Vulnerabilites related to oracle - communications_cloud_native_core_network_exposure_function
cve-2021-4203
Vulnerability from cvelistv5
Published
2022-03-25 00:00
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:16:04.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036934"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2230\u0026can=7\u0026q=modified-after%3Atoday-30\u0026sort=-modified\u0026colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve\u0026cells=tiles\u0026redir=1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814"
},
{
"tags": [
"x_transferred"
],
"url": "https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet%40gmail.com/T/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20221111-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "kernel 5.15 rc4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362-\u003eCWE-416",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036934"
},
{
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2230\u0026can=7\u0026q=modified-after%3Atoday-30\u0026sort=-modified\u0026colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve\u0026cells=tiles\u0026redir=1"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814"
},
{
"url": "https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet%40gmail.com/T/"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20221111-0003/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-4203",
"datePublished": "2022-03-25T00:00:00",
"dateReserved": "2022-01-10T00:00:00",
"dateUpdated": "2024-08-03T17:16:04.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3752
Vulnerability from cvelistv5
Published
2022-02-16 18:35
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1999544 | x_refsource_MISC | |
| https://lore.kernel.org/lkml/20211115165435.133245729%40linuxfoundation.org/ | x_refsource_MISC | |
| https://www.openwall.com/lists/oss-security/2021/09/15/4 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html | mailing-list, x_refsource_MLIST | |
| https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2022/dsa-5096 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220318-0009/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:08.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999544"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lore.kernel.org/lkml/20211115165435.133245729%40linuxfoundation.org/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2021/09/15/4"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220318-0009/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "kernel 5.15.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free flaw was found in the Linux kernel\u2019s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:37:04",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999544"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lore.kernel.org/lkml/20211115165435.133245729%40linuxfoundation.org/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2021/09/15/4"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220318-0009/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-3752",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "kernel 5.15.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free flaw was found in the Linux kernel\u2019s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1999544",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999544"
},
{
"name": "https://lore.kernel.org/lkml/20211115165435.133245729@linuxfoundation.org/",
"refsource": "MISC",
"url": "https://lore.kernel.org/lkml/20211115165435.133245729@linuxfoundation.org/"
},
{
"name": "https://www.openwall.com/lists/oss-security/2021/09/15/4",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2021/09/15/4"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220318-0009/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220318-0009/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3752",
"datePublished": "2022-02-16T18:35:34",
"dateReserved": "2021-08-31T00:00:00",
"dateUpdated": "2024-08-03T17:09:08.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-1154
Vulnerability from cvelistv5
Published
2022-03-30 00:00
Modified
2024-08-02 23:55
Severity ?
EPSS score ?
Summary
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5"
},
{
"name": "FEDORA-2022-d776fcfe60",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J/"
},
{
"name": "FEDORA-2022-e62adccfca",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/"
},
{
"name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "GLSA-202208-32",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
},
{
"name": "GLSA-202305-16",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202305-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "vim/vim",
"vendor": "vim",
"versions": [
{
"lessThan": "8.2.4646",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-03T00:00:00",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425"
},
{
"url": "https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5"
},
{
"name": "FEDORA-2022-d776fcfe60",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J/"
},
{
"name": "FEDORA-2022-e62adccfca",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/"
},
{
"name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "GLSA-202208-32",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"name": "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
},
{
"name": "GLSA-202305-16",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202305-16"
}
],
"source": {
"advisory": "7f0ec6bc-ea0e-45b0-8128-caac72d23425",
"discovery": "EXTERNAL"
},
"title": "Use after free in utf_ptr2char in vim/vim"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1154",
"datePublished": "2022-03-30T00:00:00",
"dateReserved": "2022-03-29T00:00:00",
"dateUpdated": "2024-08-02T23:55:24.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-45485
Vulnerability from cvelistv5
Published
2021-12-25 01:05
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3 | x_refsource_MISC | |
| https://arxiv.org/pdf/2112.09604.pdf | x_refsource_MISC | |
| https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99 | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220121-0001/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:39:21.141Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220121-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn\u0027t properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:42:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220121-0001/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-45485",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn\u0027t properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3",
"refsource": "MISC",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3"
},
{
"name": "https://arxiv.org/pdf/2112.09604.pdf",
"refsource": "MISC",
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220121-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220121-0001/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-45485",
"datePublished": "2021-12-25T01:05:07",
"dateReserved": "2021-12-25T00:00:00",
"dateUpdated": "2024-08-04T04:39:21.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3612
Vulnerability from cvelistv5
Published
2021-07-09 10:33
Modified
2024-08-03 17:01
Severity ?
EPSS score ?
Summary
An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1974079 | x_refsource_MISC | |
| https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82%40gmail.com/ | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html | mailing-list, x_refsource_MLIST | |
| https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html | mailing-list, x_refsource_MLIST | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20210805-0005/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:07.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82%40gmail.com/"
},
{
"name": "FEDORA-2021-a95108d156",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/"
},
{
"name": "[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
},
{
"name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210805-0005/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "kernel 5.9-rc1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20-\u003eCWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:36:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82%40gmail.com/"
},
{
"name": "FEDORA-2021-a95108d156",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/"
},
{
"name": "[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
},
{
"name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210805-0005/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-3612",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "kernel 5.9-rc1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20-\u003eCWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"name": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/",
"refsource": "MISC",
"url": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/"
},
{
"name": "FEDORA-2021-a95108d156",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/"
},
{
"name": "[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
},
{
"name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210805-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210805-0005/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3612",
"datePublished": "2021-07-09T10:33:16",
"dateReserved": "2021-06-21T00:00:00",
"dateUpdated": "2024-08-03T17:01:07.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-45486
Vulnerability from cvelistv5
Published
2021-12-25 01:04
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4 | x_refsource_MISC | |
| https://arxiv.org/pdf/2112.09604.pdf | x_refsource_MISC | |
| https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:39:21.222Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:42:16",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-45486",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4",
"refsource": "MISC",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4"
},
{
"name": "https://arxiv.org/pdf/2112.09604.pdf",
"refsource": "MISC",
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-45486",
"datePublished": "2021-12-25T01:04:27",
"dateReserved": "2021-12-25T00:00:00",
"dateUpdated": "2024-08-04T04:39:21.222Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-22963
Vulnerability from cvelistv5
Published
2022-04-01 00:00
Modified
2025-01-29 17:53
Severity ?
EPSS score ?
Summary
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Spring Cloud Function |
Version: Spring Cloud Function versions 3.1.6, 3.2.2 and all old and unsupported versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.845Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://tanzu.vmware.com/security/cve-2022-22963"
},
{
"name": "20220401 Vulnerability in Spring Cloud Function Framework Affecting Cisco Products: March 2022",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxH"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-22963",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T17:53:06.523275Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-08-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-22963"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T17:53:21.759Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Spring Cloud Function",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Spring Cloud Function versions 3.1.6, 3.2.2 and all old and unsupported versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://tanzu.vmware.com/security/cve-2022-22963"
},
{
"name": "20220401 Vulnerability in Spring Cloud Function Framework Affecting Cisco Products: March 2022",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxH"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22963",
"datePublished": "2022-04-01T00:00:00.000Z",
"dateReserved": "2022-01-10T00:00:00.000Z",
"dateUpdated": "2025-01-29T17:53:21.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3773
Vulnerability from cvelistv5
Published
2022-02-16 18:35
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-3773",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T18:42:22.968093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T18:42:34.998Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:08.687Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004949"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://citizenlab.ca/2024/07/vulnerabilities-in-vpns-paper-presented-at-the-privacy-enhancing-technologies-symposium-2024/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "kernel 5.14.0-49.el9, kernel 5.15.15-100.fc34, kernel 5.15.15-200.fc35"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T17:46:43.260919",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004949"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://citizenlab.ca/2024/07/vulnerabilities-in-vpns-paper-presented-at-the-privacy-enhancing-technologies-symposium-2024/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3773",
"datePublished": "2022-02-16T18:35:30",
"dateReserved": "2021-09-06T00:00:00",
"dateUpdated": "2024-08-03T17:09:08.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-4002
Vulnerability from cvelistv5
Published
2022-03-03 21:42
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=2025726 | x_refsource_MISC | |
| https://www.openwall.com/lists/oss-security/2021/11/25/1 | x_refsource_MISC | |
| https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea | x_refsource_MISC | |
| https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html | mailing-list, x_refsource_MLIST | |
| https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2022/dsa-5096 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:16:03.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2021/11/25/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "affects kernel v3.6 and later through v5.15.5."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A memory leak flaw in the Linux kernel\u0027s hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-459",
"description": "CWE-459",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:42:37",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2021/11/25/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-4002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "affects kernel v3.6 and later through v5.15.5."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory leak flaw in the Linux kernel\u0027s hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-459"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726"
},
{
"name": "https://www.openwall.com/lists/oss-security/2021/11/25/1",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2021/11/25/1"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-4002",
"datePublished": "2022-03-03T21:42:47",
"dateReserved": "2021-11-22T00:00:00",
"dateUpdated": "2024-08-03T17:16:03.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-25636
Vulnerability from cvelistv5
Published
2022-02-22 01:41
Modified
2024-08-03 04:42
Severity ?
EPSS score ?
Summary
net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.openwall.com/lists/oss-security/2022/02/21/2 | x_refsource_MISC | |
| https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2022/02/22/1 | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2022/dsa-5095 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
| https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/ | x_refsource_MISC | |
| https://github.com/Bonfee/CVE-2022-25636 | x_refsource_MISC | |
| http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220325-0002/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:42:50.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/02/21/2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6"
},
{
"name": "[oss-security] 20220222 Re: Linux kernel: heap out of bounds write in nf_dup_netdev.c since 5.4",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/02/22/1"
},
{
"name": "DSA-5095",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5095"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Bonfee/CVE-2022-25636"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220325-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:53:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2022/02/21/2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6"
},
{
"name": "[oss-security] 20220222 Re: Linux kernel: heap out of bounds write in nf_dup_netdev.c since 5.4",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/02/22/1"
},
{
"name": "DSA-5095",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5095"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Bonfee/CVE-2022-25636"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220325-0002/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-25636",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2022/02/21/2",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2022/02/21/2"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6"
},
{
"name": "[oss-security] 20220222 Re: Linux kernel: heap out of bounds write in nf_dup_netdev.c since 5.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/02/22/1"
},
{
"name": "DSA-5095",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5095"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/",
"refsource": "MISC",
"url": "https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/"
},
{
"name": "https://github.com/Bonfee/CVE-2022-25636",
"refsource": "MISC",
"url": "https://github.com/Bonfee/CVE-2022-25636"
},
{
"name": "http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220325-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220325-0002/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-25636",
"datePublished": "2022-02-22T01:41:05",
"dateReserved": "2022-02-22T00:00:00",
"dateUpdated": "2024-08-03T04:42:50.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3737
Vulnerability from cvelistv5
Published
2022-03-04 00:00
Modified
2024-08-03 17:01
Severity ?
EPSS score ?
Summary
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:08.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugs.python.org/issue44022"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/python/cpython/pull/25916"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995162"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/python/cpython/pull/26503"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2021-3737"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220407-0009/"
},
{
"name": "[debian-lts-announce] 20230524 [SECURITY] [DLA 3432-1] python2.7 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html"
},
{
"name": "[debian-lts-announce] 20230630 [SECURITY] [DLA 3477-1] python3.7 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "python",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in python v3.6.14, python v3.7.11, python v3.8.11, python v3.9.6, python v3.10.0b2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835 - Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027), CWE-400 - Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugs.python.org/issue44022"
},
{
"url": "https://github.com/python/cpython/pull/25916"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995162"
},
{
"url": "https://github.com/python/cpython/pull/26503"
},
{
"url": "https://ubuntu.com/security/CVE-2021-3737"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220407-0009/"
},
{
"name": "[debian-lts-announce] 20230524 [SECURITY] [DLA 3432-1] python2.7 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html"
},
{
"name": "[debian-lts-announce] 20230630 [SECURITY] [DLA 3477-1] python3.7 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3737",
"datePublished": "2022-03-04T00:00:00",
"dateReserved": "2021-08-26T00:00:00",
"dateUpdated": "2024-08-03T17:01:08.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-27820
Vulnerability from cvelistv5
Published
2021-11-02 23:26
Modified
2024-08-04 16:25
Severity ?
EPSS score ?
