CVE-2022-28327", "notes": [ { "category": "description", "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T023649", "T000126", "T010033", "398363" ] }, "release_date": "2022-06-29T22:00:00Z", "title": "CVE-2022-28327" } ] }
cve-2022-0185
Vulnerability from cvelistv5
Published
2022-02-11 17:40
Modified
2024-08-22 12:49
Severity ?
EPSS score ?
Summary
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.
References
▼ | URL | Tags |
---|---|---|
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2 | x_refsource_MISC | |
https://github.com/Crusaders-of-Rust/CVE-2022-0185 | x_refsource_MISC | |
https://www.openwall.com/lists/oss-security/2022/01/18/7 | x_refsource_MISC | |
https://www.willsroot.io/2022/01/cve-2022-0185.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20220225-0003/ | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:18:42.536Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/Crusaders-of-Rust/CVE-2022-0185" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2022/01/18/7" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.willsroot.io/2022/01/cve-2022-0185.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220225-0003/" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "8.4" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "dateAdded": "2024-08-21", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json" }, "type": "kev" } }, { "other": { "content": { "id": "CVE-2022-0185", "options": [ { "Exploitation": "active" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-22T12:49:08.646375Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-22T12:49:16.141Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "8.4" } ] } ], "descriptions": [ { "lang": "en", "value": "A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-190", "description": "Integer Overflow or Wraparound CWE-190", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-02-25T09:06:15", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/Crusaders-of-Rust/CVE-2022-0185" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.openwall.com/lists/oss-security/2022/01/18/7" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.willsroot.io/2022/01/cve-2022-0185.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220225-0003/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-0185", "datePublished": "2022-02-11T17:40:57", "dateReserved": "2022-01-11T00:00:00", "dateUpdated": "2024-08-22T12:49:16.141Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-22942
Vulnerability from cvelistv5
Published
2023-12-13 08:16
Modified
2024-08-03 03:28
Severity ?
EPSS score ?
Summary
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:28:42.652Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/vmware/photon/wiki/Security-Update-3.0-356" }, { "tags": [ "x_transferred" ], "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-148" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2022/01/27/4" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Photon OS", "vendor": "n/a", "versions": [ { "status": "affected", "version": "3.0, 4.0" } ] } ], "datePublic": "2022-01-27T07:06:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling \u0027file\u0027 pointer." } ], "value": "The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling \u0027file\u0027 pointer." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Privilege escalation", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-13T08:17:05.068Z", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware" }, "references": [ { "url": "https://github.com/vmware/photon/wiki/Security-Update-3.0-356" }, { "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-148" }, { "url": "https://www.openwall.com/lists/oss-security/2022/01/27/4" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2022-22942", "datePublished": "2023-12-13T08:16:34.363Z", "dateReserved": "2022-01-10T15:34:55.706Z", "dateUpdated": "2024-08-03T03:28:42.652Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-20269
Vulnerability from cvelistv5
Published
2022-03-09 16:29
Modified
2024-08-03 17:37
Severity ?
EPSS score ?
Summary
A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read this file and leak kernel internal information from a previous panic. The highest threat from this vulnerability is to confidentiality. This flaw affects kexec-tools shipped by Fedora versions prior to 2.0.21-8 and RHEL versions prior to 2.0.20-47.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1934261 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | kexec-tools |
Version: Fedora kexec-tools versions prior to 2.0.21-8 and RHEL kexec-tools versions prior to 2.0.20-47 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:37:23.203Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934261" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kexec-tools", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fedora kexec-tools versions prior to 2.0.21-8 and RHEL kexec-tools versions prior to 2.0.20-47" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read this file and leak kernel internal information from a previous panic. The highest threat from this vulnerability is to confidentiality. This flaw affects kexec-tools shipped by Fedora versions prior to 2.0.21-8 and RHEL versions prior to 2.0.20-47." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-276", "description": "CWE-276", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-03-09T16:29:47", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934261" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-20269", "datePublished": "2022-03-09T16:29:47", "dateReserved": "2020-12-17T00:00:00", "dateUpdated": "2024-08-03T17:37:23.203Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-36322
Vulnerability from cvelistv5
Published
2021-04-14 00:00
Modified
2024-08-04 17:23
Severity ?
EPSS score ?
Summary
An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:23:10.386Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d069dbe8aaf2a197142558b6fb2978189ba3454" }, { "tags": [ "x_transferred" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.6" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5096" }, { "tags": [ "x_transferred" ], "url": "https://www.starwindsoftware.com/security/sw-20220816-0001/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-11T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d069dbe8aaf2a197142558b6fb2978189ba3454" }, { "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.6" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5096" }, { "url": "https://www.starwindsoftware.com/security/sw-20220816-0001/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-36322", "datePublished": "2021-04-14T00:00:00", "dateReserved": "2021-04-14T00:00:00", "dateUpdated": "2024-08-04T17:23:10.386Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-43565
Vulnerability from cvelistv5
Published
2022-09-06 17:03
Modified
2024-08-04 04:03
Severity ?
EPSS score ?
Summary
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
References
▼ | URL | Tags |
---|---|---|
https://groups.google.com/forum/#%21forum/golang-announce | x_refsource_MISC | |
https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T04:03:07.828Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://groups.google.com/forum/#%21forum/golang-announce" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-09-06T17:03:42", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://groups.google.com/forum/#%21forum/golang-announce" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-43565", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://groups.google.com/forum/#!forum/golang-announce", "refsource": "MISC", "url": "https://groups.google.com/forum/#!forum/golang-announce" }, { "name": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs", "refsource": "CONFIRM", "url": "https://groups.google.com/g/golang-announce/c/2AR1sKiM-Qs" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-43565", "datePublished": "2022-09-06T17:03:42", "dateReserved": "2021-11-09T00:00:00", "dateUpdated": "2024-08-04T04:03:07.828Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4155
Vulnerability from cvelistv5
Published
2022-08-24 15:10
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them.
References
▼ | URL | Tags |
---|---|---|
https://www.openwall.com/lists/oss-security/2022/01/10/1 | x_refsource_MISC | |
https://bugzilla.redhat.com/show_bug.cgi?id=2034813 | x_refsource_MISC | |
https://access.redhat.com/security/cve/CVE-2021-4155 | x_refsource_MISC | |
https://security-tracker.debian.org/tracker/CVE-2021-4155 | x_refsource_MISC | |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.255Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2022/01/10/1" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2021-4155" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/CVE-2021-4155" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in Kernel v5.16" } ] } ], "descriptions": [ { "lang": "en", "value": "A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-131", "description": "CWE-131 - Incorrect Calculation of Buffer Size", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-24T15:10:19", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.openwall.com/lists/oss-security/2022/01/10/1" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813" }, { "tags": [ "x_refsource_MISC" ], "url": "https://access.redhat.com/security/cve/CVE-2021-4155" }, { "tags": [ "x_refsource_MISC" ], "url": "https://security-tracker.debian.org/tracker/CVE-2021-4155" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-4155", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "kernel", "version": { "version_data": [ { "version_value": "Fixed in Kernel v5.16" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-131 - Incorrect Calculation of Buffer Size" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.openwall.com/lists/oss-security/2022/01/10/1", "refsource": "MISC", "url": "https://www.openwall.com/lists/oss-security/2022/01/10/1" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034813" }, { "name": "https://access.redhat.com/security/cve/CVE-2021-4155", "refsource": "MISC", "url": "https://access.redhat.com/security/cve/CVE-2021-4155" }, { "name": "https://security-tracker.debian.org/tracker/CVE-2021-4155", "refsource": "MISC", "url": "https://security-tracker.debian.org/tracker/CVE-2021-4155" }, { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=983d8e60f50806f90534cc5373d0ce867e5aaf79" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-4155", "datePublished": "2022-08-24T15:10:19", "dateReserved": "2021-12-22T00:00:00", "dateUpdated": "2024-08-03T17:16:04.255Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-35603
Vulnerability from cvelistv5
Published
2021-10-20 10:50
Modified
2024-08-04 00:40
Severity ?
EPSS score ?
Summary
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Java SE JDK and JRE |
Version: Java SE:7u311 Version: Java SE:8u301 Version: Java SE:11.0.12 Version: Java SE:17 Version: Oracle GraalVM Enterprise Edition:20.3.3 Version: Oracle GraalVM Enterprise Edition:21.2.0 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-35603", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-18T17:52:57.786974Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-18T17:53:05.342Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T00:40:47.480Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211022-0004/" }, { "name": "FEDORA-2021-7701833090", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "name": "FEDORA-2021-1cc8ffd122", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "name": "FEDORA-2021-107c8c5063", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "name": "DSA-5000", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "name": "DSA-5012", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "name": "GLSA-202209-05", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Java SE JDK and JRE", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "Java SE:7u311" }, { "status": "affected", "version": "Java SE:8u301" }, { "status": "affected", "version": "Java SE:11.0.12" }, { "status": "affected", "version": "Java SE:17" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:20.3.3" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:21.2.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Oracle GraalVM Enterprise Edition accessible data.", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-21T19:07:44.582774", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "url": "https://security.netapp.com/advisory/ntap-20211022-0004/" }, { "name": "FEDORA-2021-7701833090", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "name": "FEDORA-2021-1cc8ffd122", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "name": "FEDORA-2021-107c8c5063", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "name": "DSA-5000", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "name": "DSA-5012", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "name": "GLSA-202209-05", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2021-35603", "datePublished": "2021-10-20T10:50:43", "dateReserved": "2021-06-28T00:00:00", "dateUpdated": "2024-08-04T00:40:47.480Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-24675
Vulnerability from cvelistv5
Published
2022-04-20 00:00
Modified
2024-08-03 04:20
Severity ?
EPSS score ?