Summary
A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1901726 | x_refsource_MISC | |
| https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/ | x_refsource_MISC | |
| https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/ | x_refsource_MISC | |
| https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/ | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:25:43.062Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901726"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "to be fixed in RHEL-9 release"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Linux kernel, where a use-after-frees in nouveau\u0027s postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if \"unbind\" the driver)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:16:46",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901726"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-27820",
"datePublished": "2021-11-02T23:26:20",
"dateReserved": "2020-10-27T00:00:00",
"dateUpdated": "2024-08-04T16:25:43.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3772
Vulnerability from cvelistv5
Published
2022-03-02 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:08.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2021-3772"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20221007-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in linux kernel v5.15 and above"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354 - Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694"
},
{
"url": "https://ubuntu.com/security/CVE-2021-3772"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df"
},
{
"url": "https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20221007-0001/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3772",
"datePublished": "2022-03-02T00:00:00",
"dateReserved": "2021-09-06T00:00:00",
"dateUpdated": "2024-08-03T17:09:08.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-4083
Vulnerability from cvelistv5
Published
2022-01-18 16:51
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=2029923 | x_refsource_MISC | |
| https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html | mailing-list, x_refsource_MLIST | |
| https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2022/dsa-5096 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220217-0005/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:16:03.848Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220217-0005/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "kernel 5.16-rc4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A read-after-free memory flaw was found in the Linux kernel\u0027s garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:42:48",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220217-0005/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-4083",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "kernel 5.16-rc4"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A read-after-free memory flaw was found in the Linux kernel\u0027s garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220217-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220217-0005/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-4083",
"datePublished": "2022-01-18T16:51:46",
"dateReserved": "2021-12-09T00:00:00",
"dateUpdated": "2024-08-03T17:16:03.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0001
Vulnerability from cvelistv5
Published
2022-03-11 00:00
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Version: See references |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:41.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html"
},
{
"name": "[oss-security] 20220318 Xen Security Advisory 398 v2 - Multiple speculative security issues",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/18/2"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220818-0004/"
},
{
"name": "VU#155143",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/155143"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": " information disclosure ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T15:05:59.454262",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html"
},
{
"name": "[oss-security] 20220318 Xen Security Advisory 398 v2 - Multiple speculative security issues",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/18/2"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220818-0004/"
},
{
"name": "VU#155143",
"tags": [
"third-party-advisory"
],
"url": "https://www.kb.cert.org/vuls/id/155143"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-0001",
"datePublished": "2022-03-11T00:00:00",
"dateReserved": "2021-10-15T00:00:00",
"dateUpdated": "2024-08-02T23:18:41.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-4788
Vulnerability from cvelistv5
Published
2020-11-20 03:45
Modified
2024-09-16 19:05
Severity ?
EPSS score ?
Summary
IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6370729 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/189296 | vdb-entry, x_refsource_XF | |
| http://www.openwall.com/lists/oss-security/2020/11/20/3 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2020/11/23/1 | mailing-list, x_refsource_MLIST | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZF4OGZPKTAJJXWHPIFP3LHEWWEMR5LPT/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TITJQPYDWZ4NB2ONJWUXW75KSQIPF35T/ | vendor-advisory, x_refsource_FEDORA | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:14:57.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6370729"
},
{
"name": "ibm-i-cve20204788-info-disc (189296)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/189296"
},
{
"name": "[oss-security] 20201120 CVE-2020-4788: Speculation on incompletely validated data on IBM Power9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/11/20/3"
},
{
"name": "[oss-security] 20201123 Re: CVE-2020-4788: Speculation on incompletely validated data on IBM Power9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/11/23/1"
},
{
"name": "FEDORA-2020-4700a73bd5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZF4OGZPKTAJJXWHPIFP3LHEWWEMR5LPT/"
},
{
"name": "FEDORA-2020-8c15928d23",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TITJQPYDWZ4NB2ONJWUXW75KSQIPF35T/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VIOS",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "3.1"
}
]
},
{
"product": "AIX",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
}
]
}
],
"datePublic": "2020-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 4.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/PR:N/C:H/AV:L/AC:H/S:U/A:N/I:N/UI:N/E:U/RC:C/RL:O",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:22:49",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/pages/node/6370729"
},
{
"name": "ibm-i-cve20204788-info-disc (189296)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/189296"
},
{
"name": "[oss-security] 20201120 CVE-2020-4788: Speculation on incompletely validated data on IBM Power9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/11/20/3"
},
{
"name": "[oss-security] 20201123 Re: CVE-2020-4788: Speculation on incompletely validated data on IBM Power9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/11/23/1"
},
{
"name": "FEDORA-2020-4700a73bd5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZF4OGZPKTAJJXWHPIFP3LHEWWEMR5LPT/"
},
{
"name": "FEDORA-2020-8c15928d23",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TITJQPYDWZ4NB2ONJWUXW75KSQIPF35T/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2020-11-19T00:00:00",
"ID": "CVE-2020-4788",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VIOS",
"version": {
"version_data": [
{
"version_value": "3.1"
}
]
}
},
{
"product_name": "AIX",
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "7.2"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "H",
"AV": "L",
"C": "H",
"I": "N",
"PR": "N",
"S": "U",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6370729",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6370729 (AIX)",
"url": "https://www.ibm.com/support/pages/node/6370729"
},
{
"name": "ibm-i-cve20204788-info-disc (189296)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/189296"
},
{
"name": "[oss-security] 20201120 CVE-2020-4788: Speculation on incompletely validated data on IBM Power9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/11/20/3"
},
{
"name": "[oss-security] 20201123 Re: CVE-2020-4788: Speculation on incompletely validated data on IBM Power9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/11/23/1"
},
{
"name": "FEDORA-2020-4700a73bd5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZF4OGZPKTAJJXWHPIFP3LHEWWEMR5LPT/"
},
{
"name": "FEDORA-2020-8c15928d23",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TITJQPYDWZ4NB2ONJWUXW75KSQIPF35T/"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2020-4788",
"datePublished": "2020-11-20T03:45:13.599036Z",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-09-16T19:05:08.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0286
Vulnerability from cvelistv5
Published
2022-01-31 15:57
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:25:40.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:44:23",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-0286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40"
},
{
"name": "https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626",
"refsource": "MISC",
"url": "https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-0286",
"datePublished": "2022-01-31T15:57:34",
"dateReserved": "2022-01-19T00:00:00",
"dateUpdated": "2024-08-02T23:25:40.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-22947
Vulnerability from cvelistv5
Published
2022-03-03 00:00
Modified
2025-01-29 17:54
Severity ?
EPSS score ?
Summary
In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Spring Cloud Gateway |
Version: Spring cloud gateway versions 3.1.x prior to 3.1.1+, 3.0.x prior to 3.0.7+ and all old and unsupported versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://tanzu.vmware.com/security/cve-2022-22947"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/166219/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/168742/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-22947",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T17:53:56.180900Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-05-16",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-22947"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T17:54:00.963Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Spring Cloud Gateway",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Spring cloud gateway versions 3.1.x prior to 3.1.1+, 3.0.x prior to 3.0.7+ and all old and unsupported versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-17T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://tanzu.vmware.com/security/cve-2022-22947"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "http://packetstormsecurity.com/files/166219/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "http://packetstormsecurity.com/files/168742/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22947",
"datePublished": "2022-03-03T00:00:00.000Z",
"dateReserved": "2022-01-10T00:00:00.000Z",
"dateUpdated": "2025-01-29T17:54:00.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21781
Vulnerability from cvelistv5
Published
2021-08-18 14:37
Modified
2024-08-03 18:23
Severity ?
EPSS score ?
Summary
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process’s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11
References
| ▼ | URL | Tags |
|---|---|---|
| https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243 | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Linux Kernel |
Version: Linux Kernel v5.4.54, Linux Kernel v5.4.66 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:23:29.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Linux Kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Linux Kernel v5.4.54, Linux Kernel v5.4.66"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process\u2019s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "CWE-908: Use of Uninitialized Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:24:43",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2021-21781",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Linux Kernel",
"version": {
"version_data": [
{
"version_value": "Linux Kernel v5.4.54, Linux Kernel v5.4.66"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process\u2019s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11"
}
]
},
"impact": {
"cvss": {
"baseScore": 4,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-908: Use of Uninitialized Resource"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2021-21781",
"datePublished": "2021-08-18T14:37:46",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:23:29.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-42739
Vulnerability from cvelistv5
Published
2021-10-20 00:00
Modified
2024-08-04 03:38
Severity ?
EPSS score ?
Summary
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:50.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ%40mwanda/"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=35d2969ea3c7d32aee78066b1f3cf61a0d935a4e"
},
{
"tags": [
"x_transferred"
],
"url": "https://seclists.org/oss-sec/2021/q2/46"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951739"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.starwindsoftware.com/security/sw-20220804-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-24T22:50:38.096026",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ%40mwanda/"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=35d2969ea3c7d32aee78066b1f3cf61a0d935a4e"
},
{
"url": "https://seclists.org/oss-sec/2021/q2/46"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951739"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://www.starwindsoftware.com/security/sw-20220804-0001/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42739",
"datePublished": "2021-10-20T00:00:00",
"dateReserved": "2021-10-20T00:00:00",
"dateUpdated": "2024-08-04T03:38:50.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3744
Vulnerability from cvelistv5
Published
2022-03-04 15:55
Modified
2024-08-03 17:01
Severity ?
EPSS score ?
Summary
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:08.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20210914 Disclosure: CVE-2021-3744: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/09/14/1"
},
{
"name": "FEDORA-2021-79cbbefebe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/"
},
{
"name": "FEDORA-2021-ffda3d6fa1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/"
},
{
"name": "FEDORA-2021-9dd76a1ed0",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000627"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/oss-sec/2021/q3/164"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in v5.15-rc4 and above."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:36:48",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20210914 Disclosure: CVE-2021-3744: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/09/14/1"
},
{
"name": "FEDORA-2021-79cbbefebe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/"
},
{
"name": "FEDORA-2021-ffda3d6fa1",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/"
},
{
"name": "FEDORA-2021-9dd76a1ed0",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000627"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/oss-sec/2021/q3/164"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3744",
"datePublished": "2022-03-04T15:55:17",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-03T17:01:08.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-37159
Vulnerability from cvelistv5
Published
2021-07-21 00:00
Modified
2024-08-04 01:16
Severity ?
EPSS score ?
Summary
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.spinics.net/lists/linux-usb/msg202228.html"
},
{
"name": "[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
},
{
"name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210819-0003/"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a6ecfb39ba9d7316057cea823b196b734f6b18ca"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dcb713d53e2eadf42b878c12a471e74dc6ed3145"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1188601"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-25T00:39:31.348800",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.spinics.net/lists/linux-usb/msg202228.html"
},
{
"name": "[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
},
{
"name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210819-0003/"
},
{
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a6ecfb39ba9d7316057cea823b196b734f6b18ca"
},
{
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dcb713d53e2eadf42b878c12a471e74dc6ed3145"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1188601"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37159",
"datePublished": "2021-07-21T00:00:00",
"dateReserved": "2021-07-21T00:00:00",
"dateUpdated": "2024-08-04T01:16:03.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3743
Vulnerability from cvelistv5
Published
2022-03-04 15:52
Modified
2024-08-03 17:01
Severity ?
EPSS score ?
Summary
An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1997961 | x_refsource_MISC | |
| https://lists.openwall.net/netdev/2021/08/17/124 | x_refsource_MISC | |
| https://www.openwall.com/lists/oss-security/2021/08/27/2 | x_refsource_MISC | |
| https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb | x_refsource_MISC | |
| https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e78c597c3ebfd0cb329aa09a838734147e4f117 | x_refsource_MISC | |
| https://github.com/torvalds/linux/commit/7e78c597c3ebfd0cb329aa09a838734147e4f117 | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220407-0007/ | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:08.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997961"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.openwall.net/netdev/2021/08/17/124"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2021/08/27/2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e78c597c3ebfd0cb329aa09a838734147e4f117"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/7e78c597c3ebfd0cb329aa09a838734147e4f117"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220407-0007/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Affects linux kernel v5.14.0-rc6 and above."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 - Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:36:35",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997961"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.openwall.net/netdev/2021/08/17/124"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2021/08/27/2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e78c597c3ebfd0cb329aa09a838734147e4f117"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/torvalds/linux/commit/7e78c597c3ebfd0cb329aa09a838734147e4f117"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220407-0007/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3743",
"datePublished": "2022-03-04T15:52:55",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-03T17:01:08.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0322
Vulnerability from cvelistv5
Published
2022-03-25 18:02
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=2042822 | x_refsource_MISC | |
| https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:25:40.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042822"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "kernel 5.15 rc6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-681",
"description": "CWE-681",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:44:33",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042822"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-0322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "kernel 5.15 rc6"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-681"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2042822",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042822"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-0322",
"datePublished": "2022-03-25T18:02:58",
"dateReserved": "2022-01-20T00:00:00",
"dateUpdated": "2024-08-02T23:25:40.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0002
Vulnerability from cvelistv5
Published
2022-03-11 17:54
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2022/03/18/2 | mailing-list, x_refsource_MLIST | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220818-0004/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Processors |
Version: See references |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:41.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html"
},
{
"name": "[oss-security] 20220318 Xen Security Advisory 398 v2 - Multiple speculative security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/18/2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220818-0004/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": " information disclosure ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-18T14:09:32",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html"
},
{
"name": "[oss-security] 20220318 Xen Security Advisory 398 v2 - Multiple speculative security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/18/2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220818-0004/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-0002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Processors",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": " information disclosure "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html"
},
{
"name": "[oss-security] 20220318 Xen Security Advisory 398 v2 - Multiple speculative security issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/03/18/2"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220818-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220818-0004/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-0002",
"datePublished": "2022-03-11T17:54:36",
"dateReserved": "2021-10-15T00:00:00",
"dateUpdated": "2024-08-02T23:18:41.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-22965
Vulnerability from cvelistv5
Published
2022-04-01 22:17
Modified
2025-01-29 17:52
Severity ?
EPSS score ?
Summary
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tanzu.vmware.com/security/cve-2022-22965 | x_refsource_MISC | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67 | vendor-advisory, x_refsource_CISCO | |
| https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005 | x_refsource_CONFIRM | |
| http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf | x_refsource_CONFIRM | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
| http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Spring Framework |
Version: Spring Framework versions 5.3.X prior to 5.3.18+, 5.2.x prior to 5.2.20+ and all old and unsupported versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.725Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/970766"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tanzu.vmware.com/security/cve-2022-22965"
},
{
"name": "20220401 Vulnerability in Spring Framework Affecting Cisco Products: March 2022",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-22965",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T17:52:10.886552Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-04-04",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-22965"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T17:52:44.731Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Spring Framework",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Spring Framework versions 5.3.X prior to 5.3.18+, 5.2.x prior to 5.2.20+ and all old and unsupported versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:46:59.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tanzu.vmware.com/security/cve-2022-22965"
},
{
"name": "20220401 Vulnerability in Spring Framework Affecting Cisco Products: March 2022",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2022-22965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spring Framework",
"version": {
"version_data": [
{
"version_value": "Spring Framework versions 5.3.X prior to 5.3.18+, 5.2.x prior to 5.2.20+ and all old and unsupported versions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tanzu.vmware.com/security/cve-2022-22965",
"refsource": "MISC",
"url": "https://tanzu.vmware.com/security/cve-2022-22965"
},
{
"name": "20220401 Vulnerability in Spring Framework Affecting Cisco Products: March 2022",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005"
},
{
"name": "http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22965",
"datePublished": "2022-04-01T22:17:30.000Z",
"dateReserved": "2022-01-10T00:00:00.000Z",
"dateUpdated": "2025-01-29T17:52:44.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-43818
Vulnerability from cvelistv5
Published
2021-12-13 18:05
Modified
2024-08-04 04:03
Severity ?
EPSS score ?
Summary
lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:03:08.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/lxml/lxml/commit/a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0"
},
{
"name": "FEDORA-2021-6e8fb79f90",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4SPKJX3RRJK4UWA6FXCRHD2TVRQI44/"
},
{
"name": "FEDORA-2021-9f9e7c5c4f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZGNET2A4WGLSUXLBFYKNC5PXHQMI3I7/"
},
{
"name": "[debian-lts-announce] 20211230 [SECURITY] [DLA 2871-1] lxml security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00037.html"
},
{
"name": "DSA-5043",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5043"
},
{
"name": "FEDORA-2022-96c79bf003",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUIS2KE3HZ2AAQKXFLTJFZPP2IFHJTC7/"
},
{
"name": "FEDORA-2022-7129fbaeed",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2XMOM5PFT6U5AAXY6EFNT5JZCKKHK2V/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220107-0005/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "GLSA-202208-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "lxml",
"vendor": "lxml",
"versions": [
{
"status": "affected",
"version": "\u003c 4.6.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-10T05:06:57",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/lxml/lxml/commit/a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0"
},
{
"name": "FEDORA-2021-6e8fb79f90",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4SPKJX3RRJK4UWA6FXCRHD2TVRQI44/"
},
{
"name": "FEDORA-2021-9f9e7c5c4f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZGNET2A4WGLSUXLBFYKNC5PXHQMI3I7/"
},
{
"name": "[debian-lts-announce] 20211230 [SECURITY] [DLA 2871-1] lxml security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00037.html"
},
{
"name": "DSA-5043",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5043"
},
{
"name": "FEDORA-2022-96c79bf003",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUIS2KE3HZ2AAQKXFLTJFZPP2IFHJTC7/"
},
{
"name": "FEDORA-2022-7129fbaeed",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2XMOM5PFT6U5AAXY6EFNT5JZCKKHK2V/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220107-0005/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "GLSA-202208-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202208-06"
}
],
"source": {
"advisory": "GHSA-55x5-fj6c-h6m8",
"discovery": "UNKNOWN"
},
"title": "HTML Cleaner allows crafted and SVG embedded scripts to pass through",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-43818",
"STATE": "PUBLIC",
"TITLE": "HTML Cleaner allows crafted and SVG embedded scripts to pass through"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "lxml",
"version": {
"version_data": [
{
"version_value": "\u003c 4.6.5"
}
]
}
}
]
},
"vendor_name": "lxml"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8",
"refsource": "CONFIRM",
"url": "https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8"
},
{
"name": "https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a",
"refsource": "MISC",
"url": "https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a"
},
{
"name": "https://github.com/lxml/lxml/commit/a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776",
"refsource": "MISC",
"url": "https://github.com/lxml/lxml/commit/a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776"
},
{
"name": "https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0",
"refsource": "MISC",
"url": "https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0"
},
{
"name": "FEDORA-2021-6e8fb79f90",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4SPKJX3RRJK4UWA6FXCRHD2TVRQI44/"
},
{
"name": "FEDORA-2021-9f9e7c5c4f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGNET2A4WGLSUXLBFYKNC5PXHQMI3I7/"
},
{
"name": "[debian-lts-announce] 20211230 [SECURITY] [DLA 2871-1] lxml security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00037.html"
},
{
"name": "DSA-5043",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5043"
},
{
"name": "FEDORA-2022-96c79bf003",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TUIS2KE3HZ2AAQKXFLTJFZPP2IFHJTC7/"
},
{
"name": "FEDORA-2022-7129fbaeed",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V2XMOM5PFT6U5AAXY6EFNT5JZCKKHK2V/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220107-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220107-0005/"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "GLSA-202208-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-06"
}
]
},
"source": {
"advisory": "GHSA-55x5-fj6c-h6m8",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-43818",
"datePublished": "2021-12-13T18:05:12",
"dateReserved": "2021-11-16T00:00:00",
"dateUpdated": "2024-08-04T04:03:08.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-43976
Vulnerability from cvelistv5
Published
2021-11-17 00:00
Modified
2024-08-04 04:10
Severity ?
EPSS score ?
Summary
In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:10:17.274Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://patchwork.kernel.org/project/linux-wireless/patch/YX4CqjfRcTa6bVL+%40Zekuns-MBP-16.fios-router.home/"
},
{
"name": "FEDORA-2021-eab8c5a263",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X24M7KDC4OJOZNS3RDSYC7ELNELOLQ2N/"
},
{
"name": "FEDORA-2021-c09b851eb0",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YODMYMGZYDXQKGJGX7TJG4XV4L5YLLBD/"
},
{
"name": "DSA-5092",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5092"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211210-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04d80663f67ccef893061b49ec8a42ff7045ae84"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-25T00:39:33.878998",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://patchwork.kernel.org/project/linux-wireless/patch/YX4CqjfRcTa6bVL+%40Zekuns-MBP-16.fios-router.home/"
},
{
"name": "FEDORA-2021-eab8c5a263",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X24M7KDC4OJOZNS3RDSYC7ELNELOLQ2N/"
},
{
"name": "FEDORA-2021-c09b851eb0",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YODMYMGZYDXQKGJGX7TJG4XV4L5YLLBD/"
},
{
"name": "DSA-5092",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5092"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20211210-0001/"
},
{
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04d80663f67ccef893061b49ec8a42ff7045ae84"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-43976",
"datePublished": "2021-11-17T00:00:00",
"dateReserved": "2021-11-17T00:00:00",
"dateUpdated": "2024-08-04T04:10:17.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-20322
Vulnerability from cvelistv5
Published
2022-02-18 17:50
Modified
2024-08-03 17:37
Severity ?
EPSS score ?
Summary
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:37:23.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220303-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "kernel 5.15-rc1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:24:33",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220303-0002/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-20322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "kernel 5.15-rc1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-330"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220303-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220303-0002/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-20322",
"datePublished": "2022-02-18T17:50:45",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:37:23.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-43389
Vulnerability from cvelistv5
Published
2021-11-04 18:39
Modified
2024-08-04 03:55
Severity ?
EPSS score ?
Summary
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15 | x_refsource_MISC | |
| https://seclists.org/oss-sec/2021/q4/39 | x_refsource_MISC | |
| https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d | x_refsource_MISC | |
| https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA%40mail.gmail.com/ | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2021/11/05/1 | mailing-list, x_refsource_MLIST | |
| https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html | mailing-list, x_refsource_MLIST | |
| https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2022/dsa-5096 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2013180 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:55:28.480Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/oss-sec/2021/q4/39"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA%40mail.gmail.com/"
},
{
"name": "[oss-security] 20211105 Re: Linux kernel: isdn: cpai: array-index-out-of-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/05/1"
},
{
"name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013180"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:40:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/oss-sec/2021/q4/39"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA%40mail.gmail.com/"
},
{
"name": "[oss-security] 20211105 Re: Linux kernel: isdn: cpai: array-index-out-of-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/05/1"
},
{
"name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013180"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-43389",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15",
"refsource": "MISC",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15"
},
{
"name": "https://seclists.org/oss-sec/2021/q4/39",
"refsource": "MISC",
"url": "https://seclists.org/oss-sec/2021/q4/39"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d"
},
{
"name": "https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/",
"refsource": "MISC",
"url": "https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA@mail.gmail.com/"
},
{
"name": "[oss-security] 20211105 Re: Linux kernel: isdn: cpai: array-index-out-of-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/11/05/1"
},
{
"name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"name": "DSA-5096",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2013180",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013180"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-43389",
"datePublished": "2021-11-04T18:39:06",
"dateReserved": "2021-11-04T00:00:00",
"dateUpdated": "2024-08-04T03:55:28.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-0404
Vulnerability from cvelistv5
Published
2020-09-17 15:20
Modified
2024-08-04 06:02
Severity ?
EPSS score ?
Summary
In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111893654References: Upstream kernel
References
| ▼ | URL | Tags |
|---|---|---|
| https://source.android.com/security/bulletin/2020-09-01 | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html | vendor-advisory, x_refsource_SUSE | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:02:51.648Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2020-09-01"
},
{
"name": "openSUSE-SU-2020:1586",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html"
},
{
"name": "openSUSE-SU-2020:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111893654References: Upstream kernel"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:13:25",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://source.android.com/security/bulletin/2020-09-01"
},
{
"name": "openSUSE-SU-2020:1586",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html"
},
{
"name": "openSUSE-SU-2020:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2020-0404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android kernel"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111893654References: Upstream kernel"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2020-09-01",
"refsource": "MISC",
"url": "https://source.android.com/security/bulletin/2020-09-01"
},
{
"name": "openSUSE-SU-2020:1586",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html"
},
{
"name": "openSUSE-SU-2020:1655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2020-0404",
"datePublished": "2020-09-17T15:20:11",
"dateReserved": "2019-10-17T00:00:00",
"dateUpdated": "2024-08-04T06:02:51.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2022-03-04 19:15
Modified
2024-11-21 06:22
Severity ?
Summary
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98AE93B0-882A-42C5-B3A4-8B4D810AB111",
"versionEndExcluding": "3.6.14",
"versionStartIncluding": "3.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63D83236-D590-43D4-82C0-B0C656E02A29",
"versionEndExcluding": "3.7.11",
"versionStartIncluding": "3.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAFF8F2-FA7C-4FFA-B592-E37EF28D6B59",
"versionEndExcluding": "3.8.11",
"versionStartIncluding": "3.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB31E875-FA80-4218-A3F8-AAE776154BCE",
"versionEndExcluding": "3.9.6",
"versionStartIncluding": "3.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93A089E2-D66E-455C-969A-3140D991BAF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4131A8B1-AC09-4C2D-8C7A-8D4AA10CB8FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5F48D0CB-CB06-4456-B918-6549BC6C7892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "87C21FE1-EA5C-498F-9C6C-D05F91A88217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "47811209-5CE5-4375-8391-B0A7F6A0E420",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:21.04:*:*:*:*:*:*:*",
"matchCriteriaId": "8EF1C1CC-3FAE-4DE3-BC41-E5B14D5721F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A6E548F-62E9-40CB-85DA-FDAA0F0096C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86B51137-28D9-41F2-AFA2-3CC22B4954D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:netapp_xcp_smb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "942ECEE4-7656-4DA0-BCFA-35716D59D563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:xcp_nfs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A80879E7-715E-42A8-BA1C-3DE577CA584C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo en python. Una respuesta HTTP manejada inapropiadamente en el c\u00f3digo del cliente HTTP de python puede permitir a un atacante remoto, que controle el servidor HTTP, hacer que el script del cliente entre en un bucle infinito, consumiendo tiempo de CPU. La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema"
}
],
"id": "CVE-2021-3737",
"lastModified": "2024-11-21T06:22:17.417",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-04T19:15:08.730",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.python.org/issue44022"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995162"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/python/cpython/pull/25916"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/python/cpython/pull/26503"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220407-0009/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://ubuntu.com/security/CVE-2021-3737"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.python.org/issue44022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/python/cpython/pull/25916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/python/cpython/pull/26503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220407-0009/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://ubuntu.com/security/CVE-2021-3737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
},
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-04 16:15
Modified
2024-11-21 06:22
Severity ?
Summary
An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | 5.14 | |
| linux | linux_kernel | 5.17 | |
| linux | linux_kernel | 5.17 | |
| linux | linux_kernel | 5.17 | |
| linux | linux_kernel | 5.17 | |
| linux | linux_kernel | 5.17 | |
| linux | linux_kernel | 5.17 | |
| linux | linux_kernel | 5.17 | |
| fedoraproject | fedora | 34 | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h300e_firmware | - | |
| netapp | h300e | - | |
| netapp | h500e_firmware | - | |
| netapp | h500e | - | |
| netapp | h700e_firmware | - | |
| netapp | h700e | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "922F737F-0C17-48D2-AA8C-7388C792B55E",
"versionEndExcluding": "5.17",
"versionStartExcluding": "5.14.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc6:*:*:*:*:*:*",
"matchCriteriaId": "15013998-4AF0-4CDC-AB13-829ECD8A8E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:*",
"matchCriteriaId": "A59F7FD3-F505-48BD-8875-F07A33F42F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*",
"matchCriteriaId": "BED18363-5ABC-4639-8BBA-68E771E5BB3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability."