Summary
encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:20:49.135Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8" }, { "name": "FEDORA-2022-a49babed75", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/" }, { "name": "FEDORA-2022-c0f780ecf1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/" }, { "name": "FEDORA-2022-e46e6e8317", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/" }, { "name": "FEDORA-2022-fae3ecee19", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/" }, { "name": "FEDORA-2022-ba365d3703", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "name": "FEDORA-2022-30c5ed5625", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220915-0010/" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-14T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://groups.google.com/g/golang-announce" }, { "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8" }, { "name": "FEDORA-2022-a49babed75", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/" }, { "name": "FEDORA-2022-c0f780ecf1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/" }, { "name": "FEDORA-2022-e46e6e8317", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/" }, { "name": "FEDORA-2022-fae3ecee19", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/" }, { "name": "FEDORA-2022-ba365d3703", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "name": "FEDORA-2022-30c5ed5625", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/" }, { "url": "https://security.netapp.com/advisory/ntap-20220915-0010/" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-24675", "datePublished": "2022-04-20T00:00:00", "dateReserved": "2022-02-08T00:00:00", "dateUpdated": "2024-08-03T04:20:49.135Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-29368
Vulnerability from cvelistv5
Published
2020-11-28 06:20
Modified
2024-08-04 16:48
Severity ?
EPSS score ?
Summary
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
References
▼ | URL | Tags |
---|---|---|
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.5 | x_refsource_MISC | |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c444eb564fb16645c172d550359cb3d75fe8a040 | x_refsource_MISC | |
https://bugs.chromium.org/p/project-zero/issues/detail?id=2045 | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20210108-0002/ | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T16:48:01.651Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.5" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c444eb564fb16645c172d550359cb3d75fe8a040" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2045" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210108-0002/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-01-08T11:06:18", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.5" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c444eb564fb16645c172d550359cb3d75fe8a040" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2045" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210108-0002/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-29368", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.5", "refsource": "MISC", "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.5" }, { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c444eb564fb16645c172d550359cb3d75fe8a040", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c444eb564fb16645c172d550359cb3d75fe8a040" }, { "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2045", "refsource": "MISC", "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2045" }, { "name": "https://security.netapp.com/advisory/ntap-20210108-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210108-0002/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-29368", "datePublished": "2020-11-28T06:20:26", "dateReserved": "2020-11-28T00:00:00", "dateUpdated": "2024-08-04T16:48:01.651Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0286
Vulnerability from cvelistv5
Published
2022-01-31 15:57
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:25:40.240Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-25T16:44:23", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40" }, { "tags": [ "x_refsource_MISC" ], "url": "https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2022-0286", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40" }, { "name": "https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626", "refsource": "MISC", "url": "https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626" }, { "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-0286", "datePublished": "2022-01-31T15:57:34", "dateReserved": "2022-01-19T00:00:00", "dateUpdated": "2024-08-02T23:25:40.240Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-44733
Vulnerability from cvelistv5
Published
2021-12-22 00:00
Modified
2024-08-04 04:32
Severity ?
EPSS score ?
Summary
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T04:32:12.309Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/drivers/tee/tee_shm.c" }, { "tags": [ "x_transferred" ], "url": "https://lore.kernel.org/lkml/20211215092501.1861229-1-jens.wiklander%40linaro.org/" }, { "tags": [ "x_transferred" ], "url": "https://github.com/pjlantz/optee-qemu/blob/main/README.md" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220114-0003/" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5096" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfd0743f1d9ea76931510ed150334d571fbab49d" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-25T00:39:22.799772", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/drivers/tee/tee_shm.c" }, { "url": "https://lore.kernel.org/lkml/20211215092501.1861229-1-jens.wiklander%40linaro.org/" }, { "url": "https://github.com/pjlantz/optee-qemu/blob/main/README.md" }, { "url": "https://security.netapp.com/advisory/ntap-20220114-0003/" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5096" }, { "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfd0743f1d9ea76931510ed150334d571fbab49d" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-44733", "datePublished": "2021-12-22T00:00:00", "dateReserved": "2021-12-08T00:00:00", "dateUpdated": "2024-08-04T04:32:12.309Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-28971
Vulnerability from cvelistv5
Published
2021-03-22 16:53
Modified
2024-08-03 21:55
Severity ?
EPSS score ?
Summary
In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.
References
▼ | URL | Tags |
---|---|---|
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d88d05a9e0b6d9356e97129d4ff9942d765f46ea | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTRNPQTZ4GVS46SZ4OBXY5YDOGVPSTGQ/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/ | vendor-advisory, x_refsource_FEDORA | |
https://security.netapp.com/advisory/ntap-20210430-0003/ | x_refsource_CONFIRM | |
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html | mailing-list, x_refsource_MLIST | |
https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html | mailing-list, x_refsource_MLIST |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T21:55:12.300Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d88d05a9e0b6d9356e97129d4ff9942d765f46ea" }, { "name": "FEDORA-2021-e636ce53df", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTRNPQTZ4GVS46SZ4OBXY5YDOGVPSTGQ/" }, { "name": "FEDORA-2021-68b0dd2373", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3/" }, { "name": "FEDORA-2021-9503fffad9", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210430-0003/" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-23T01:07:53", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d88d05a9e0b6d9356e97129d4ff9942d765f46ea" }, { "name": "FEDORA-2021-e636ce53df", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTRNPQTZ4GVS46SZ4OBXY5YDOGVPSTGQ/" }, { "name": "FEDORA-2021-68b0dd2373", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3/" }, { "name": "FEDORA-2021-9503fffad9", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210430-0003/" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-28971", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d88d05a9e0b6d9356e97129d4ff9942d765f46ea", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d88d05a9e0b6d9356e97129d4ff9942d765f46ea" }, { "name": "FEDORA-2021-e636ce53df", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTRNPQTZ4GVS46SZ4OBXY5YDOGVPSTGQ/" }, { "name": "FEDORA-2021-68b0dd2373", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3/" }, { "name": "FEDORA-2021-9503fffad9", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/" }, { "name": "https://security.netapp.com/advisory/ntap-20210430-0003/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210430-0003/" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-28971", "datePublished": "2021-03-22T16:53:28", "dateReserved": "2021-03-22T00:00:00", "dateUpdated": "2024-08-03T21:55:12.300Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0850
Vulnerability from cvelistv5
Published
2022-08-29 14:03
Modified
2024-08-02 23:40
Severity ?
EPSS score ?
Summary
A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2060606 | x_refsource_MISC | |
https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8 | x_refsource_MISC | |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe | x_refsource_MISC | |
https://access.redhat.com/security/cve/CVE-2022-0850 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:40:04.478Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060606" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2022-0850" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in kernel v5.14 rc1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor.", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-29T14:03:05", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060606" }, { "tags": [ "x_refsource_MISC" ], "url": "https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe" }, { "tags": [ "x_refsource_MISC" ], "url": "https://access.redhat.com/security/cve/CVE-2022-0850" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2022-0850", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "kernel", "version": { "version_data": [ { "version_value": "Fixed in kernel v5.14 rc1" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor." } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2060606", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060606" }, { "name": "https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8", "refsource": "MISC", "url": "https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8" }, { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe" }, { "name": "https://access.redhat.com/security/cve/CVE-2022-0850", "refsource": "MISC", "url": "https://access.redhat.com/security/cve/CVE-2022-0850" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-0850", "datePublished": "2022-08-29T14:03:05", "dateReserved": "2022-03-04T00:00:00", "dateUpdated": "2024-08-02T23:40:04.478Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-24842
Vulnerability from cvelistv5
Published
2022-04-12 17:20
Modified
2024-08-03 04:20
Severity ?
EPSS score ?
Summary
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. A security issue was found where an non-admin user is able to create service accounts for root or other admin users and then is able to assume their access policies via the generated credentials. This in turn allows the user to escalate privilege to that of the root user. This vulnerability has been resolved in pull request #14729 and is included in `RELEASE.2022-04-12T06-55-35Z`. Users unable to upgrade may workaround this issue by explicitly adding a `admin:CreateServiceAccount` deny policy, however, this, in turn, denies the user the ability to create their own service accounts as well.
References
▼ | URL | Tags |
---|---|---|
https://github.com/minio/minio/security/advisories/GHSA-2j69-jjmg-534q | x_refsource_CONFIRM | |
https://github.com/minio/minio/pull/14729 | x_refsource_MISC | |
https://github.com/minio/minio/commit/66b14a0d32684d527ae8018dc6d9d46ccce58ae3 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:20:50.468Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/minio/minio/security/advisories/GHSA-2j69-jjmg-534q" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/minio/minio/pull/14729" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/minio/minio/commit/66b14a0d32684d527ae8018dc6d9d46ccce58ae3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "minio", "vendor": "minio", "versions": [ { "status": "affected", "version": "\u003c RELEASE.2022-04-12T06-55-35Z" } ] } ], "descriptions": [ { "lang": "en", "value": "MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. A security issue was found where an non-admin user is able to create service accounts for root or other admin users and then is able to assume their access policies via the generated credentials. This in turn allows the user to escalate privilege to that of the root user. This vulnerability has been resolved in pull request #14729 and is included in `RELEASE.2022-04-12T06-55-35Z`. Users unable to upgrade may workaround this issue by explicitly adding a `admin:CreateServiceAccount` deny policy, however, this, in turn, denies the user the ability to create their own service accounts as well." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-269", "description": "CWE-269: Improper Privilege Management", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-12T17:20:18", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/minio/minio/security/advisories/GHSA-2j69-jjmg-534q" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/minio/minio/pull/14729" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/minio/minio/commit/66b14a0d32684d527ae8018dc6d9d46ccce58ae3" } ], "source": { "advisory": "GHSA-2j69-jjmg-534q", "discovery": "UNKNOWN" }, "title": "Improper Privilege Management in MinIO", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-24842", "STATE": "PUBLIC", "TITLE": "Improper Privilege Management in MinIO" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "minio", "version": { "version_data": [ { "version_value": "\u003c RELEASE.2022-04-12T06-55-35Z" } ] } } ] }, "vendor_name": "minio" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. A security issue was found where an non-admin user is able to create service accounts for root or other admin users and then is able to assume their access policies via the generated credentials. This in turn allows the user to escalate privilege to that of the root user. This vulnerability has been resolved in pull request #14729 and is included in `RELEASE.2022-04-12T06-55-35Z`. Users unable to upgrade may workaround this issue by explicitly adding a `admin:CreateServiceAccount` deny policy, however, this, in turn, denies the user the ability to create their own service accounts as well." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-269: Improper Privilege Management" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/minio/minio/security/advisories/GHSA-2j69-jjmg-534q", "refsource": "CONFIRM", "url": "https://github.com/minio/minio/security/advisories/GHSA-2j69-jjmg-534q" }, { "name": "https://github.com/minio/minio/pull/14729", "refsource": "MISC", "url": "https://github.com/minio/minio/pull/14729" }, { "name": "https://github.com/minio/minio/commit/66b14a0d32684d527ae8018dc6d9d46ccce58ae3", "refsource": "MISC", "url": "https://github.com/minio/minio/commit/66b14a0d32684d527ae8018dc6d9d46ccce58ae3" } ] }, "source": { "advisory": "GHSA-2j69-jjmg-534q", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-24842", "datePublished": "2022-04-12T17:20:18", "dateReserved": "2022-02-10T00:00:00", "dateUpdated": "2024-08-03T04:20:50.468Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4197
Vulnerability from cvelistv5
Published
2022-03-23 19:46
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2035652 | x_refsource_MISC | |
https://lore.kernel.org/lkml/20211209214707.805617-1-tj%40kernel.org/T/ | x_refsource_MISC | |
https://www.debian.org/security/2022/dsa-5127 | vendor-advisory, x_refsource_DEBIAN | |
https://www.debian.org/security/2022/dsa-5173 | vendor-advisory, x_refsource_DEBIAN | |
https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20220602-0006/ | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.250Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035652" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://lore.kernel.org/lkml/20211209214707.805617-1-tj%40kernel.org/T/" }, { "name": "DSA-5127", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5127" }, { "name": "DSA-5173", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5173" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220602-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Linux kernel 5.17-rc1" } ] } ], "descriptions": [ { "lang": "en", "value": "An unprivileged write to the file handler flaw in the Linux kernel\u0027s control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-287", "description": "CWE-287", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-25T16:43:38", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035652" }, { "tags": [ "x_refsource_MISC" ], "url": "https://lore.kernel.org/lkml/20211209214707.805617-1-tj%40kernel.org/T/" }, { "name": "DSA-5127", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5127" }, { "name": "DSA-5173", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5173" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220602-0006/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-4197", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "kernel", "version": { "version_data": [ { "version_value": "Linux kernel 5.17-rc1" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An unprivileged write to the file handler flaw in the Linux kernel\u0027s control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-287" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2035652", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035652" }, { "name": "https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/", "refsource": "MISC", "url": "https://lore.kernel.org/lkml/20211209214707.805617-1-tj@kernel.org/T/" }, { "name": "DSA-5127", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5127" }, { "name": "DSA-5173", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5173" }, { "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "https://security.netapp.com/advisory/ntap-20220602-0006/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220602-0006/" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-4197", "datePublished": "2022-03-23T19:46:43", "dateReserved": "2022-01-03T00:00:00", "dateUpdated": "2024-08-03T17:16:04.250Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3764
Vulnerability from cvelistv5
Published
2022-08-23 15:52
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.
References
▼ | URL | Tags |
---|---|---|
https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680 | x_refsource_MISC | |
https://security-tracker.debian.org/tracker/CVE-2021-3764 | x_refsource_MISC | |
https://bugzilla.redhat.com/show_bug.cgi?id=1997467 | x_refsource_MISC | |
https://access.redhat.com/security/cve/CVE-2021-3764 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Linux Kernel |
Version: Fixed in v5.15-rc4 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:08.677Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/CVE-2021-3764" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997467" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2021-3764" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Linux Kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in v5.15-rc4" } ] } ], "descriptions": [ { "lang": "en", "value": "A memory leak flaw was found in the Linux kernel\u0027s ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400 - Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-23T15:52:14", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680" }, { "tags": [ "x_refsource_MISC" ], "url": "https://security-tracker.debian.org/tracker/CVE-2021-3764" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997467" }, { "tags": [ "x_refsource_MISC" ], "url": "https://access.redhat.com/security/cve/CVE-2021-3764" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-3764", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Linux Kernel", "version": { "version_data": [ { "version_value": "Fixed in v5.15-rc4" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A memory leak flaw was found in the Linux kernel\u0027s ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-400 - Uncontrolled Resource Consumption" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680" }, { "name": "https://security-tracker.debian.org/tracker/CVE-2021-3764", "refsource": "MISC", "url": "https://security-tracker.debian.org/tracker/CVE-2021-3764" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1997467", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997467" }, { "name": "https://access.redhat.com/security/cve/CVE-2021-3764", "refsource": "MISC", "url": "https://access.redhat.com/security/cve/CVE-2021-3764" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-3764", "datePublished": "2022-08-23T15:52:14", "dateReserved": "2021-09-03T00:00:00", "dateUpdated": "2024-08-03T17:09:08.677Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-36385
Vulnerability from cvelistv5
Published
2021-06-07 00:00
Modified
2024-08-04 17:23
Severity ?
EPSS score ?
Summary
An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:23:10.459Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://syzkaller.appspot.com/bug?id=457491c4672d7b52c1007db213d93e47c711fae6" }, { "tags": [ "x_transferred" ], "url": "https://sites.google.com/view/syzscope/kasan-use-after-free-read-in-ucma_close-2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f5449e74802c1112dea984aec8af7a33c4516af1" }, { "tags": [ "x_transferred" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210720-0004/" }, { "tags": [ "x_transferred" ], "url": "https://www.starwindsoftware.com/security/sw-20220802-0002/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-11T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://syzkaller.appspot.com/bug?id=457491c4672d7b52c1007db213d93e47c711fae6" }, { "url": "https://sites.google.com/view/syzscope/kasan-use-after-free-read-in-ucma_close-2" }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f5449e74802c1112dea984aec8af7a33c4516af1" }, { "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10" }, { "url": "https://security.netapp.com/advisory/ntap-20210720-0004/" }, { "url": "https://www.starwindsoftware.com/security/sw-20220802-0002/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-36385", "datePublished": "2021-06-07T00:00:00", "dateReserved": "2021-06-07T00:00:00", "dateUpdated": "2024-08-04T17:23:10.459Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4028
Vulnerability from cvelistv5
Published
2022-08-24 00:00
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.248Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://lkml.org/lkml/2021/10/4/697" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc0bdc5afaa74" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027201" }, { "tags": [ "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2021-4028" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193167#c0" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221228-0002/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in kernel 5.15-rc1" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw in the Linux kernel\u0027s implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416 - Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-28T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://lkml.org/lkml/2021/10/4/697" }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc0bdc5afaa74" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027201" }, { "url": "https://access.redhat.com/security/cve/CVE-2021-4028" }, { "url": "https://bugzilla.suse.com/show_bug.cgi?id=1193167#c0" }, { "url": "https://security.netapp.com/advisory/ntap-20221228-0002/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-4028", "datePublished": "2022-08-24T00:00:00", "dateReserved": "2021-11-29T00:00:00", "dateUpdated": "2024-08-03T17:16:04.248Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3635
Vulnerability from cvelistv5
Published
2021-08-13 13:22
Modified
2024-08-03 17:01
Severity ?
EPSS score ?
Summary
A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1976946 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:01:08.141Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1976946" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "kernel 5.5-rc7" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-119", "description": "CWE-119", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-13T13:22:05", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1976946" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-3635", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "kernel", "version": { "version_data": [ { "version_value": "kernel 5.5-rc7" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-119" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1976946", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1976946" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-3635", "datePublished": "2021-08-13T13:22:05", "dateReserved": "2021-07-02T00:00:00", "dateUpdated": "2024-08-03T17:01:08.141Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-38561
Vulnerability from cvelistv5
Published
2022-12-26 00:00
Modified
2024-08-04 01:44
Severity ?
EPSS score ?
Summary
golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T01:44:23.541Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce" }, { "tags": [ "x_transferred" ], "url": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f" }, { "tags": [ "x_transferred" ], "url": "https://deps.dev/advisory/OSV/GO-2021-0113" }, { "tags": [ "x_transferred" ], "url": "https://pkg.go.dev/golang.org/x/text/language" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-26T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://groups.google.com/g/golang-announce" }, { "url": "https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f" }, { "url": "https://deps.dev/advisory/OSV/GO-2021-0113" }, { "url": "https://pkg.go.dev/golang.org/x/text/language" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-38561", "datePublished": "2022-12-26T00:00:00", "dateReserved": "2021-08-11T00:00:00", "dateUpdated": "2024-08-04T01:44:23.541Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-38201
Vulnerability from cvelistv5
Published
2021-08-08 19:26
Modified
2024-08-04 01:37
Severity ?
EPSS score ?
Summary
net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.