},
{
"lang": "es",
"value": "Se ha encontrado un defecto de lectura de memoria fuera de l\u00edmites (OOB) en el protocolo de router Qualcomm IPC en el kernel de Linux. Una falta de comprobaci\u00f3n de saneo permite a un atacante local conseguir acceso de memoria fuera de l\u00edmites, conllevando a un bloqueo del sistema o un filtrado de informaci\u00f3n interna del kernel. La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema"
}
],
"id": "CVE-2021-3743",
"lastModified": "2024-11-21T06:22:18.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-04T16:15:08.547",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997961"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e78c597c3ebfd0cb329aa09a838734147e4f117"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/7e78c597c3ebfd0cb329aa09a838734147e4f117"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.openwall.net/netdev/2021/08/17/124"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220407-0007/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2021/08/27/2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e78c597c3ebfd0cb329aa09a838734147e4f117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/7e78c597c3ebfd0cb329aa09a838734147e4f117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.openwall.net/netdev/2021/08/17/124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220407-0007/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2021/08/27/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-09 11:15
Modified
2024-11-21 06:21
Severity ?
Summary
An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9CA5EDA-9CA4-49FA-AF86-7B150825868E",
"versionEndExcluding": "5.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090AA6F4-4404-4E26-82AB-C3A22636F276",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo de escritura en memoria fuera de l\u00edmites en el kernel de Linux joystick devices subsystem en versiones anteriores a 5.9-rc1, en la manera en que el usuario llama a la ioctl JSIOCSBTNMAP. Este fallo permite a un usuario local bloquear el sistema o posiblemente escalar sus privilegios en el sistema. La mayor amenaza de esta vulnerabilidad es la confidencialidad, la integridad y la disponibilidad del sistema"
}
],
"id": "CVE-2021-3612",
"lastModified": "2024-11-21T06:21:58.743",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-09T11:15:09.457",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/"
},
{
"source": "secalert@redhat.com",
"url": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82%40gmail.com/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210805-0005/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82%40gmail.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210805-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-21 15:16
Modified
2024-11-21 06:14
Severity ?
Summary
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| debian | debian_linux | 9.0 | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EDD470E-22A5-4E39-ACB1-68E284E7EC32",
"versionEndIncluding": "5.13.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free."
},
{
"lang": "es",
"value": "la funci\u00f3n hso_free_net_device en el archivo drivers/net/usb/hso.c en el kernel de Linux versiones hasta 5.13.4 llama a unregister_netdev sin comprobar el estado NETREG_REGISTERED, conllevando a un uso de memoria previamente liberada y un double free"
}
],
"id": "CVE-2021-37159",
"lastModified": "2024-11-21T06:14:45.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-21T15:16:20.777",
"references": [
{
"source": "cve@mitre.org",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1188601"
},
{
"source": "cve@mitre.org",
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a6ecfb39ba9d7316057cea823b196b734f6b18ca"
},
{
"source": "cve@mitre.org",
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dcb713d53e2eadf42b878c12a471e74dc6ed3145"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210819-0003/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.spinics.net/lists/linux-usb/msg202228.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1188601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a6ecfb39ba9d7316057cea823b196b734f6b18ca"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dcb713d53e2eadf42b878c12a471e74dc6ed3145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210819-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.spinics.net/lists/linux-usb/msg202228.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
},
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-01 23:15
Modified
2025-01-29 18:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
References
Impacted products
{
"cisaActionDue": "2022-04-25",
"cisaExploitAdd": "2022-04-04",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Spring Framework JDK 9+ Remote Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7417ECB4-3391-4273-9DAF-C9C82220CEA8",
"versionEndExcluding": "5.2.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5049322E-FFAA-4CAA-B794-63539EA4E6D7",
"versionEndExcluding": "5.3.18",
"versionStartIncluding": "5.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19F22333-401B-4DB1-A63D-622FA54C2BA9",
"versionStartIncluding": "9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:cx_cloud_agent:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA44823-E5F1-4922-BCCA-13BEB49C017B",
"versionEndExcluding": "2.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4CA84D6-F312-4C29-A02B-050FCB7A902B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF6C109-E3D3-431C-8101-2FF88763CF5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAB7154-4DE8-4806-86D0-C1D33B84417B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B5BB2213-08E7-497F-B672-556FD682D122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E24426EE-6A3F-413E-A70A-FB98CCD007A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A5B24D-BDF2-423C-98EA-A40778C01A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04E6C8E9-2024-496C-9BFD-4548A5B44E2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F60E32F-0CA0-4C2D-9848-CB92765A9ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B61A7946-F554-44A9-9E41-86114E4B4914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA09838-BF13-46AC-BB97-A69F48B73A8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D163AA57-1D66-4FBF-A8BB-F13E56E5C489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6577F14-36B6-46A5-A1B1-FCCADA61A23B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4367D9B-BF81-47AD-A840-AC46317C774D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0425918A-03F1-4541-BDEF-55B03E07E115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4349FE-EEF8-489A-8ABF-5FCD55EC6DE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D235B299-9A0E-44FF-84F1-2FFBC070A21D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EAA723-2A23-4151-930B-86ACF9CC1C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2E50B0-64B6-4696-9213-F5D9016058A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02AEDB9F-1040-4840-ACB6-8BF299886ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41C2C67B-BF55-4B48-A94D-1F37A4FAC68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "172BECE8-9626-4910-AAA1-A2FA9C7139E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B3A10E-70A8-4332-8567-06AE2C45D3C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "059F0D4E-B007-4986-AB95-89F11147CB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6CAC78AD-86BB-4F06-B8CF-8E1329987F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44563108-AD89-49A0-9FA5-7DE5A5601D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA5DC3F-E7D8-45E3-8114-2213EC631CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "078AEFC0-96DA-4F50-BE8E-8360718103A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ECCD8C1-C055-4958-A613-B6D1609687F1",
"versionEndExcluding": "8.0.29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F978162-CB2C-4166-947A-9048C6E878BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A69FB468-EAF3-4E67-95E7-DF92C281C1F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:21.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB16F34-D561-498F-A8C3-A24A47BCEBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:sd-wan_edge:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "77E39D5C-5EFA-4FEB-909E-0A92004F2563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:sd-wan_edge:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "06816711-7C49-47B9-A9D7-FB18CC3F42F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "435B691D-C763-4692-A46A-3422FA821ACF",
"versionEndExcluding": "2.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*",
"matchCriteriaId": "83E77D85-0AE8-41D6-AC0C-983A8B73C831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*",
"matchCriteriaId": "02B28A44-3708-480D-9D6D-DDF8C21A15EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9772EE3F-FFC5-4611-AD9A-8AD8304291BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CF524892-278F-4373-A8A3-02A30FA1AFF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veritas:access_appliance:7.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26CDB573-611F-403C-9E9F-2A929B7B9602",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veritas:access_appliance:7.4.3.100:*:*:*:*:*:*:*",
"matchCriteriaId": "E84BF8E9-9AB8-4591-9760-C9B727FD0BA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veritas:access_appliance:7.4.3.200:*:*:*:*:*:*:*",
"matchCriteriaId": "2605B356-2BDE-45B2-AAB3-55236E163588",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:veritas:access_appliance:7.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26CDB573-611F-403C-9E9F-2A929B7B9602",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veritas:access_appliance:7.4.3.100:*:*:*:*:*:*:*",
"matchCriteriaId": "E84BF8E9-9AB8-4591-9760-C9B727FD0BA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veritas:access_appliance:7.4.3.200:*:*:*:*:*:*:*",
"matchCriteriaId": "2605B356-2BDE-45B2-AAB3-55236E163588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E18698DE-9043-4AA0-B798-51C0B4CACBAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE9674B-4528-4168-B09A-DBAA48622307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9810D40F-FF25-495F-80A4-7A8D8679FA33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "02B3BC5A-97E2-4295-9EA3-62D29E579E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC18FEAF-65B4-4F56-A703-21DF9B969B0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veritas:netbackup_flex_scale_appliance:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "66B1DC73-8B4C-418B-96A7-17C35E9164CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:veritas:netbackup_flex_scale_appliance:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48E6CF01-79F1-4E56-BB3C-02AE544876E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62D12B2A-0167-4010-888E-30BB96DBA3F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
"matchCriteriaId": "42554066-06A0-44EF-8911-5982A4033E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
"matchCriteriaId": "BE52F0C6-7AB6-4E84-9A8C-01C2AE170504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
"matchCriteriaId": "F2762443-9B5B-4675-84B3-21A60385F86E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F91A353F-6BEE-423E-BB6A-413C2C03D313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
"matchCriteriaId": "6256AE6A-34BF-417A-BAB9-8889457BA31B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
"matchCriteriaId": "FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:veritas:netbackup_virtual_appliance:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F72DF7-C2C6-4009-82D8-462714D80DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:veritas:netbackup_virtual_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*",
"matchCriteriaId": "A5C4BAEE-EAAE-46F6-A275-330EE41CF1F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:veritas:netbackup_virtual_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*",
"matchCriteriaId": "5311A3B2-E1C7-4816-B1DD-F0166C65F5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:veritas:netbackup_virtual_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*",
"matchCriteriaId": "ED4BC39F-2A18-4F2D-B5A6-A1590D220611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:veritas:netbackup_virtual_appliance:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E5BC47D-DD3A-4CE1-B313-18C9547E89EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:veritas:netbackup_virtual_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*",
"matchCriteriaId": "63459D69-EC29-49A6-9577-A48B63C63063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:veritas:netbackup_virtual_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*",
"matchCriteriaId": "7B20A490-3398-4B36-9630-98CADC801E9E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "435B691D-C763-4692-A46A-3422FA821ACF",
"versionEndExcluding": "2.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_speech_assistant_for_machines:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D035FB7D-36A5-439E-9992-DE255F020AB5",
"versionEndExcluding": "1.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinec_network_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D14E8FC-464B-414D-AE56-C20FF46E25FB",
"versionEndExcluding": "1.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*",
"matchCriteriaId": "83E77D85-0AE8-41D6-AC0C-983A8B73C831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*",
"matchCriteriaId": "02B28A44-3708-480D-9D6D-DDF8C21A15EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9772EE3F-FFC5-4611-AD9A-8AD8304291BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CF524892-278F-4373-A8A3-02A30FA1AFF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:commerce_platform:11.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDE72F7-ED9D-4A53-BF63-DF6711FFDEF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7637F8B-15F1-42E2-BE18-E1FF7C66587D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E43D793A-7756-4D58-A8ED-72DC4EC9CEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0EBC7EB1-FD72-4BFC-92CC-7C8B8E462D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_bulk_data_integration:16.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3486C85C-57BC-433F-941C-E81539DA5C1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FBF5C7-EC73-4CE4-8CB7-E9CF5705DB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36E16AEF-ACEB-413C-888C-8D250F65C180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EFAEA84-E376-40A2-8C9F-3E0676FEC527",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_financial_integration:14.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "798E4FEE-9B2B-436E-A2B3-B8AA1079892A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_financial_integration:15.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB86F6C3-981E-4ECA-A5EB-9A9CD73D70C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_financial_integration:16.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6B042849-7EF5-4A5F-B6CD-712C0B8735BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_financial_integration:19.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7435071D-0C95-4686-A978-AFC4C9A0D0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_integration_bus:14.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CFCE558-9972-46A2-8539-C16044F1BAA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_integration_bus:15.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1194C4E-CF42-4B4D-BA9A-40FDD28F1D58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_integration_bus:16.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "822A3C37-86F2-4E91-BE91-2A859F983941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_integration_bus:19.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BD311C33-A309-44D5-BBFB-539D72C7F8C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8383028-B719-41FD-9B6A-71F8EB4C5F8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_merchandising_system:19.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1BC44A-F0AF-41CD-9CEB-B07AB5ADAB38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F14A818F-AA16-4438-A3E4-E64C9287AC66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04BCDC24-4A21-473C-8733-0D9CFB38A752",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it."
},
{
"lang": "es",
"value": "Una aplicaci\u00f3n Spring MVC o Spring WebFlux que es ejecutada en JDK 9+ puede ser vulnerable a la ejecuci\u00f3n de c\u00f3digo remota (RCE) por medio de una vinculaci\u00f3n de datos. La explotaci\u00f3n espec\u00edfica requiere que la aplicaci\u00f3n sea ejecutada en Tomcat como un despliegue WAR. Si la aplicaci\u00f3n es desplegada como un jar ejecutable de Spring Boot, es decir, por defecto, no es vulnerable a la explotaci\u00f3n. Sin embargo, la naturaleza de la vulnerabilidad es m\u00e1s general, y puede haber otras formas de explotarla"
}
],
"id": "CVE-2022-22965",
"lastModified": "2025-01-29T18:15:44.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-04-01T23:15:13.870",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html"
},
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005"
},
{
"source": "security@vmware.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://tanzu.vmware.com/security/cve-2022-22965"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://tanzu.vmware.com/security/cve-2022-22965"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.kb.cert.org/vuls/id/970766"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "security@vmware.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-09-17 16:15
Modified
2024-11-21 04:53
Severity ?
Summary
In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111893654References: Upstream kernel
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | - | ||
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111893654References: Upstream kernel"
},
{
"lang": "es",
"value": "En la funci\u00f3n uvc_scan_chain_forward del archivo uvc_driver.c, se presenta una posible corrupci\u00f3n de la lista enlazada debido a una causa ra\u00edz inusual.\u0026#xa0;Esto podr\u00eda conllevar a una escalada de privilegios local en el kernel sin ser necesarios privilegios de ejecuci\u00f3n adicionales.\u0026#xa0;No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. Producto: Android, Versiones: kernel de Android, ID de Android: A-111893654 Referencias: kernel ascendente"
}
],
"id": "CVE-2020-0404",
"lastModified": "2024-11-21T04:53:27.470",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-17T16:15:14.053",
"references": [
{
"source": "security@android.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html"
},
{
"source": "security@android.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html"
},
{
"source": "security@android.com",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/2020-09-01"
},
{
"source": "security@android.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/2020-09-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-16 19:15
Modified
2024-11-21 06:22
Severity ?