References
▼ | URL | Tags |
---|---|---|
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4 | x_refsource_MISC | |
https://github.com/torvalds/linux/commit/6d1c0f3d28f98ea2736128ed3e46821496dc3a8c | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20210902-0010/ | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T01:37:16.300Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/6d1c0f3d28f98ea2736128ed3e46821496dc3a8c" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210902-0010/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-09-02T08:06:44", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/torvalds/linux/commit/6d1c0f3d28f98ea2736128ed3e46821496dc3a8c" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210902-0010/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-38201", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4", "refsource": "MISC", "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4" }, { "name": "https://github.com/torvalds/linux/commit/6d1c0f3d28f98ea2736128ed3e46821496dc3a8c", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/6d1c0f3d28f98ea2736128ed3e46821496dc3a8c" }, { "name": "https://security.netapp.com/advisory/ntap-20210902-0010/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210902-0010/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-38201", "datePublished": "2021-08-08T19:26:54", "dateReserved": "2021-08-08T00:00:00", "dateUpdated": "2024-08-04T01:37:16.300Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-31916
Vulnerability from cvelistv5
Published
2021-05-06 16:14
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1946965 | x_refsource_MISC | |
https://github.com/torvalds/linux/commit/4edbe1d7bcffcd6269f3b5eb63f710393ff2ec7a | x_refsource_MISC | |
https://seclists.org/oss-sec/2021/q1/268 | x_refsource_MISC | |
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html | mailing-list, x_refsource_MLIST | |
https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html | mailing-list, x_refsource_MLIST |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:10:30.921Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946965" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/4edbe1d7bcffcd6269f3b5eb63f710393ff2ec7a" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://seclists.org/oss-sec/2021/q1/268" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Kernel 5.12" } ] } ], "descriptions": [ { "lang": "en", "value": "An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-23T01:07:37", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946965" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/torvalds/linux/commit/4edbe1d7bcffcd6269f3b5eb63f710393ff2ec7a" }, { "tags": [ "x_refsource_MISC" ], "url": "https://seclists.org/oss-sec/2021/q1/268" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-31916", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "kernel", "version": { "version_data": [ { "version_value": "Kernel 5.12" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-787" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1946965", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946965" }, { "name": "https://github.com/torvalds/linux/commit/4edbe1d7bcffcd6269f3b5eb63f710393ff2ec7a", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/4edbe1d7bcffcd6269f3b5eb63f710393ff2ec7a" }, { "name": "https://seclists.org/oss-sec/2021/q1/268", "refsource": "MISC", "url": "https://seclists.org/oss-sec/2021/q1/268" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-31916", "datePublished": "2021-05-06T16:14:42", "dateReserved": "2021-04-29T00:00:00", "dateUpdated": "2024-08-03T23:10:30.921Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3573
Vulnerability from cvelistv5
Published
2021-08-13 00:00
Modified
2024-08-03 17:01
Severity ?
EPSS score ?
Summary
A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:01:07.293Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966578" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2021/06/08/2" }, { "name": "[oss-security] 20230702 CVE-2023-3439: Linux MCTP use-after-free in mctp_sendmsg", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/07/02/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "kernel 5.13-rc5" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-362", "description": "CWE-362-\u003eCWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-02T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966578" }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52" }, { "url": "https://www.openwall.com/lists/oss-security/2021/06/08/2" }, { "name": "[oss-security] 20230702 CVE-2023-3439: Linux MCTP use-after-free in mctp_sendmsg", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/07/02/1" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-3573", "datePublished": "2021-08-13T00:00:00", "dateReserved": "2021-06-01T00:00:00", "dateUpdated": "2024-08-03T17:01:07.293Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0492
Vulnerability from cvelistv5
Published
2022-03-03 00:00
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:32:45.292Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051505" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5095", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5095" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5096" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220419-0002/" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "kernel 5.17 rc3" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in the Linux kernel\u2019s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-287", "description": "CWE-287", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-07T15:06:18.421771", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051505" }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5095", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5095" }, { "name": "DSA-5096", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5096" }, { "url": "http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html" }, { "url": "https://security.netapp.com/advisory/ntap-20220419-0002/" }, { "url": "http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html" }, { "url": "http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-0492", "datePublished": "2022-03-03T00:00:00", "dateReserved": "2022-02-04T00:00:00", "dateUpdated": "2024-08-02T23:32:45.292Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0847
Vulnerability from cvelistv5
Published
2022-03-07 00:00
Modified
2024-08-02 23:40
Severity ?
EPSS score ?
Summary
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:40:04.513Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060795" }, { "tags": [ "x_transferred" ], "url": "https://dirtypipe.cm4all.com/" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.html" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.html" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.html" }, { "tags": [ "x_transferred" ], "url": "https://www.suse.com/support/kb/doc/?id=000020603" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220325-0005/" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf" }, { "tags": [ "x_transferred" ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/176534/Linux-4.20-KTLS-Read-Only-Write.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Linux Kernel 5.17 rc6" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-665", "description": "CWE-665-\u003eCWE-281", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-12T16:06:14.073682", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060795" }, { "url": "https://dirtypipe.cm4all.com/" }, { "url": "http://packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.html" }, { "url": "http://packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.html" }, { "url": "http://packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.html" }, { "url": "https://www.suse.com/support/kb/doc/?id=000020603" }, { "url": "https://security.netapp.com/advisory/ntap-20220325-0005/" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf" }, { "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015" }, { "url": "http://packetstormsecurity.com/files/176534/Linux-4.20-KTLS-Read-Only-Write.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-0847", "datePublished": "2022-03-07T00:00:00", "dateReserved": "2022-03-03T00:00:00", "dateUpdated": "2024-08-02T23:40:04.513Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-20322
Vulnerability from cvelistv5
Published
2022-02-18 17:50
Modified
2024-08-03 17:37
Severity ?
EPSS score ?
Summary
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:37:23.666Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5096" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220303-0002/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "kernel 5.15-rc1" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-330", "description": "CWE-330", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-25T16:24:33", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5096" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220303-0002/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-20322", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "kernel", "version": { "version_data": [ { "version_value": "kernel 5.15-rc1" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-330" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230" }, { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810" }, { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1" }, { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e" }, { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5096" }, { "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "https://security.netapp.com/advisory/ntap-20220303-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220303-0002/" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-20322", "datePublished": "2022-02-18T17:50:45", "dateReserved": "2020-12-17T00:00:00", "dateUpdated": "2024-08-03T17:37:23.666Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-3669
Vulnerability from cvelistv5
Published
2022-08-26 15:25
Modified
2024-08-03 17:01
Severity ?
EPSS score ?
Summary
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1986473 | x_refsource_MISC | |
https://bugzilla.redhat.com/show_bug.cgi?id=1980619 | x_refsource_MISC | |
https://access.redhat.com/security/cve/CVE-2021-3669 | x_refsource_MISC | |
https://security-tracker.debian.org/tracker/CVE-2021-3669 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:01:07.957Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986473" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980619" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2021-3669" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/CVE-2021-3669" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Not Known" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400 - Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-26T15:25:40", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986473" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980619" }, { "tags": [ "x_refsource_MISC" ], "url": "https://access.redhat.com/security/cve/CVE-2021-3669" }, { "tags": [ "x_refsource_MISC" ], "url": "https://security-tracker.debian.org/tracker/CVE-2021-3669" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-3669", "datePublished": "2022-08-26T15:25:40", "dateReserved": "2021-07-29T00:00:00", "dateUpdated": "2024-08-03T17:01:07.957Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4083
Vulnerability from cvelistv5
Published
2022-01-18 16:51
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2029923 | x_refsource_MISC | |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9 | x_refsource_MISC | |
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html | mailing-list, x_refsource_MLIST | |
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2022/dsa-5096 | vendor-advisory, x_refsource_DEBIAN | |
https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20220217-0005/ | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:03.848Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5096" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220217-0005/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "kernel 5.16-rc4" } ] } ], "descriptions": [ { "lang": "en", "value": "A read-after-free memory flaw was found in the Linux kernel\u0027s garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-25T16:42:48", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5096" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220217-0005/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-4083", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "kernel", "version": { "version_data": [ { "version_value": "kernel 5.16-rc4" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A read-after-free memory flaw was found in the Linux kernel\u0027s garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-416" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923" }, { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5096" }, { "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "https://security.netapp.com/advisory/ntap-20220217-0005/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220217-0005/" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-4083", "datePublished": "2022-01-18T16:51:46", "dateReserved": "2021-12-09T00:00:00", "dateUpdated": "2024-08-03T17:16:03.848Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-45485
Vulnerability from cvelistv5
Published
2021-12-25 01:05
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.
References
▼ | URL | Tags |
---|---|---|
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3 | x_refsource_MISC | |
https://arxiv.org/pdf/2112.09604.pdf | x_refsource_MISC | |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99 | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20220121-0001/ | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T04:39:21.141Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://arxiv.org/pdf/2112.09604.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220121-0001/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn\u0027t properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-25T16:42:06", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3" }, { "tags": [ "x_refsource_MISC" ], "url": "https://arxiv.org/pdf/2112.09604.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220121-0001/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-45485", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn\u0027t properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3", "refsource": "MISC", "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3" }, { "name": "https://arxiv.org/pdf/2112.09604.pdf", "refsource": "MISC", "url": "https://arxiv.org/pdf/2112.09604.pdf" }, { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99" }, { "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "https://security.netapp.com/advisory/ntap-20220121-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220121-0001/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-45485", "datePublished": "2021-12-25T01:05:07", "dateReserved": "2021-12-25T00:00:00", "dateUpdated": "2024-08-04T04:39:21.141Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-28327
Vulnerability from cvelistv5
Published
2022-04-20 00:00
Modified
2024-08-03 05:48
Severity ?
EPSS score ?
Summary
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:48:38.092Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8" }, { "name": "FEDORA-2022-a49babed75", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/" }, { "name": "FEDORA-2022-53f0c619c5", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NY6GEAJMNKKMU5H46QO4D7D6A24KSPXE/" }, { "name": "FEDORA-2022-c0f780ecf1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/" }, { "name": "FEDORA-2022-e46e6e8317", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/" }, { "name": "FEDORA-2022-fae3ecee19", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/" }, { "name": "FEDORA-2022-ba365d3703", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "name": "FEDORA-2022-30c5ed5625", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220915-0010/" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-14T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://groups.google.com/g/golang-announce" }, { "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8" }, { "name": "FEDORA-2022-a49babed75", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/" }, { "name": "FEDORA-2022-53f0c619c5", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NY6GEAJMNKKMU5H46QO4D7D6A24KSPXE/" }, { "name": "FEDORA-2022-c0f780ecf1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/" }, { "name": "FEDORA-2022-e46e6e8317", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/" }, { "name": "FEDORA-2022-fae3ecee19", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/" }, { "name": "FEDORA-2022-ba365d3703", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "name": "FEDORA-2022-30c5ed5625", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/" }, { "url": "https://security.netapp.com/advisory/ntap-20220915-0010/" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-28327", "datePublished": "2022-04-20T00:00:00", "dateReserved": "2022-04-01T00:00:00", "dateUpdated": "2024-08-03T05:48:38.092Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-22487
Vulnerability from cvelistv5
Published
2022-06-30 16:25
Modified
2024-09-16 20:07
Severity ?
EPSS score ?
Summary
An IBM Spectrum Protect storage agent could allow a remote attacker to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to both the IBM Spectrum Protect storage agent and the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 with which it communicates. IBM X-Force ID: 226326.
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/6596881 | x_refsource_CONFIRM | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/226326 | vdb-entry, x_refsource_XF |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | IBM | Spectrum Protect Server |
Version: 8.1.0.000 Version: 8.1.14 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:14:55.322Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/6596881" }, { "name": "ibm-spectrum-cve202222487-info-disc (226326)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/226326" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Spectrum Protect Server", "vendor": "IBM", "versions": [ { "status": "affected", "version": "8.1.0.000" }, { "status": "affected", "version": "8.1.14" } ] } ], "datePublic": "2022-06-29T00:00:00", "descriptions": [ { "lang": "en", "value": "An IBM Spectrum Protect storage agent could allow a remote attacker to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to both the IBM Spectrum Protect storage agent and the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 with which it communicates. IBM X-Force ID: 226326." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "NONE", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 5.2, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.0/S:U/A:N/AV:N/AC:H/UI:N/PR:N/I:N/C:H/RL:O/RC:C/E:U", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "Obtain Information", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-30T16:25:26", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ibm.com/support/pages/node/6596881" }, { "name": "ibm-spectrum-cve202222487-info-disc (226326)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/226326" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2022-06-29T00:00:00", "ID": "CVE-2022-22487", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Spectrum Protect Server", "version": { "version_data": [ { "version_value": "8.1.0.000" }, { "version_value": "8.1.14" } ] } } ] }, "vendor_name": "IBM" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An IBM Spectrum Protect storage agent could allow a remote attacker to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to both the IBM Spectrum Protect storage agent and the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 with which it communicates. IBM X-Force ID: 226326." } ] }, "impact": { "cvssv3": { "BM": { "A": "N", "AC": "H", "AV": "N", "C": "H", "I": "N", "PR": "N", "S": "U", "UI": "N" }, "TM": { "E": "U", "RC": "C", "RL": "O" } } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Obtain Information" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.ibm.com/support/pages/node/6596881", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6596881 (Spectrum Protect Server)", "url": "https://www.ibm.com/support/pages/node/6596881" }, { "name": "ibm-spectrum-cve202222487-info-disc (226326)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/226326" } ] } } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2022-22487", "datePublished": "2022-06-30T16:25:26.688719Z", "dateReserved": "2022-01-03T00:00:00", "dateUpdated": "2024-09-16T20:07:36.798Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4203
Vulnerability from cvelistv5
Published
2022-03-25 00:00
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.262Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036934" }, { "tags": [ "x_transferred" ], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2230\u0026can=7\u0026q=modified-after%3Atoday-30\u0026sort=-modified\u0026colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve\u0026cells=tiles\u0026redir=1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814" }, { "tags": [ "x_transferred" ], "url": "https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet%40gmail.com/T/" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221111-0003/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "kernel 5.15 rc4" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-362", "description": "CWE-362-\u003eCWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-14T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036934" }, { "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2230\u0026can=7\u0026q=modified-after%3Atoday-30\u0026sort=-modified\u0026colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve\u0026cells=tiles\u0026redir=1" }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814" }, { "url": "https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet%40gmail.com/T/" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "url": "https://security.netapp.com/advisory/ntap-20221111-0003/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-4203", "datePublished": "2022-03-25T00:00:00", "dateReserved": "2022-01-10T00:00:00", "dateUpdated": "2024-08-03T17:16:04.262Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-25704
Vulnerability from cvelistv5
Published
2020-12-02 00:00
Modified
2024-08-04 15:40
Severity ?
EPSS score ?
Summary
A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T15:40:36.653Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895961" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2020/11/09/1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7bdb157cdebbf95a1cd94ed2e01b338714075d00" }, { "name": "[debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html" }, { "name": "[debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html" }, { "tags": [ "x_transferred" ], "url": "https://www.starwindsoftware.com/security/sw-20220802-0003/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "kernel 5.10-rc3" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-401", "description": "CWE-401", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-11T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895961" }, { "url": "https://www.openwall.com/lists/oss-security/2020/11/09/1" }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7bdb157cdebbf95a1cd94ed2e01b338714075d00" }, { "name": "[debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html" }, { "name": "[debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html" }, { "url": "https://www.starwindsoftware.com/security/sw-20220802-0003/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-25704", "datePublished": "2020-12-02T00:00:00", "dateReserved": "2020-09-16T00:00:00", "dateUpdated": "2024-08-04T15:40:36.653Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-41864
Vulnerability from cvelistv5
Published
2021-10-01 23:46
Modified
2024-08-04 03:22
Severity ?
EPSS score ?
Summary
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:22:25.186Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=30e29a9a2bc6a4888335a6ede968b75cd329657a" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a" }, { "name": "FEDORA-2021-79cbbefebe", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/" }, { "name": "FEDORA-2021-ffda3d6fa1", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/" }, { "name": "FEDORA-2021-9dd76a1ed0", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211029-0004/" }, { "name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.12" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5096" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-03-10T02:07:13", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=30e29a9a2bc6a4888335a6ede968b75cd329657a" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a" }, { "name": "FEDORA-2021-79cbbefebe", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/" }, { "name": "FEDORA-2021-ffda3d6fa1", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/" }, { "name": "FEDORA-2021-9dd76a1ed0", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20211029-0004/" }, { "name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.12" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5096" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-41864", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=30e29a9a2bc6a4888335a6ede968b75cd329657a", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=30e29a9a2bc6a4888335a6ede968b75cd329657a" }, { "name": "https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a" }, { "name": "FEDORA-2021-79cbbefebe", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/" }, { "name": "FEDORA-2021-ffda3d6fa1", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/" }, { "name": "FEDORA-2021-9dd76a1ed0", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/" }, { "name": "https://security.netapp.com/advisory/ntap-20211029-0004/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20211029-0004/" }, { "name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html" }, { "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.12", "refsource": "CONFIRM", "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.12" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5096" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-41864", "datePublished": "2021-10-01T23:46:17", "dateReserved": "2021-10-01T00:00:00", "dateUpdated": "2024-08-04T03:22:25.186Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-22472
Vulnerability from cvelistv5
Published
2022-06-30 16:50
Modified
2024-09-17 00:00
Severity ?
EPSS score ?
Summary
IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift) could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session information. By retrieving the logs of a container an attacker could exploit this vulnerability to bypass login security of the IBM Spectrum Protect Plus server and gain unauthorized access based on the permissions of the IBM Spectrum Protect Plus user to the vulnerable Spectrum Protect Plus server software. IBM X-Force ID: 225340.
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/6596907 | x_refsource_CONFIRM | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/225340 | vdb-entry, x_refsource_XF |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | IBM | Spectrum Protect Plus |
Version: 10.1.5 Version: 10.1.7 Version: 10.1.10.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:14:55.311Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/6596907" }, { "name": "ibm-spectrum-cve202222472-priv-escalation (225340)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225340" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Spectrum Protect Plus", "vendor": "IBM", "versions": [ { "status": "affected", "version": "10.1.5" }, { "status": "affected", "version": "10.1.7" }, { "status": "affected", "version": "10.1.10.2" } ] } ], "datePublic": "2022-06-29T00:00:00", "descriptions": [ { "lang": "en", "value": "IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift) could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session information. By retrieving the logs of a container an attacker could exploit this vulnerability to bypass login security of the IBM Spectrum Protect Plus server and gain unauthorized access based on the permissions of the IBM Spectrum Protect Plus user to the vulnerable Spectrum Protect Plus server software. IBM X-Force ID: 225340." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "LOW", "privilegesRequired": "LOW", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "CHANGED", "temporalScore": 5.2, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.0/I:L/UI:N/A:L/C:L/AC:H/S:C/AV:N/PR:L/RC:C/E:U/RL:O", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "Gain Privileges", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-30T16:50:27", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ibm.com/support/pages/node/6596907" }, { "name": "ibm-spectrum-cve202222472-priv-escalation (225340)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225340" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2022-06-29T00:00:00", "ID": "CVE-2022-22472", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Spectrum Protect Plus", "version": { "version_data": [ { "version_value": "10.1.5" }, { "version_value": "10.1.7" }, { "version_value": "10.1.10.2" } ] } } ] }, "vendor_name": "IBM" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift) could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session information. By retrieving the logs of a container an attacker could exploit this vulnerability to bypass login security of the IBM Spectrum Protect Plus server and gain unauthorized access based on the permissions of the IBM Spectrum Protect Plus user to the vulnerable Spectrum Protect Plus server software. IBM X-Force ID: 225340." } ] }, "impact": { "cvssv3": { "BM": { "A": "L", "AC": "H", "AV": "N", "C": "L", "I": "L", "PR": "L", "S": "C", "UI": "N" }, "TM": { "E": "U", "RC": "C", "RL": "O" } } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Gain Privileges" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.ibm.com/support/pages/node/6596907", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6596907 (Spectrum Protect Plus)", "url": "https://www.ibm.com/support/pages/node/6596907" }, { "name": "ibm-spectrum-cve202222472-priv-escalation (225340)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225340" } ] } } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2022-22472", "datePublished": "2022-06-30T16:50:27.426534Z", "dateReserved": "2022-01-03T00:00:00", "dateUpdated": "2024-09-17T00:00:55.744Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-28950
Vulnerability from cvelistv5
Published
2021-03-20 19:55
Modified
2024-08-03 21:55
Severity ?