Summary
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| redhat | 3scale | 2.0 | |
| redhat | virtualization_host | 4.0 | |
| fedoraproject | fedora | 34 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux_for_real_time | 7 | |
| redhat | enterprise_linux_for_real_time_for_nfv | 7 | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h300e_firmware | - | |
| netapp | h300e | - | |
| netapp | h500e_firmware | - | |
| netapp | h500e | - | |
| netapp | h700e_firmware | - | |
| netapp | h700e | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E8B747-E49E-4235-94D6-DEF338ADB91C",
"versionEndExcluding": "4.4.293",
"versionStartIncluding": "2.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1EE39E-FE30-4B7D-A26F-631135BCBB3F",
"versionEndExcluding": "4.9.291",
"versionStartIncluding": "4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCEB92FF-21BF-4F75-ACA1-6AE1D51A79FC",
"versionEndExcluding": "4.14.256",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F85F433-5DEA-47D3-B07E-3B1AC474D6E0",
"versionEndExcluding": "4.19.218",
"versionStartIncluding": "4.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB57B30-4B94-4161-AC33-32CE3E01ED85",
"versionEndExcluding": "5.4.160",
"versionStartIncluding": "4.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA671850-79DF-4CBC-AECE-A197139C7700",
"versionEndExcluding": "5.10.80",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEA9E6D-0F19-4EA8-B4B7-0ACE5C0FC7DD",
"versionEndExcluding": "5.14.19",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83F73FEF-14B1-40D4-9A9D-2FCF409F26AE",
"versionEndExcluding": "5.15.3",
"versionStartIncluding": "5.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:3scale:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5BBA2217-0805-427B-81E2-13516C0EDCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B15608-BABC-4663-A58F-B74BD2D1A734",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*",
"matchCriteriaId": "36E85B24-30F2-42AB-9F68-8668C0FCC5E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free flaw was found in the Linux kernel\u2019s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo de uso de memoria previamente liberada en el subsistema Bluetooth del kernel de Linux en la forma en que las llamadas de usuario son conectadas al socket y son desconectadas simult\u00e1neamente debido a una condici\u00f3n de carrera. Este fallo permite a un usuario bloquear el sistema o escalar sus privilegios. La mayor amenaza de esta vulnerabilidad es para la confidencialidad, la integridad y la disponibilidad del sistema"
}
],
"id": "CVE-2021-3752",
"lastModified": "2024-11-21T06:22:20.397",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-16T19:15:08.587",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999544"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "secalert@redhat.com",
"url": "https://lore.kernel.org/lkml/20211115165435.133245729%40linuxfoundation.org/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220318-0009/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2021/09/15/4"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lore.kernel.org/lkml/20211115165435.133245729%40linuxfoundation.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220318-0009/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2021/09/15/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-01 23:15
Modified
2025-03-13 16:36
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
References
Impacted products
{
"cisaActionDue": "2022-09-15",
"cisaExploitAdd": "2022-08-25",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:spring_cloud_function:*:*:*:*:*:*:*:*",
"matchCriteriaId": "905988BB-71EE-49CE-A73C-FBD4488299D2",
"versionEndIncluding": "3.1.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:spring_cloud_function:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43C88657-BCAC-40EB-83EB-2FF70F9173A0",
"versionEndIncluding": "3.2.2",
"versionStartIncluding": "3.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:banking_branch:14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BAE9DFCA-E0C2-420D-86D7-5593F12EE945",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_cash_management:14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "626C6209-8BC3-4954-BF0C-51500582457E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE231C5-8BF0-48F4-81EF-7186814664CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA5FF83-B693-4DAB-B585-0FD641266231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_electronic_data_exchange_for_corporates:14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B6968A-9EB3-46B6-9BD4-735EFED3F869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_liquidity_management:14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B7FC2BF9-B6D7-420E-9CF5-21AB770B9CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_liquidity_management:14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5A1417-2C59-431F-BF5C-A2BCFEBC95FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_origination:14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1D6889DD-D320-470C-BA94-165AC79A3AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB3A29-0994-46F4-8093-B4A9CE0BD95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4A9041-B9BC-451C-B1BD-4E2FD795BF27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:banking_virtual_account_management:14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2696CD1-9514-405D-A3B3-8308EC1FA571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4CA84D6-F312-4C29-A02B-050FCB7A902B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF6C109-E3D3-431C-8101-2FF88763CF5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAB7154-4DE8-4806-86D0-C1D33B84417B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B5BB2213-08E7-497F-B672-556FD682D122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E24426EE-6A3F-413E-A70A-FB98CCD007A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A5B24D-BDF2-423C-98EA-A40778C01A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04E6C8E9-2024-496C-9BFD-4548A5B44E2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3221BB-E48E-4B28-B84F-C888EE802A17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F60E32F-0CA0-4C2D-9848-CB92765A9ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B61A7946-F554-44A9-9E41-86114E4B4914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA09838-BF13-46AC-BB97-A69F48B73A8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6577F14-36B6-46A5-A1B1-FCCADA61A23B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4367D9B-BF81-47AD-A840-AC46317C774D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0425918A-03F1-4541-BDEF-55B03E07E115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0C905A-EA99-4B4E-A350-7F6A63CD6EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4349FE-EEF8-489A-8ABF-5FCD55EC6DE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D235B299-9A0E-44FF-84F1-2FFBC070A21D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EAA723-2A23-4151-930B-86ACF9CC1C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2E50B0-64B6-4696-9213-F5D9016058A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "570DB369-A31B-4108-A7FD-09F674129603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CC69CF0-6269-40F5-871B-16CFD5EC4C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "172BECE8-9626-4910-AAA1-A2FA9C7139E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B3A10E-70A8-4332-8567-06AE2C45D3C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "059F0D4E-B007-4986-AB95-89F11147CB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6CAC78AD-86BB-4F06-B8CF-8E1329987F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44563108-AD89-49A0-9FA5-7DE5A5601D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA5DC3F-E7D8-45E3-8114-2213EC631CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "078AEFC0-96DA-4F50-BE8E-8360718103A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0EBAC6D-D0CE-42A1-AEA0-2D50C8035747",
"versionEndIncluding": "8.0.29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0531C009-B395-4E94-A5F0-A89A152E706B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A69FB468-EAF3-4E67-95E7-DF92C281C1F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_xstore_point_of_service:21.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB16F34-D561-498F-A8C3-A24A47BCEBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:sd-wan_edge:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "77E39D5C-5EFA-4FEB-909E-0A92004F2563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:sd-wan_edge:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "06816711-7C49-47B9-A9D7-FB18CC3F42F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources."
},
{
"lang": "es",
"value": "En Spring Cloud Function versiones 3.1.6, 3.2.2 y versiones anteriores no soportadas, cuando es usada la funcionalidad routing es posible que un usuario proporcione un SpEL especialmente dise\u00f1ado como expresi\u00f3n de enrutamiento que puede resultar en la ejecuci\u00f3n de c\u00f3digo remota y el acceso a recursos locales"
}
],
"id": "CVE-2022-22963",
"lastModified": "2025-03-13T16:36:53.717",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-04-01T23:15:13.663",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.html"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005"
},
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tanzu.vmware.com/security/cve-2022-22963"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxH"
},
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tanzu.vmware.com/security/cve-2022-22963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxH"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "security@vmware.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-917"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-03 00:15
Modified
2024-11-21 05:21
Severity ?
Summary
A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | 2.6.12 | |
| linux | linux_kernel | 2.6.12 | |
| linux | linux_kernel | 2.6.12 | |
| linux | linux_kernel | 2.6.12 | |
| linux | linux_kernel | 2.6.12 | |
| linux | linux_kernel | 2.6.12 | |
| fedoraproject | fedora | 33 | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74514138-449C-4AE6-BA1E-3F704FCBE895",
"versionEndExcluding": "5.4.162",
"versionStartExcluding": "2.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9D1E0FE-8CE2-4486-9796-863263EEB78B",
"versionEndExcluding": "5.10.82",
"versionStartExcluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29F682A8-8AFD-4F2D-BDD0-29857FEC2DB1",
"versionEndExcluding": "5.15.5",
"versionStartExcluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*",
"matchCriteriaId": "6F62EECE-8FB1-4D57-85D8-CB9E23CF313C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4F76C298-81DC-43E4-8FC9-DC005A2116EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0AB349B2-3F78-4197-882B-90ADB3BF645A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "6AC88830-A9BC-4607-B572-A4B502FC9FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "476CB3A5-D022-4F13-AAEF-CB6A5785516A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*",
"matchCriteriaId": "8CFD5CDD-1709-44C7-82BD-BAFDC46990D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Linux kernel, where a use-after-frees in nouveau\u0027s postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if \"unbind\" the driver)."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en el kernel de Linux, en la que un uso de memoria previamente liberada en el manejador postclose() de nouveau podr\u00eda ocurrir si se quita el dispositivo (que no es com\u00fan quitar la tarjeta de v\u00eddeo f\u00edsicamente sin apagar, pero lo mismo ocurre si se \"desvincula\" el controlador)"
}
],
"id": "CVE-2020-27820",
"lastModified": "2024-11-21T05:21:52.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-03T00:15:07.550",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901726"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901726"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline%40redhat.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline%40redhat.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline%40redhat.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-03 22:15
Modified
2025-03-13 15:40
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.
References
Impacted products
{
"cisaActionDue": "2022-06-06",
"cisaExploitAdd": "2022-05-16",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "VMware Spring Cloud Gateway Code Injection Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:spring_cloud_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED6E19AB-5568-4296-99CD-DC54EC30E518",
"versionEndExcluding": "3.0.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:spring_cloud_gateway:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71D24F3E-9DA8-491B-841F-BDF95B8000B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3622F5-5976-4BBC-A147-FC8A6431EA79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10323322-F6C0-4EA7-9344-736F7A80AA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2BC68D-C8B2-4C8B-9426-21F00CBDD873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E24426EE-6A3F-413E-A70A-FB98CCD007A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A5B24D-BDF2-423C-98EA-A40778C01A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F60E32F-0CA0-4C2D-9848-CB92765A9ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF616620-88CE-4A77-B904-C1728A2E6F9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A264E0DE-209D-49B1-8B26-51AB8BBC97F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB5FF32-7362-4A1E-AD24-EF6B8770FCAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA09838-BF13-46AC-BB97-A69F48B73A8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6577F14-36B6-46A5-A1B1-FCCADA61A23B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B40FAF9-0A6B-41C4-8CAD-D3D1DD982C2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "175B97A7-0B00-4378-AD9F-C01B6D9FD570",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host."
},
{
"lang": "es",
"value": "En spring cloud gateway versiones anteriores a 3.1.1+ y a 3.0.7+ , las aplicaciones son vulnerables a un ataque de inyecci\u00f3n de c\u00f3digo cuando el endpoint del Actuador de la Puerta de Enlace est\u00e1 habilitado, expuesto y sin seguridad. Un atacante remoto podr\u00eda realizar una petici\u00f3n maliciosamente dise\u00f1ada que podr\u00eda permitir una ejecuci\u00f3n remota arbitraria en el host remoto"
}
],
"id": "CVE-2022-22947",
"lastModified": "2025-03-13T15:40:47.357",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-03-03T22:15:08.673",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/166219/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html"
},
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/168742/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html"
},
{
"source": "security@vmware.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://tanzu.vmware.com/security/cve-2022-22947"
},
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/166219/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/168742/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://tanzu.vmware.com/security/cve-2022-22947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "security@vmware.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-917"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-20 07:15
Modified
2024-11-21 06:28
Severity ?
Summary
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| debian | debian_linux | 9.0 | |
| starwindsoftware | starwind_san_\&_nas | v8r12 | |
| starwindsoftware | starwind_virtual_san | v8r13 | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8919DDD-6C51-4A2E-8CAB-09145C28945E",
"versionEndIncluding": "5.14.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:starwindsoftware:starwind_san_\\\u0026_nas:v8r12:*:*:*:*:*:*:*",
"matchCriteriaId": "45D7C2A6-CA6B-44DB-818D-BC2BE89E93D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8r13:14338:*:*:*:*:*:*",
"matchCriteriaId": "69561727-6405-4EAF-905E-6D5C9761E6EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo de desbordamiento de b\u00fafer basado en la pila en el controlador de la tarjeta multimedia FireDTV del kernel de Linux, donde el usuario llama al ioctl CA_SEND_MSG. Este fallo permite a un usuario local de la m\u00e1quina anfitriona bloquear el sistema o escalar privilegios en el sistema. La mayor amenaza de esta vulnerabilidad es para la confidencialidad, la integridad y la disponibilidad del sistema"
}
],
"id": "CVE-2021-42739",
"lastModified": "2024-11-21T06:28:04.663",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-20T07:15:09.140",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951739"
},
{
"source": "cve@mitre.org",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=35d2969ea3c7d32aee78066b1f3cf61a0d935a4e"
},
{
"source": "cve@mitre.org",
"url": "https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ%40mwanda/"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/oss-sec/2021/q2/46"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.starwindsoftware.com/security/sw-20220804-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=35d2969ea3c7d32aee78066b1f3cf61a0d935a4e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ%40mwanda/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/oss-sec/2021/q2/46"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.starwindsoftware.com/security/sw-20220804-0001/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-16 19:15
Modified
2024-11-21 06:22
Severity ?