EPSS score ?
Summary
An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.
References
▼ | URL | Tags |
---|---|---|
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=775c5033a0d164622d9d10dd0f0a5531639ed3ed | x_refsource_MISC | |
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.8 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRTPQE73ANG7D6M4L4PK5ZQDPO4Y2FVD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FB6LUXPEIRLZH32YXWZVEZAD4ZL6SDK2/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html | mailing-list, x_refsource_MLIST | |
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2022/dsa-5096 | vendor-advisory, x_refsource_DEBIAN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T21:55:12.189Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=775c5033a0d164622d9d10dd0f0a5531639ed3ed" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.8" }, { "name": "FEDORA-2021-f0181b8085", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRTPQE73ANG7D6M4L4PK5ZQDPO4Y2FVD/" }, { "name": "FEDORA-2021-e49da8a226", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FB6LUXPEIRLZH32YXWZVEZAD4ZL6SDK2/" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5096" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A \"stall on CPU\" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-03-10T02:06:51", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=775c5033a0d164622d9d10dd0f0a5531639ed3ed" }, { "tags": [ "x_refsource_MISC" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.8" }, { "name": "FEDORA-2021-f0181b8085", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRTPQE73ANG7D6M4L4PK5ZQDPO4Y2FVD/" }, { "name": "FEDORA-2021-e49da8a226", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FB6LUXPEIRLZH32YXWZVEZAD4ZL6SDK2/" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5096" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-28950", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A \"stall on CPU\" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=775c5033a0d164622d9d10dd0f0a5531639ed3ed", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=775c5033a0d164622d9d10dd0f0a5531639ed3ed" }, { "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.8", "refsource": "MISC", "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.8" }, { "name": "FEDORA-2021-f0181b8085", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRTPQE73ANG7D6M4L4PK5ZQDPO4Y2FVD/" }, { "name": "FEDORA-2021-e49da8a226", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FB6LUXPEIRLZH32YXWZVEZAD4ZL6SDK2/" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5096" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-28950", "datePublished": "2021-03-20T19:55:16", "dateReserved": "2021-03-20T00:00:00", "dateUpdated": "2024-08-03T21:55:12.189Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4002
Vulnerability from cvelistv5
Published
2022-03-03 21:42
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2025726 | x_refsource_MISC | |
https://www.openwall.com/lists/oss-security/2021/11/25/1 | x_refsource_MISC | |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea | x_refsource_MISC | |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890 | x_refsource_MISC | |
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html | mailing-list, x_refsource_MLIST | |
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2022/dsa-5096 | vendor-advisory, x_refsource_DEBIAN | |
https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:03.279Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2021/11/25/1" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5096" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "affects kernel v3.6 and later through v5.15.5." } ] } ], "descriptions": [ { "lang": "en", "value": "A memory leak flaw in the Linux kernel\u0027s hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-459", "description": "CWE-459", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-25T16:42:37", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.openwall.com/lists/oss-security/2021/11/25/1" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5096" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-4002", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "kernel", "version": { "version_data": [ { "version_value": "affects kernel v3.6 and later through v5.15.5." } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A memory leak flaw in the Linux kernel\u0027s hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-459" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726" }, { "name": "https://www.openwall.com/lists/oss-security/2021/11/25/1", "refsource": "MISC", "url": "https://www.openwall.com/lists/oss-security/2021/11/25/1" }, { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea" }, { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5096" }, { "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-4002", "datePublished": "2022-03-03T21:42:47", "dateReserved": "2021-11-22T00:00:00", "dateUpdated": "2024-08-03T17:16:03.279Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-35550
Vulnerability from cvelistv5
Published
2021-10-20 10:49
Modified
2024-08-04 00:40
Severity ?
EPSS score ?
Summary
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Java SE JDK and JRE |
Version: Java SE:7u311 Version: Java SE:8u301 Version: Java SE:11.0.12 Version: Oracle GraalVM Enterprise Edition:20.3.3 Version: Oracle GraalVM Enterprise Edition:21.2.0 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-35550", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-24T14:29:28.454778Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-24T14:30:11.763Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T00:40:46.946Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211022-0004/" }, { "name": "FEDORA-2021-35145352b0", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/" }, { "name": "FEDORA-2021-7701833090", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "name": "FEDORA-2021-9a51a6f8b1", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/" }, { "name": "FEDORA-2021-1cc8ffd122", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "name": "FEDORA-2021-eb3e3e87d3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" }, { "name": "FEDORA-2021-107c8c5063", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "name": "DSA-5000", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "name": "GLSA-202209-05", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Java SE JDK and JRE", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "Java SE:7u311" }, { "status": "affected", "version": "Java SE:8u301" }, { "status": "affected", "version": "Java SE:11.0.12" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:20.3.3" }, { "status": "affected", "version": "Oracle GraalVM Enterprise Edition:21.2.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Oracle GraalVM Enterprise Edition accessible data.", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-21T19:06:58.485392", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "url": "https://security.netapp.com/advisory/ntap-20211022-0004/" }, { "name": "FEDORA-2021-35145352b0", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/" }, { "name": "FEDORA-2021-7701833090", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "name": "FEDORA-2021-9a51a6f8b1", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/" }, { "name": "FEDORA-2021-1cc8ffd122", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "name": "FEDORA-2021-eb3e3e87d3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" }, { "name": "FEDORA-2021-107c8c5063", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "name": "DSA-5000", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "name": "[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "name": "GLSA-202209-05", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2021-35550", "datePublished": "2021-10-20T10:49:59", "dateReserved": "2021-06-28T00:00:00", "dateUpdated": "2024-08-04T00:40:46.946Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-1011
Vulnerability from cvelistv5
Published
2022-03-18 00:00
Modified
2024-08-02 23:47
Severity ?
EPSS score ?
Summary
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:47:43.229Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064855" }, { "name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html" }, { "name": "DSA-5173", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5173" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Linux kernel 5.16-rc8" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free flaw was found in the Linux kernel\u2019s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-07T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064855" }, { "name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html" }, { "name": "DSA-5173", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5173" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-1011", "datePublished": "2022-03-18T00:00:00", "dateReserved": "2022-03-17T00:00:00", "dateUpdated": "2024-08-02T23:47:43.229Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4157
Vulnerability from cvelistv5
Published
2022-03-25 18:02
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2034342 | x_refsource_MISC | |
https://lore.kernel.org/lkml/20210517140244.822185482%40linuxfoundation.org/ | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20220602-0007/ | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.290Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034342" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://lore.kernel.org/lkml/20210517140244.822185482%40linuxfoundation.org/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220602-0007/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "kernel 5.13-rc1" } ] } ], "descriptions": [ { "lang": "en", "value": "An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-119", "description": "CWE-119", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-25T16:43:17", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034342" }, { "tags": [ "x_refsource_MISC" ], "url": "https://lore.kernel.org/lkml/20210517140244.822185482%40linuxfoundation.org/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220602-0007/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-4157", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "kernel", "version": { "version_data": [ { "version_value": "kernel 5.13-rc1" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-119" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2034342", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034342" }, { "name": "https://lore.kernel.org/lkml/20210517140244.822185482@linuxfoundation.org/", "refsource": "MISC", "url": "https://lore.kernel.org/lkml/20210517140244.822185482@linuxfoundation.org/" }, { "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "https://security.netapp.com/advisory/ntap-20220602-0007/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220602-0007/" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-4157", "datePublished": "2022-03-25T18:02:43", "dateReserved": "2021-12-22T00:00:00", "dateUpdated": "2024-08-03T17:16:04.290Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-45486
Vulnerability from cvelistv5
Published
2021-12-25 01:04
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.
References
▼ | URL | Tags |
---|---|---|
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4 | x_refsource_MISC | |
https://arxiv.org/pdf/2112.09604.pdf | x_refsource_MISC | |
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T04:39:21.222Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://arxiv.org/pdf/2112.09604.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-25T16:42:16", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4" }, { "tags": [ "x_refsource_MISC" ], "url": "https://arxiv.org/pdf/2112.09604.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-45486", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4", "refsource": "MISC", "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4" }, { "name": "https://arxiv.org/pdf/2112.09604.pdf", "refsource": "MISC", "url": "https://arxiv.org/pdf/2112.09604.pdf" }, { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba" }, { "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-45486", "datePublished": "2021-12-25T01:04:27", "dateReserved": "2021-12-25T00:00:00", "dateUpdated": "2024-08-04T04:39:21.222Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-22474
Vulnerability from cvelistv5
Published
2022-06-30 16:25
Modified
2024-09-16 17:07
Severity ?
EPSS score ?
Summary
IBM Spectrum Protect 8.1.0.0 through 8.1.14.0 dsmcad, dsmc, and dsmcsvc processes incorrectly handle certain read operations on TCP/IP sockets. This can result in a denial of service for IBM Spectrum Protect client operations. IBM X-Force ID: 225348.
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/6596741 | x_refsource_CONFIRM | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/225348 | vdb-entry, x_refsource_XF |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | IBM | Spectrum Protect Client |
Version: 8.1.0.0 Version: 8.1.14.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:14:55.264Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/6596741" }, { "name": "ibm-spectrum-cve202222474-dos (225348)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225348" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Spectrum Protect Client", "vendor": "IBM", "versions": [ { "status": "affected", "version": "8.1.0.0" }, { "status": "affected", "version": "8.1.14.0" } ] } ], "datePublic": "2022-06-29T00:00:00", "descriptions": [ { "lang": "en", "value": "IBM Spectrum Protect 8.1.0.0 through 8.1.14.0 dsmcad, dsmc, and dsmcsvc processes incorrectly handle certain read operations on TCP/IP sockets. This can result in a denial of service for IBM Spectrum Protect client operations. IBM X-Force ID: 225348." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "NONE", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 5.2, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.0/A:H/S:U/AV:N/UI:N/AC:H/C:N/I:N/PR:N/RC:C/E:U/RL:O", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-30T16:25:16", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ibm.com/support/pages/node/6596741" }, { "name": "ibm-spectrum-cve202222474-dos (225348)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225348" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2022-06-29T00:00:00", "ID": "CVE-2022-22474", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Spectrum Protect Client", "version": { "version_data": [ { "version_value": "8.1.0.0" }, { "version_value": "8.1.14.0" } ] } } ] }, "vendor_name": "IBM" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IBM Spectrum Protect 8.1.0.0 through 8.1.14.0 dsmcad, dsmc, and dsmcsvc processes incorrectly handle certain read operations on TCP/IP sockets. This can result in a denial of service for IBM Spectrum Protect client operations. IBM X-Force ID: 225348." } ] }, "impact": { "cvssv3": { "BM": { "A": "H", "AC": "H", "AV": "N", "C": "N", "I": "N", "PR": "N", "S": "U", "UI": "N" }, "TM": { "E": "U", "RC": "C", "RL": "O" } } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Denial of Service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.ibm.com/support/pages/node/6596741", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6596741 (Spectrum Protect Client)", "url": "https://www.ibm.com/support/pages/node/6596741" }, { "name": "ibm-spectrum-cve202222474-dos (225348)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225348" } ] } } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2022-22474", "datePublished": "2022-06-30T16:25:16.784364Z", "dateReserved": "2022-01-03T00:00:00", "dateUpdated": "2024-09-16T17:07:59.406Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-20321
Vulnerability from cvelistv5
Published
2022-02-18 17:50
Modified
2024-08-03 17:37
Severity ?
EPSS score ?
Summary
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2013242 | x_refsource_MISC | |
https://lore.kernel.org/all/20211011134508.748956131%40linuxfoundation.org/ | x_refsource_MISC | |
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2022/dsa-5096 | vendor-advisory, x_refsource_DEBIAN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:37:23.681Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013242" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://lore.kernel.org/all/20211011134508.748956131%40linuxfoundation.org/" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5096" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "kernel 5.15-rc5" } ] } ], "descriptions": [ { "lang": "en", "value": "A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-362", "description": "CWE-362", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-03-10T02:06:57", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013242" }, { "tags": [ "x_refsource_MISC" ], "url": "https://lore.kernel.org/all/20211011134508.748956131%40linuxfoundation.org/" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2022/dsa-5096" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-20321", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "kernel", "version": { "version_data": [ { "version_value": "kernel 5.15-rc5" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-362" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2013242", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013242" }, { "name": "https://lore.kernel.org/all/20211011134508.748956131@linuxfoundation.org/", "refsource": "MISC", "url": "https://lore.kernel.org/all/20211011134508.748956131@linuxfoundation.org/" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5096" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-20321", "datePublished": "2022-02-18T17:50:44", "dateReserved": "2020-12-17T00:00:00", "dateUpdated": "2024-08-03T17:37:23.681Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-21781
Vulnerability from cvelistv5
Published
2021-08-18 14:37
Modified
2024-08-03 18:23
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process’s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11
References
▼ | URL | Tags |
---|---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243 | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Linux Kernel |
Version: Linux Kernel v5.4.54, Linux Kernel v5.4.66 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T18:23:29.351Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Linux Kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Linux Kernel v5.4.54, Linux Kernel v5.4.66" } ] } ], "descriptions": [ { "lang": "en", "value": "An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process\u2019s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11" } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-908", "description": "CWE-908: Use of Uninitialized Resource", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-25T16:24:43", "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "talos-cna@cisco.com", "ID": "CVE-2021-21781", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Linux Kernel", "version": { "version_data": [ { "version_value": "Linux Kernel v5.4.54, Linux Kernel v5.4.66" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process\u2019s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11" } ] }, "impact": { "cvss": { "baseScore": 4, "baseSeverity": "Medium", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-908: Use of Uninitialized Resource" } ] } ] }, "references": { "reference_data": [ { "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243", "refsource": "MISC", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243" }, { "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "assignerShortName": "talos", "cveId": "CVE-2021-21781", "datePublished": "2021-08-18T14:37:46", "dateReserved": "2021-01-04T00:00:00", "dateUpdated": "2024-08-03T18:23:29.351Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-22478
Vulnerability from cvelistv5
Published
2022-06-30 16:25
Modified
2024-09-16 20:32
Severity ?
EPSS score ?
Summary
IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225886.
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/6596741 | x_refsource_CONFIRM | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/225886 | vdb-entry, x_refsource_XF |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | IBM | Spectrum Protect Client |
Version: 8.1.0.0 Version: 8.1.14.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:14:55.176Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/6596741" }, { "name": "ibm-spectrum-cve202222478-info-disc (225886)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225886" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Spectrum Protect Client", "vendor": "IBM", "versions": [ { "status": "affected", "version": "8.1.0.0" }, { "status": "affected", "version": "8.1.14.0" } ] } ], "datePublic": "2022-06-29T00:00:00", "descriptions": [ { "lang": "en", "value": "IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225886." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "NONE", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 5.4, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.0/C:H/I:N/PR:N/AV:L/AC:L/UI:N/S:U/A:N/RL:O/RC:C/E:U", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "Obtain Information", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-30T16:25:21", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ibm.com/support/pages/node/6596741" }, { "name": "ibm-spectrum-cve202222478-info-disc (225886)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225886" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2022-06-29T00:00:00", "ID": "CVE-2022-22478", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Spectrum Protect Client", "version": { "version_data": [ { "version_value": "8.1.0.0" }, { "version_value": "8.1.14.0" } ] } } ] }, "vendor_name": "IBM" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225886." } ] }, "impact": { "cvssv3": { "BM": { "A": "N", "AC": "L", "AV": "L", "C": "H", "I": "N", "PR": "N", "S": "U", "UI": "N" }, "TM": { "E": "U", "RC": "C", "RL": "O" } } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Obtain Information" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.ibm.com/support/pages/node/6596741", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6596741 (Spectrum Protect Client)", "url": "https://www.ibm.com/support/pages/node/6596741" }, { "name": "ibm-spectrum-cve202222478-info-disc (225886)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/225886" } ] } } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2022-22478", "datePublished": "2022-06-30T16:25:21.094393Z", "dateReserved": "2022-01-03T00:00:00", "dateUpdated": "2024-09-16T20:32:09.329Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-22496
Vulnerability from cvelistv5
Published
2022-06-30 16:25
Modified
2024-09-17 01:15
Severity ?
EPSS score ?
Summary
While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL. While in this mode, it may be susceptible to an offline dictionary attack. IBM X-Force ID: 226942.
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/6596881 | x_refsource_CONFIRM | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/226942 | vdb-entry, x_refsource_XF |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | IBM | Spectrum Protect Server |
Version: 8.1.0.000 Version: 8.1.14 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:14:55.267Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/6596881" }, { "name": "ibm-spectrum-cve202222496-info-disc (226942)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/226942" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Spectrum Protect Server", "vendor": "IBM", "versions": [ { "status": "affected", "version": "8.1.0.000" }, { "status": "affected", "version": "8.1.14" } ] } ], "datePublic": "2022-06-29T00:00:00", "descriptions": [ { "lang": "en", "value": "While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL. While in this mode, it may be susceptible to an offline dictionary attack. IBM X-Force ID: 226942." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "NONE", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 4.6, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.0/A:N/S:U/C:H/PR:N/I:N/AV:A/UI:N/AC:H/RC:C/E:U/RL:O", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "Obtain Information", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-30T16:25:31", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ibm.com/support/pages/node/6596881" }, { "name": "ibm-spectrum-cve202222496-info-disc (226942)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/226942" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2022-06-29T00:00:00", "ID": "CVE-2022-22496", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Spectrum Protect Server", "version": { "version_data": [ { "version_value": "8.1.0.000" }, { "version_value": "8.1.14" } ] } } ] }, "vendor_name": "IBM" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL. While in this mode, it may be susceptible to an offline dictionary attack. IBM X-Force ID: 226942." } ] }, "impact": { "cvssv3": { "BM": { "A": "N", "AC": "H", "AV": "A", "C": "H", "I": "N", "PR": "N", "S": "U", "UI": "N" }, "TM": { "E": "U", "RC": "C", "RL": "O" } } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Obtain Information" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.ibm.com/support/pages/node/6596881", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6596881 (Spectrum Protect Server)", "url": "https://www.ibm.com/support/pages/node/6596881" }, { "name": "ibm-spectrum-cve202222496-info-disc (226942)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/226942" } ] } } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2022-22496", "datePublished": "2022-06-30T16:25:31.669987Z", "dateReserved": "2022-01-03T00:00:00", "dateUpdated": "2024-09-17T01:15:47.167Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-4154
Vulnerability from cvelistv5
Published
2022-02-04 22:29
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2034514 | x_refsource_MISC | |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b | x_refsource_MISC | |
https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002 | x_refsource_MISC | |
https://security.netapp.com/advisory/ntap-20220225-0004/ | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.485Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034514" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220225-0004/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in kernel 5.14 rc2" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel\u0027s cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-02-25T09:06:07", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034514" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b" }, { "tags": [ "x_refsource_MISC" ], "url": "https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220225-0004/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-4154", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "kernel", "version": { "version_data": [ { "version_value": "Fixed in kernel 5.14 rc2" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel\u0027s cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-416" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2034514", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034514" }, { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b" }, { "name": "https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002", "refsource": "MISC", "url": "https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002" }, { "name": "https://security.netapp.com/advisory/ntap-20220225-0004/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220225-0004/" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-4154", "datePublished": "2022-02-04T22:29:17", "dateReserved": "2021-12-22T00:00:00", "dateUpdated": "2024-08-03T17:16:04.485Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-29650
Vulnerability from cvelistv5
Published
2021-03-30 20:35
Modified
2024-08-03 22:11
Severity ?