Summary
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| fedoraproject | fedora | 34 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "202CAD0B-4BA5-4F2B-8C10-8290E5F5434C",
"versionEndExcluding": "5.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CF577C5-E750-4852-8963-86276725A31F",
"versionEndExcluding": "5.15.15",
"versionStartIncluding": "5.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks."
},
{
"lang": "es",
"value": "Un fallo en netfilter podr\u00eda permitir a un atacante conectado a la red inferir informaci\u00f3n del endpoint de la conexi\u00f3n openvpn para su posterior uso en ataques de red tradicionales"
}
],
"id": "CVE-2021-3773",
"lastModified": "2024-11-21T06:22:23.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-16T19:15:08.763",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004949"
},
{
"source": "secalert@redhat.com",
"url": "https://citizenlab.ca/2024/07/vulnerabilities-in-vpns-paper-presented-at-the-privacy-enhancing-technologies-symposium-2024/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004949"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://citizenlab.ca/2024/07/vulnerabilities-in-vpns-paper-presented-at-the-privacy-enhancing-technologies-symposium-2024/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-17 17:15
Modified
2024-11-21 06:30
Severity ?
Summary
In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| netapp | cloud_backup | - | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h300e_firmware | - | |
| netapp | h300e | - | |
| netapp | h500e_firmware | - | |
| netapp | h500e | - | |
| netapp | h700e_firmware | - | |
| netapp | h700e | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9BE6FE-DBC8-4A79-BB25-1FB024F06450",
"versionEndIncluding": "5.15.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic)."
},
{
"lang": "es",
"value": "En el kernel de Linux versiones hasta 5.15.2, la funci\u00f3n mwifiex_usb_recv en el archivo drivers/net/wireless/marvell/mwifiex/usb.c permite a un atacante (que puede conectar un dispositivo USB dise\u00f1ado) causar una denegaci\u00f3n de servicio (skb_over_panic)"
}
],
"id": "CVE-2021-43976",
"lastModified": "2024-11-21T06:30:07.357",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-17T17:15:08.537",
"references": [
{
"source": "cve@mitre.org",
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04d80663f67ccef893061b49ec8a42ff7045ae84"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X24M7KDC4OJOZNS3RDSYC7ELNELOLQ2N/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YODMYMGZYDXQKGJGX7TJG4XV4L5YLLBD/"
},
{
"source": "cve@mitre.org",
"url": "https://patchwork.kernel.org/project/linux-wireless/patch/YX4CqjfRcTa6bVL+%40Zekuns-MBP-16.fios-router.home/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20211210-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5092"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04d80663f67ccef893061b49ec8a42ff7045ae84"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X24M7KDC4OJOZNS3RDSYC7ELNELOLQ2N/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YODMYMGZYDXQKGJGX7TJG4XV4L5YLLBD/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://patchwork.kernel.org/project/linux-wireless/patch/YX4CqjfRcTa6bVL+%40Zekuns-MBP-16.fios-router.home/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20211210-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-04 19:15
Modified
2024-11-21 06:29
Severity ?
Summary
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| redhat | enterprise_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF5750B-219C-419D-8DD4-D9F958B68CD0",
"versionEndExcluding": "5.14.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*",
"matchCriteriaId": "053C1B35-3869-41C2-9551-044182DE0A64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c."
},
{
"lang": "es",
"value": "Se ha detectado un problema en el kernel de Linux versiones anteriores a 5.14.15. Se presenta un fallo de \u00edndice de matriz fuera de l\u00edmites en la funci\u00f3n detach_capi_ctr en el archivo drivers/isdn/capi/kcapi.c"
}
],
"id": "CVE-2021-43389",
"lastModified": "2024-11-21T06:29:08.323",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-04T19:15:07.623",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/05/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013180"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "cve@mitre.org",
"url": "https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA%40mail.gmail.com/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/oss-sec/2021/q4/39"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/11/05/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA%40mail.gmail.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/oss-sec/2021/q4/39"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-11 18:15
Modified
2024-11-21 06:37
Severity ?
Summary
Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:atom_p5921b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D6CEE1-25DF-43C5-AEBB-49585B64236A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_p5931b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31E2104F-0CE3-4B9D-88B3-35D982C36562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_p5942b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D860FEC-BA79-4FEE-A79C-88AA857358E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_p5962b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2CEF8A6-2445-4B63-822D-81F6AC708D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x6200fe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89231773-9D9B-434A-A6A3-8527C4F6FEBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x6211e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A85EA674-2537-4323-AEDA-FA356489E7DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x6212re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F85599DD-3F80-4EB0-9753-D24EDD8D76CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x6413e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B3348F4-8E2B-42BE-9F3A-48DFF5CE0047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x6425e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F068F4F-8CCD-4218-871C-BEABEB0DAB55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x6425re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7313975C-41A5-4657-8758-1C16F947BE4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x6427fe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBE4406-9979-4723-833C-176F051E6389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_5305u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39831D4E-743A-4C09-900F-24DDAB5D1B22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_6305:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D63F16DE-E30E-4268-B079-E07FD28355BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_6305e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "936DAD12-11D6-4AAF-B48D-5076C94BF30C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_6600he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F11BB81D-8243-4B19-835C-6E0B4341894A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5205u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BFB5A51-399C-4AC5-BA09-E74C5AD520EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5305u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F42D5DAA-8279-4A4F-A843-EBA0814952BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "545649F6-46CA-40CB-8A00-5DD40F6A83B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5900t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D42AC70C-B114-4795-8769-D9AF12298456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5905:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DEF520D-9427-4C5A-81F0-FCED5E2A8B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5905t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B773674-1DB0-41D8-A758-2AF49F4722D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5920:-:*:*:*:*:*:*:*",
"matchCriteriaId": "153ABD9D-2C72-40C6-8DF9-3EB7D1D35B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5925:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4036274A-CC6F-48B2-BF2E-DF51C4148B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABAF1125-B4F7-4BC9-B9DA-CA9125D4BC65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g6900t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AA8490E-45D6-4B6E-AF98-B75385574D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652EC574-B9B6-4747-AE72-39D1379A596B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*",
"matchCriteriaId": "522A9A57-B8D8-4C61-92E3-BE894A765C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A588BEB3-90B5-482E-B6C4-DC6529B0B4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "826BAF04-E174-483D-8700-7FA1EAC4D555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j6413:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A8BF58-1D33-484A-951C-808443912BE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8771AB4-2F51-494D-8C86-3524BB4219C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D7E822D-994F-410D-B13C-939449FFC293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5576F2-4914-427C-9518-ED7D16630CC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ABB7C52-863F-4291-A05B-422EE9615FAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B54D15DF-53EA-4611-932A-EDB8279F582A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n4504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06499DE1-DA07-4C39-BBAC-FC57F4E0D4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96D6F5D3-3559-47AD-8201-C9D34417DC09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n5105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA455AC5-8434-4B59-BE89-E82CDACD2AEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n6211:-:*:*:*:*:*:*:*",
"matchCriteriaId": "406E9139-BCFF-406B-A856-57896D27B752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DAA00D4-A8AA-44AA-9609-0A40BD4FB2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF64D95C-653A-4864-A572-CD0A64B6CDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30B2F570-1DD9-49C7-BB72-0EA0E9A417C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA9CBE9-CF87-495B-8D80-5DDDCD2044B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10100f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "614B1B4E-E1D7-417F-86D1-92F75D597E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10100t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD11E86-B786-43C8-9B67-8F680CC30451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10100te:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D740D69-83B6-4DBF-8617-9B1E96DFF4FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BB09ACB-EFFF-4C2F-BEB5-AE1EEDC1EC2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10105f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8B15567-BFEA-43BE-9817-98A1F5548541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10105t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "984C7C7A-2F8E-4918-8526-64A080943E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10110u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44BF0AFB-E9DC-4EA5-BFFF-48F896C655E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7AFC285-2248-45E7-9009-1402628F17E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10300t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "078DAE1F-8581-44FB-83EA-575685928C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10305:-:*:*:*:*:*:*:*",
"matchCriteriaId": "887BEC29-AD0D-4BEB-B50B-F961629BBF23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10305t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93859A03-DE41-4E7B-8646-93925ACBFC42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD8BD84-B6F9-48D5-8903-2C56C12EFFEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9877F278-641B-4F83-B420-AB4E1018EA9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-11100he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABF9AEE-BE1C-40EF-9E5F-6F3641BA7CDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C60AF0D-983D-454E-8940-209C471DC041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F26C6DA-ED6B-444A-A63A-5155FCA4F0DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1115g4e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66BAF09D-8199-4579-B25A-E7C5177385E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1115gre:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EA30AA-713F-40AD-8C94-C1129198EE98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D9B687-C3EE-4AF5-B9BE-7F0698D0F258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "114DF43C-839F-4066-AA30-8DC16B1D6687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-12100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A87E241-4E74-4F89-8E5A-1A3980A5DDDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-12100f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4325860-834E-4042-BDB2-5EB5A2D0F1F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-12100t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0765F36F-94F8-45BE-8AF9-3373E5E567F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1220p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0F50A0-5F1D-4D30-B5F3-C94C44C323D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-12300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31A8AC04-8182-4BF2-9FDA-B2D607222EDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-12300t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082596F0-6707-4175-A9CB-868D853F7362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-l13g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39FD6F9C-FEEA-4D52-8745-6477B50AFB0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10110y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62BFF15A-0C78-45BC-8E71-EDF624AC162D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10200h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB69A6F1-9B4D-4CDA-8388-E7FCBB2163DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71615EAF-4DF4-4B9E-BF34-6ED0371A53D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "376B6DD7-1284-4BD9-88A4-5C34303CC5D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10300h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "403E8A3A-28C2-4329-BF31-1A530E317959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F6F725-217C-48FF-86DD-E91A24156121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "365696BF-CE3D-4CE6-92A8-413DDE43774E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8515D29-3823-4F9B-9578-8BB52336A2A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE048AEB-094D-4102-9DBF-488FEB53FF89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3907FA31-6F1A-45BA-ACF3-1C8EE05D9BA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D48D9F5F-95BD-4F6B-8A37-D1CAA7D2DB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF497A0-30BC-42A4-A000-C0D564D4872A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10400f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3025301-52D3-43D7-B6AB-F3F0A5C882DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10400h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B2A62F5-A8DF-4565-B89F-9C58B1FB8D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10400t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9466A6CC-8D69-4EB5-94E2-611297120462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D116C4-698B-45BC-8622-87E142B37922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10500t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36836EB0-99DD-4217-9182-1E9FC5656C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10500te:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD507601-CD6D-4F11-A4A7-790FB740B401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C26205-C602-46F6-B611-424709325D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "464587A0-9EAA-4DF5-AFEB-15F2FA9CD407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10600k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1940F59A-67FD-45F9-9C78-51A50687628F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10600kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B722E2A-1262-44FD-8F7C-F9A9A5C78744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10600t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DEFF6A7-0DE2-4BEE-80DC-BBAB259647AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11260h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BCD9C35-95D0-49E6-A9AC-E3AA8CD3F7B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11300h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B40E9EC2-A8A6-4800-9F9E-B1237832D6F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "158CC66D-32E5-4396-8E5D-4D90EE9AB62C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11320h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55227C1C-D6CE-40AD-A5AA-7143E0A7AEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E84F0381-296A-408E-90D4-A316EE894A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "092E3E45-5F58-412F-BAC9-C3B5290D8349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11400f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA7E6D0-0ADA-4BE1-8273-69AB3DE3BA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11400h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6FCAFC0-EEE2-43E4-AE90-1803588B5689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11400t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8640175-3BC2-4C7B-A5A3-51E5677EDECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1140g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7077CBF1-1FC8-4AF9-8B39-A15871FFD3CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1145g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53D902B5-D135-4961-AED9-EA6DF06534B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1145g7e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2910EB49-C9C6-4FC9-AA55-E7A0DAE28B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1145gre:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B858B433-9DA0-4224-B94C-4962FB3A4138",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6B5FC3-8E55-430A-A55A-AF541690C576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11500h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55568460-F318-48FB-90E4-55CBBAF13E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11500t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7AFF680-DBC6-432E-A6DE-E7E7E4F2F26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1155g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB84973-3DAC-4458-A817-943302F5EFF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B26C730-32FA-4D51-88FA-E724147147BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11600k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF7C5BF-E151-42DB-B0CF-E2589904C9A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11600kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E12D6BD2-7D32-4194-84D3-A0DE4B88BFF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11600t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EC487F-B9A8-410F-AE1F-8D1B74BA77D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74A47464-BB99-44BB-A1B7-D8469BEAF408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12400f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12882E19-1107-48E7-9ECD-A2891B8900D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12400t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "896688AD-84FF-4270-8F44-61764C0052B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1240p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1646C42-B42B-451F-9B9D-AEE7CF74E9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12450h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9729F36E-F830-4397-8B0E-A91BF5601F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEC0A8-69C2-4BE9-B510-5C111C6EE9BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12500h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "047CB3C6-C53C-4BA5-AB1C-5D739B30F9FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12500t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91BF3506-7257-4E37-98AC-DDF0283C1FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1250p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65E0B274-5CFA-481E-8355-64D7BC16D871",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CC5B69A-022B-4F8C-BAAC-97AFBAEA9730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12600h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63684C47-972B-45A3-9234-111F25FD35B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12600k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28CE6C6D-7D12-4E4F-BB76-54BF1C0A7B97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12600kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A4AFFB3-6117-4BCC-BE63-814042823182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12600t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F880C0CA-815A-49D2-8BA6-F220E3E467D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC12E92-33CB-4603-AC14-3351CE1D4E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E62309E-1071-4569-8C9A-11748D629CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3E166F-3D9F-4D0D-924A-147883598EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71294A32-F3DD-45EA-A0FC-C3EA0351FA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9054F35-AAB5-481E-B512-EDF4C3F2EA2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-9300h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A735A90-47E1-44C6-AE76-F6C7FFDCD4D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC9F52F-6669-459A-A0A9-8F472E1F2761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-9400f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7E91B92-4DB7-4866-8370-C6F8616D3D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-9400h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85F465BF-4548-45EB-AC40-384F4E6248EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-9600k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1DFFFEB-CC63-4F51-8828-C5D4E0287264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-9600kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B176D141-26B0-477E-B2DB-2E48D6FB82AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-l16g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A4FD69F-FF53-43F4-97C8-40867DB67958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "494A828B-F2BF-40CA-AAFB-7D2AF2BAF3AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD97F84B-ED73-4FFD-8634-10631FEE03EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CDC1BE-6A64-425