EPSS score ?
Summary
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf.
References
▼ | URL | Tags |
---|---|---|
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.11 | x_refsource_MISC | |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=175e476b8cdf2a4de7432583b49c871345e4f8a1 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WKRNELXLVFDY6Y5XDMWLIH3VKIMQXLLR/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RZGMUP6QEHJJEKPMLKOSPWYMW7PXFC2M/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VTADK5ELGTATGW2RK3K5MBJ2WGYCPZCM/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html | mailing-list, x_refsource_MLIST | |
https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html | mailing-list, x_refsource_MLIST |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:11:06.356Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.11" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=175e476b8cdf2a4de7432583b49c871345e4f8a1" }, { "name": "FEDORA-2021-41fb54ae9f", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WKRNELXLVFDY6Y5XDMWLIH3VKIMQXLLR/" }, { "name": "FEDORA-2021-6b0f287b8b", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RZGMUP6QEHJJEKPMLKOSPWYMW7PXFC2M/" }, { "name": "FEDORA-2021-2306e89112", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VTADK5ELGTATGW2RK3K5MBJ2WGYCPZCM/" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-23T01:07:42", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.11" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=175e476b8cdf2a4de7432583b49c871345e4f8a1" }, { "name": "FEDORA-2021-41fb54ae9f", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WKRNELXLVFDY6Y5XDMWLIH3VKIMQXLLR/" }, { "name": "FEDORA-2021-6b0f287b8b", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RZGMUP6QEHJJEKPMLKOSPWYMW7PXFC2M/" }, { "name": "FEDORA-2021-2306e89112", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VTADK5ELGTATGW2RK3K5MBJ2WGYCPZCM/" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-29650", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.11", "refsource": "MISC", "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.11" }, { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=175e476b8cdf2a4de7432583b49c871345e4f8a1", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=175e476b8cdf2a4de7432583b49c871345e4f8a1" }, { "name": "FEDORA-2021-41fb54ae9f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKRNELXLVFDY6Y5XDMWLIH3VKIMQXLLR/" }, { "name": "FEDORA-2021-6b0f287b8b", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RZGMUP6QEHJJEKPMLKOSPWYMW7PXFC2M/" }, { "name": "FEDORA-2021-2306e89112", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VTADK5ELGTATGW2RK3K5MBJ2WGYCPZCM/" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html" }, { "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-29650", "datePublished": "2021-03-30T20:35:47", "dateReserved": "2021-03-30T00:00:00", "dateUpdated": "2024-08-03T22:11:06.356Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-27536
Vulnerability from cvelistv5
Published
2022-04-20 00:00
Modified
2024-08-03 05:32
Severity ?
EPSS score ?
Summary
Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T05:32:58.690Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230309-0001/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-09T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://groups.google.com/g/golang-announce" }, { "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8" }, { "name": "GLSA-202208-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202208-02" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf" }, { "url": "https://security.netapp.com/advisory/ntap-20230309-0001/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-27536", "datePublished": "2022-04-20T00:00:00", "dateReserved": "2022-03-21T00:00:00", "dateUpdated": "2024-08-03T05:32:58.690Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-0778
Vulnerability from cvelistv5
Published
2022-03-15 17:05
Modified
2024-09-17 00:01
Severity ?
EPSS score ?
Summary
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:40:03.765Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.openssl.org/news/secadv/20220315.txt" }, { "tags": [ "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246" }, { "tags": [ "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65" }, { "tags": [ "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83" }, { "name": "DSA-5103", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5103" }, { "name": "[debian-lts-announce] 20220317 [SECURITY] [DLA 2952-1] openssl security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" }, { "name": "[debian-lts-announce] 20220317 [SECURITY] [DLA 2953-1] openssl1.0 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html" }, { "name": "FEDORA-2022-a5f51502f0", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/" }, { "name": "FEDORA-2022-9e88b5d8d7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/" }, { "name": "FEDORA-2022-8bb51f6901", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220321-0002/" }, { "tags": [ "x_transferred" ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2022-06" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2022-07" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2022-08" }, { "name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/33" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2022/May/38" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213257" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213256" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT213255" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2022-09" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220429-0005/" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html" }, { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf" }, { "name": "GLSA-202210-02", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202210-02" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "OpenSSL", "vendor": "OpenSSL", "versions": [ { "status": "affected", "version": "Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1)" }, { "status": "affected", "version": "Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m)" }, { "status": "affected", "version": "Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc)" } ] } ], "credits": [ { "lang": "en", "value": "Tavis Ormandy (Google)" } ], "datePublic": "2022-03-15T00:00:00", "descriptions": [ { "lang": "en", "value": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc)." } ], "metrics": [ { "other": { "content": { "lang": "eng", "url": "https://www.openssl.org/policies/secpolicy.html#High", "value": "High" }, "type": "unknown" } } ], "problemTypes": [ { "descriptions": [ { "description": "Infinite loop", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-21T19:07:01.186352", "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl" }, "references": [ { "url": "https://www.openssl.org/news/secadv/20220315.txt" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65" }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83" }, { "name": "DSA-5103", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5103" }, { "name": "[debian-lts-announce] 20220317 [SECURITY] [DLA 2952-1] openssl security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" }, { "name": "[debian-lts-announce] 20220317 [SECURITY] [DLA 2953-1] openssl1.0 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html" }, { "name": "FEDORA-2022-a5f51502f0", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/" }, { "name": "FEDORA-2022-9e88b5d8d7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/" }, { "name": "FEDORA-2022-8bb51f6901", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "url": "https://security.netapp.com/advisory/ntap-20220321-0002/" }, { "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002" }, { "url": "https://www.tenable.com/security/tns-2022-06" }, { "url": "https://www.tenable.com/security/tns-2022-07" }, { "url": "https://www.tenable.com/security/tns-2022-08" }, { "name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/May/33" }, { "name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2022/May/38" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "url": "https://support.apple.com/kb/HT213257" }, { "url": "https://support.apple.com/kb/HT213256" }, { "url": "https://support.apple.com/kb/HT213255" }, { "url": "https://www.tenable.com/security/tns-2022-09" }, { "url": "https://security.netapp.com/advisory/ntap-20220429-0005/" }, { "url": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html" }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf" }, { "name": "GLSA-202210-02", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202210-02" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "Infinite loop in BN_mod_sqrt() reachable when parsing certificates" } }, "cveMetadata": { "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "cveId": "CVE-2022-0778", "datePublished": "2022-03-15T17:05:20.382533Z", "dateReserved": "2022-02-28T00:00:00", "dateUpdated": "2024-09-17T00:01:02.190Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-22494
Vulnerability from cvelistv5
Published
2022-06-30 16:50
Modified
2024-09-16 23:11
Severity ?
EPSS score ?
Summary
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could allow a remote attacker to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. This information could then be used in future attacks. IBM X-Force ID: 226940.
References
▼ | URL | Tags |
---|---|---|
https://www.ibm.com/support/pages/node/6596883 | x_refsource_CONFIRM | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/226940 | vdb-entry, x_refsource_XF |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | IBM | Spectrum Protect Operations Center |
Version: 8.1.0.000 Version: 8.1.14 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:14:55.353Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/6596883" }, { "name": "ibm-spectrum-cve202222494-info-disc (226940)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/226940" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Spectrum Protect Operations Center", "vendor": "IBM", "versions": [ { "status": "affected", "version": "8.1.0.000" }, { "status": "affected", "version": "8.1.14" } ] } ], "datePublic": "2022-06-29T00:00:00", "descriptions": [ { "lang": "en", "value": "IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could allow a remote attacker to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. This information could then be used in future attacks. IBM X-Force ID: 226940." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "NONE", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 3.2, "temporalSeverity": "LOW", "userInteraction": "NONE", "vectorString": "CVSS:3.0/PR:N/AV:N/S:U/AC:H/C:L/A:N/UI:N/I:N/E:U/RC:C/RL:O", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "Obtain Information", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-30T16:50:34", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ibm.com/support/pages/node/6596883" }, { "name": "ibm-spectrum-cve202222494-info-disc (226940)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/226940" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2022-06-29T00:00:00", "ID": "CVE-2022-22494", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Spectrum Protect Operations Center", "version": { "version_data": [ { "version_value": "8.1.0.000" }, { "version_value": "8.1.14" } ] } } ] }, "vendor_name": "IBM" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could allow a remote attacker to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. This information could then be used in future attacks. IBM X-Force ID: 226940." } ] }, "impact": { "cvssv3": { "BM": { "A": "N", "AC": "H", "AV": "N", "C": "L", "I": "N", "PR": "N", "S": "U", "UI": "N" }, "TM": { "E": "U", "RC": "C", "RL": "O" } } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Obtain Information" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.ibm.com/support/pages/node/6596883", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6596883 (Spectrum Protect Operations Center)", "url": "https://www.ibm.com/support/pages/node/6596883" }, { "name": "ibm-spectrum-cve202222494-info-disc (226940)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/226940" } ] } } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2022-22494", "datePublished": "2022-06-30T16:50:34.927957Z", "dateReserved": "2022-01-03T00:00:00", "dateUpdated": "2024-09-16T23:11:21.509Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.