C-AF2C-7DFB28FB604A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10610u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D974FFFD-BBCC-444C-9EF1-AE478EEDB6E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2243674B-E505-4FED-B063-953A1569EA30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1978F85-5BA5-468E-B797-7FA7EB4F489D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10700e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8D3D0CA-C981-4091-99F9-203DA8F156F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10700f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EB23D0C-D2BC-4E7F-94AF-CAF171A64307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CC9312B-40A7-4D4A-A61C-3BA865C29F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10700kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EBECBE5-2BF0-4175-81CC-C6D054C819B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10700t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB33CC4F-9D51-4A11-B063-6E78F0D71555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10700te:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7092B8E-DD3F-440D-B2AA-F0E5FC4A9725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA491401-C484-4F77-ABF8-D389C94BF7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10750h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F8B600-B618-48E1-81EE-14A8A843F09F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10810u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ADD367-82C8-4761-AEBA-A0200C5D1CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10850h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF75C0E-BA48-4C56-8398-109D06B5A5D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10870h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25329A6F-9D49-4EA7-B9FB-8C2FA5343475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10875h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22921B65-513F-4ACE-80A2-4A31199BB5EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11370h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63719B1D-5A98-44E3-80D8-CF0B4C1C6F80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11375h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5365D3B-1B0B-416D-ACFB-23843FD25EAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11390h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2556EF0A-B29F-4E9E-BB77-955CBC851EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F5409D-23C7-4CA9-951C-8EEEAE31DFDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5601E40A-96E1-4321-9682-055A1C607488",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF36D9CC-2FD8-4D08-8712-E625D4754613",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11700f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3252CF19-9D1D-4A46-9C94-0E7255CDDD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11700k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E11C7F38-3313-4F6D-9D5D-E61C89E716B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11700kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70B0C976-3B68-4647-909A-5D574D711C7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11700t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA18192E-7DBB-45BB-8568-CA7159AF8CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11800h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2FDB568-5340-4DD8-B933-1CD64C370BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1180g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D28DF93B-E15D-47D3-B9C0-4AEE8B7FADD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11850h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78F2DD1D-DB6F-44D1-BE3B-C798C09CC5F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11850he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "104B88E7-3B8F-4C4E-AD07-CAD1DCD7898B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12ADA9A2-6E64-4F17-B369-816639F0D3BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1185g7e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "514B7B5E-D60D-464A-8CB0-273044FD2E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1185gre:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB608EE-83AF-4192-93E1-7DDBA5F6A54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1195g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B807B5D8-BCDB-4398-8ADC-DBD1BD8D2B88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1260p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "989B6E1C-7681-4A11-B9F4-D94C47D57BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12650h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F75A1B08-CE1F-47A5-B706-104A62861932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E458521-2BD9-4719-9F83-6ECC3BC19B70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12700f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8762D1-5333-4EED-B31E-338052061237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12700h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67DCFA7E-734D-4FE0-913E-74D85564ABE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12700k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF502AE-BD3F-461B-9476-FB04818DA1F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12700kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "445022AC-A3CD-402E-AF44-2C1BC2B790E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12700t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF63765B-1BAE-4B53-9BA8-FDFDD2C58417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1270p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D78245E2-BE22-4BD5-9252-44FF5815D7CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12800h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E1DF00E-1B1A-4FCA-BEEF-7D2BF9F001A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1280p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91A093D4-A800-4F28-8480-85D62068CB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-7640x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F946429E-3362-41E5-88D9-FA01BE8D4312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-7740x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E9EF2F2-750C-4CB7-9858-69D7FFA4EF31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-7800x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8580A81E-8BDE-4EB5-B830-6AA7550A25C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-7820x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43756EB8-9F85-4499-99F0-43E69CA3F470",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "957F3AC9-D071-4932-B2C9-1643FB78BC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F41025AC-6EFE-4562-B1D1-BAB004875B06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34DD3CCB-91D5-48D6-80BC-CA643385BCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-9700k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB0C1DA-60C6-4C9E-99D6-7A47696DACD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-9700kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2EB81B1-7DEF-4CC3-ADC9-A4CB1042E406",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-9750hf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31CD303F-AAE9-4635-987D-742031232BDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-9850h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0320CB-05E3-4D5B-BCEF-D862566B0AA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10850h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D48C9306-80AD-40CC-9516-E1B6F5A63556",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10850k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39F9F143-0AB4-4302-82B8-B4EA790EB08D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10885h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE73B0A0-E275-449D-8ADD-86AE188DE82A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE06C64A-1610-4340-98CF-AC91258AB215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C27F79F3-EA0A-429C-8DA9-BC276A94AFB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B07609EB-E10B-4253-938E-81566036D81B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B7AEF3-7A62-43B2-8F0C-70E5A2CDB29A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC44D69-AAAB-4524-9D12-F1A606D57831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23D2887-1246-4EA4-B8B6-57BC7FB869E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900te:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEFC46D5-B23D-4513-9669-4DC53662F87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93E897C-5D7B-4532-99D9-53192A1F776A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10920x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33D0D618-D738-47F5-B7F7-C7F07972C893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10940x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A147E8-0778-49CE-92EF-ED1950138528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10980hk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D264277-00CB-4FCC-ADAA-38536609D0F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC25725-73F6-4948-B17A-A05E8978EB78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11900f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D9BFA32-89B3-4E26-B980-2694B5378D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11900h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65E2A7C5-78D9-4F75-B8A2-5EB3ECEFBFF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11900k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2D04A37-79EE-467B-BD8A-0CA0BDD85F0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11900kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FECF6BE-2CED-4510-91C5-195686C9C421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11900t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B903E2A0-EE73-4F13-AB26-8F5644462E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11950h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "170B497C-05F2-46B5-92CD-ACF7C0BE1711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11980hk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEF53EA8-8EB4-455C-A986-405DBB122D3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-12900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6A5B34-780D-46F2-8DC8-F310F9201FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-12900f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D78411-A542-48D7-B840-22290B3A98A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-12900h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86AABCC6-4CA4-4A2D-9DC6-D0AD6FF99BB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-12900hk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58A1375C-4B33-4557-9BA0-D03EAC350D86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-12900k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "783F6EC3-354C-4501-9557-E1BFFC0852DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-12900kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC8F48DC-E327-4B3D-BA52-901D21A6412E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-12900t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82004D25-6F97-4549-B98E-148E44134529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-7900x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B97260E-1D7A-45B5-AD86-EBF8CA259FE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-7920x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58002875-D63D-4ABD-A8B7-DCAEB7E94AE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-7940x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAC07903-D4B7-423F-9F79-7DF45E5350BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-7960x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBC4FB5-7C2D-4E10-80BB-3951FFA3A6CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9800x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B32C5EE-D845-471C-85EA-DA5F9B04F01B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9820x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D93CC48C-DCCB-442A-98D5-3165CCFAE7F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9880h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "659206BB-510A-47F8-8B6E-FD030A6BE1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9900k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3257F5-CA55-4F35-9D09-5B85253DE786",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9900kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6F8CEA0-1CD6-4F17-85E3-C1CB04D9833A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9900x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "655E770E-B9EE-4B08-B1EE-F393C7F68941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9920x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBC47200-8F3F-4969-AABA-39F4B1E4E263",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9940x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EB17629-2454-478B-8E1A-AC2D2FC2233C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9960x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A28B6DE9-D383-4CA2-94D5-4C9CFF95E01E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9980hk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A48A2969-DC53-48E2-A5CA-4DF2B00D1960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AFFC8B-3AC1-49B4-9A73-18A3EC928591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_7505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD6B51B5-96AA-44C8-9539-9D7F67143DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A263FA56-5F1F-4E91-A354-38648E130685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6400t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D24E8214-881A-4C15-A544-FB3FD5D14DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6405:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1EDE72E-3734-4FB5-BC77-B7C3838D41F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6405t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E07450B-D81B-474D-9150-C9D8A62D44A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6405u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E78C7A9B-7DCE-416F-909E-B3CC52AEBE9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A892B60-7FD3-41A6-9997-586B76757416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6500t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4701D592-F06C-4713-9736-19DB130B5E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E6063A-23C9-4845-B575-5D330B6C68F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6505t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50C73A4-D52E-4560-B725-61F416E18505",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25570E2C-BBE9-402F-9631-FA5014767CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D59D57C2-CFB5-486E-A340-E63C7D7A8B6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g7400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "998DCE68-F426-47C5-80F7-BFE42FD69DFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g7400t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE04ADB-3037-41E8-8DF4-8588FDFB759A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_j6425:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D97C7A90-D8C6-4901-BCA1-E40DA173AA9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_n6415:-:*:*:*:*:*:*:*",
"matchCriteriaId": "638FA431-71EA-4668-AFF2-989A4994ED12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_silver_j5005:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC903FA4-2C4E-4EBB-8BFA-579844B87354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_silver_j5040:-:*:*:*:*:*:*:*",
"matchCriteriaId": "667F2E6C-C2FD-4E4B-9CC4-2EF33A74F61B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_silver_n5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF16D51-5662-47C3-8911-0FACEEDB9D80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_silver_n5030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4430E-E4B1-454F-8C95-6412D34454C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_silver_n6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31282347-8DCB-4B37-A853-DFD9D5AF31EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_silver_n6005:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42841FAC-A6EC-44F3-9FCD-B4549A783014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_bronze_3204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E687CADE-6E49-4284-BD41-6CA2FDD846FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_bronze_3206r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7540F0-7EB8-4F64-AA31-9AF3D79BEC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_d1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D94D7B29-565F-4E62-A958-27FFDDD7399E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_d2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "594DDCAB-96D4-4999-824E-7597B971B6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63650DBF-4DBD-4655-AE93-5CBE53F8E0FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2278ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00912C9C-D386-445E-B390-E96361ECDFA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2278gel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60B582A1-784C-4BE8-A0D5-706DE01D769E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2286m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "556637E1-9502-41E7-B91D-082C92F233A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA930BC-EF68-4AD5-AA1B-0659358028D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2314:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A8EA870-2228-4E81-A417-30E040A5C0E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2324g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "656D31B6-1E8D-4A44-9D7A-023051E7050A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2334:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49EEE5AA-3867-4137-B165-5004C34C77B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2336:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A38417-1DB2-4C85-80D9-D3968BF7A83B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2356g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F74E9E4-F84C-4B7F-8A42-20EEC60986DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2374g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74F99F83-A7E6-4AFD-BC42-7348EF6613AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2378:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A62A9F4-2B98-4F2D-9143-08D1689E38AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2378g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8FD06CB-F456-44BD-900B-06131DC68B6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2386g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9044310E-4DF9-47BA-9D05-C1405DC8CDB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2388g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA881CDA-1C16-43F1-A7D5-69502512A21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5215:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA109ED-BC4D-4F70-81B2-3CE0E2B3D9DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5215l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "070C20AB-66F2-4EE2-8134-5E40DBB9B9E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5217:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CA49CF7-C6BE-4337-A0A8-A603D8955EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5218:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C8F7F6B-847A-479D-B6B1-BBA331D06DE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5218b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C375A9D-C7CE-49A6-B08D-9CAB22E16D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5218n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8D06DC-6B8A-4B7B-BB3E-778D432CFEF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5218r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E06531E6-126A-4FBB-BEBB-F9023C4738F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5218t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93B8CDF0-1489-4E4C-B004-A22E06FC10D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6ACF161-472E-4088-85C2-5940C9C88D45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5220r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0B94F6-EC15-4C12-8BA5-CC6602A7A725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5220s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "067C65E5-5392-4DAF-A6BD-640D78C19CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5220t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1647DAC-CED6-4DAF-8F82-A42D6D691DF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5222:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D93CC498-F558-4C2F-9E14-7897060CA9FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5315y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6839AE9B-9A8A-4312-80FC-0549C675A815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5317:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E7358-1EC1-43DA-99B3-A2D6D57E0121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5318h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43808CCF-1EF0-41CE-983D-DD6BB775895E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5318n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C5D3DE-5506-4F16-B7F9-5032A1277D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5318s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED598260-2A9B-46F7-AA85-0DA97DA0D42D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5318y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06F1CFD2-8F32-4CE8-9D9B-C65B332775B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD98889-58A1-4A5A-B79A-B2DA9EDA63DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5320h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BF1F73B-4736-40BC-9053-951B5BF1059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5320t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDA47606-176C-4F6B-A316-4C536B63FA4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6208u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76D48CFC-1322-4C53-8B53-88E7ACC724BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6209u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6456D0-32AE-44A9-9F63-AD64B5E49182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6210u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38EA99F9-22C2-47ED-9DDD-928E19C4C51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6212u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F8867B2-F297-4D30-AD43-77B0F67FAE3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6222v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "178345A5-9A38-4C8F-B3BB-430276FA4998",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6226:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831A7D63-4638-480C-94CB-ED06613BA75C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6226r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "178D9E36-79EC-4672-8E46-0FD6597CA1CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EED0D492-ADAB-41ED-A283-024D3CED441F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6230n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BBB5A97-EA4F-454C-819C-DE1CE7018E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6230r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9733E69-E7CF-444C-B72C-AC8E5DEF2449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6230t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD24563-9157-4DE1-95ED-D4E3E879219E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6234:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F83F8602-6679-4B3C-BBDD-3BDB2B317F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6238:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CD3E45C-1943-42BA-9F6D-EA64D67BF954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6238l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7B4C84-1258-4F2F-B8A3-55353B3D13BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6238r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B27F755-4C38-4469-8A9D-C9266BDA53ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6238t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E21977E-7085-46C5-8E89-F952C2EBCE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB72D13B-5880-4CB2-8E80-CB6A39B5A302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6240l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BCB7D2-4B68-4FF8-BFC9-06C39A708C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6240r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAF31FBF-20FB-4B8A-ADE1-E29BB8B8A702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6240y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF7298E-BC07-4C42-8F9C-C3B0CDFC86C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6242:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C8292CC-DACB-489A-BCB2-73DC2C6F944C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6242r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D83AEDF-2671-4278-8088-BA517192AB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6244:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF72F37A-2F28-40E6-A84B-0E1DF63B1812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6246:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C1742C-96CC-4BCA-928E-D6B53ED2DB0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6246r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EAE9CE6-DA95-40B0-AE65-656FA4603D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6248:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CAD0B5C3-633D-4F2A-8D56-8FA83F1B581C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6248r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5241B3E0-F968-4B16-8BF8-191C6F7B224A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EFB52DD-5B7D-45BA-B249-A134D1B9EBD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6250l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82FC910-F3AB-42BF-9740-EC09F0AC179D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6252:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BAE2B11-B0F5-415F-BD6B-E285EF9C9095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6252n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BA58EFB-7672-4902-ABC1-65217AA617AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6254:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96E2764D-7D6A-4CE0-A628-FFE966A6462F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6256:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D66D18C-17F2-4259-B1D8-7C63797A024C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6258r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25C8DFB5-9D8B-4370-849A-DC061910E54F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6262v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B704835-1250-44E1-923C-5DE2F4DD25D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6312u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7D9572-8D03-4D54-B0E1-C0A3F3F90FCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6314u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3CA224-B5DE-4451-9CF9-929ABEA242EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6326:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3D8E340-AE91-4F29-9F22-E0CE6718FC13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6328h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "710DBCD5-788D-4140-AC16-EC6E126CFA66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6328hl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A767EC83-AAED-4FEA-A35E-A503369FE4FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6330:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB1ACDED-85B4-4A11-BD03-8E1B9563B7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6330h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C4A47D-7F66-4ACC-9C69-0A355D46CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6330n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20821868-F7D2-4132-8D63-98E1089DB46C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6334:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB9295A-8832-4670-B268-FBD0BC086447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6336y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489BD4AC-50C6-422B-A2B2-00A70E611114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6338:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5694238-F4E5-4689-ADD2-67C25762ED92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6338n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A57D44C0-AA8D-46B0-8923-ADB312E3937F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6338t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A551BBB-76CD-4C26-913F-B02C66E5D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6342:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4A44F2-68BF-4709-946B-C976DA3A9C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6346:-:*:*:*:*:*:*:*",
"matchCriteriaId": "038AC553-5523-4687-843D-6FEA7264EDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6348:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE5D09C-3272-4810-9F41-97BDBBFE4160",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6348h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59C5122F-D822-4E71-A417-88EB51F1786B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6354:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F14C3438-B876-45B9-85F5-61354207AF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94A6DA7A-7C97-40E1-B31A-B92BB658C429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54AF128B-9984-4C91-B7F6-968DE376C3BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28B167F1-63FA-4C86-84AB-836ABF84E6E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "955420F9-3A3F-40E0-9940-DD43C5C78D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC4A437C-6C00-4729-91CC-D27EB3542633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74ED727D-B1A9-4F4B-92C7-3F00F3A80013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C24951-B3FA-48E6-AFAC-6CA0D2348230",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:*",
"matchCriteriaId": "185E8FBC-9EE9-472E-867B-0B0DEEECA13E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB3C00A0-C28A-46EB-853D-DAE3819399D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0951DB50-AC8E-4C17-A2A9-DD4A198C4DD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CAB607-87B2-49F4-9FAB-662D5EA3D11C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8351n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7C504C3-7EEE-4A0F-8589-19C1E806E690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8352m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5230F6AF-88CB-4EE2-B292-8B9A7217D10F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8352s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B45C39D-03E8-46C1-88DD-94E382F4A961",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8352v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF2DC691-025A-441E-AAC2-C8583F54733D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8352y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8FB7EE6-6808-4879-A0A3-E85FE5CB37CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8353h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBE07EA7-4CDF-4038-A948-6AC126C7F6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8354h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A2241C-37AE-41AE-A8D1-D9AB18CCE16D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8356h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6DEAA1-3209-4B49-B931-43E8C1C5BE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8358:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE086F8-5C8B-4F0C-B53A-76BD4E67B678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8358p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00B21B5C-0FDE-4A8E-A9FC-5CF822A74B20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8360h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB15368B-21A1-429E-8B9C-A095C4E8BA67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8360hl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA925F96-6DDD-4F71-BF13-710C8A89D860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8360y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E41414A-6B0B-4511-A9A1-7FF99DD25DB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8362:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91EB66B4-8F1B-4F35-9371-17FB761997CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8368:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDFD1AF-2716-4C95-ADFF-79EFA915C286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8368q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5390A12B-80BD-4889-BF0F-95E65D10D037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8376h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1D6444A-B9CF-4D70-A8A9-E6B57B6F13DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8376hl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05637A96-AF09-4FF5-A918-AB369AA2D1CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33FA0279-D587-471E-8EC0-211F78DA4DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8380h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CC27DB-11D4-412A-BC69-CF32A0CABCF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8380hl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8FE9694-F0E7-4B45-82A1-065DA96B9794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_9221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBC93757-5FD7-403D-B5ED-CC8793002352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_9222:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7019D4-58E0-4B73-93B8-D3B0E86BF2D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DF8D8C4-29EA-4D09-87AB-A570403BA0E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89421EC5-52E5-441F-AD3B-5C5E964F836D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA909754-B60A-4B30-AF42-4C8734E155AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4209t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBEFB056-0872-434B-9630-28A1AAEAD470",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21A62CB9-FB01-45CB-9E10-E72D87C0E1F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4210r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD8EBFCC-AD76-4285-93BD-D14219C6EA5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4210t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF7E334-6DC7-44B5-A102-649A68300C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B4F7FE-61A3-417A-BAA9-E686A76F3A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4214r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DE4C87E-CB23-4804-9BBD-2533C5E1D6D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4214y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7305838B-84CA-4BB8-A350-B2D2844F1041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4215:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D356D196-8AB0-4387-A644-C5E68174A60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4215r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89587A92-6234-40C3-83DB-F72319FFBC79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F50C03E-CBEB-4738-BDF4-DC296CE9DFA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4309y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB267830-FA6E-4C2E-8BBE-C3DA12A6A33D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D557D68C-8279-4BFD-9EA6-17A83754B8FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4310t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ECA0BC9-1CA4-4B95-B98F-9098B2550309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4314:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1298CF87-124D-450B-928D-F39CCA2BAF42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4316:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF12820F-A2BE-44BF-A85D-7F4623898DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-10855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65A473FF-F3AD-41F5-B63A-3D6DDB0BD216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-10855m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "853DE44A-84C9-4959-865F-D538DF895647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-10885m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13326C69-C160-482F-BF28-5425B57BE738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11155mle:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F15EF0E-37CF-4944-8B6B-A82B4348CDC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11155mre:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92D12220-840B-4397-889C-9649F34B7E25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11555mle:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AB926B2-077B-4752-80EC-D39446115FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11555mre:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8C1D750-1FE9-40F8-BCB9-77D13C13906C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11855m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D07040D2-2ADC-4CC4-860F-74A7C64FD6FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11865mld:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D2ED18E-241E-4154-9793-FB0E60F9C00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11865mre:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D59D80E8-5A2C-402F-8AE3-766ECEDA14F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11955m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F66D2E5-BD5B-406D-82A0-4E1E32EDC337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557E240A-6760-434E-9C3A-1E5E9129912D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1250p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B7565F3-5D41-4A1F-948B-1A55E3AD3EF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A52C1-1FBF-4730-8234-700F87D5E74D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1270p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B930DF9-C425-41AF-9736-0BD611C79CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1290:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF260A0-CDD8-4EE1-B3F4-73CD02FDCD11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1290e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B84F7DC-EE67-4748-8AE2-7070A6F79BAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1290p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C156433-48A3-4B2E-A8DB-AF1F09B2EFA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1290t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D78A1CFF-F05E-429C-A9AA-935078574A3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1290te:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE28AD41-2287-4F2B-924C-30B66A320443",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3A7AD3-D7D4-40A5-B1B6-A818B5ACE6D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E31FFECA-F663-4B59-9800-1C6A8BD84626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1350p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F194D4-9425-470E-B812-CD92B5C5A68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E426811-F97D-42CE-B06D-41CDA84E1B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1370p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5F5950-C21F-4142-BA1E-E074FAF249F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC8A89-4CF3-473B-9251-9FA5FF8ADBD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1390p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30EE6B10-84FC-4D9D-8F39-4B7000CC85AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1390t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFDA5D5-F00F-40CC-B492-C433200A491C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2223:-:*:*:*:*:*:*:*",
"matchCriteriaId": "708D6E00-A2E5-4B08-88E7-C872ACFC341D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2225:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD8EE0E-2BA3-49DD-91D1-81AB67F16475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2235:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC75E5CF-4241-45A8-AD45-1F7F077CEEA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2245:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D132291B-AADD-49E3-ADD6-333E1F1D8DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2255:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ADF328B-D286-4C36-9F21-11A58D55D03A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2265:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D23470-A702-426D-A63C-4F7BAC158762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2275:-:*:*:*:*:*:*:*",
"matchCriteriaId": "750A77C5-1367-4E04-9ABF-1AB2D46C29C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2295:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1340A29-3428-4FAD-AA07-7F625915E34D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3223:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA1FA19-A836-4D6A-8C2D-718ECE6866D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3225:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ECEBDB0-2E0A-416B-9737-82C1FC65A06C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3235:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C39B6A99-7060-4011-8FA3-E5ABE5C02813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3245:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF9E723E-1095-424E-A90D-380CA0D2795E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3245m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35380FB9-90FF-405F-8E2E-01C1DD209540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3265:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2215D655-0EA9-4530-AB68-7B1C7360D692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3265m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "020B6FED-EAE2-478C-8FF4-CB75F24E9A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3275:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE519C62-F5BB-461C-91EF-2979CD506C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3275m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F693457C-3529-4E62-A672-1B862F235D0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access."
},
{
"lang": "es",
"value": "La compartici\u00f3n no transparente de selectores de predicci\u00f3n de rama entre contextos en algunos procesadores Intel(R) puede permitir que un usuario autorizado permita potencialmente una divulgaci\u00f3n de informaci\u00f3n por medio del acceso local"
}
],
"id": "CVE-2022-0001",
"lastModified": "2024-11-21T06:37:45.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-11T18:15:25.143",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/18/2"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220818-0004/"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html"
},
{
"source": "secure@intel.com",
"url": "https://www.kb.cert.org/vuls/id/155143"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/18/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220818-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.kb.cert.org/vuls/id/155143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-31 16:15
Modified
2024-11-21 06:38
Severity ?
Summary
A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40 | Exploit, Mailing List, Patch, Vendor Advisory | |
| secalert@redhat.com | https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626 | Exploit, Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40 | Exploit, Mailing List, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | - | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo en el kernel de Linux. Una desreferencia de puntero null en la funci\u00f3n bond_ipsec_add_sa() puede conllevar a una denegaci\u00f3n de servicio local"
}
],
"id": "CVE-2022-0286",
"lastModified": "2024-11-21T06:38:18.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-31T16:15:10.150",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-03 22:15
Modified
2024-11-21 06:36
Severity ?
Summary
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | 5.16 | |
| linux | linux_kernel | 5.16 | |
| linux | linux_kernel | 5.16 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 35 | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D692A2AE-8E9E-46AE-8670-7E1284317A25",
"versionEndExcluding": "5.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:-:*:*:*:*:*:*",
"matchCriteriaId": "FF588A58-013F-4DBF-A3AB-70EC054B1892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A73429BA-C2D9-4D0C-A75F-06A1CA8B3983",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A memory leak flaw in the Linux kernel\u0027s hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un fallo de p\u00e9rdida de memoria en el uso de memoria hugetlbfs del kernel de Linux en la forma en que el usuario mapea algunas regiones de memoria dos veces usando shmget() que est\u00e1n alineadas a la alineaci\u00f3n PUD con el fallo de algunas de las p\u00e1ginas de memoria. Un usuario local podr\u00eda usar este fallo para conseguir acceso no autorizado a algunos datos"
}
],
"id": "CVE-2021-4002",
"lastModified": "2024-11-21T06:36:42.333",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-03T22:15:08.527",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2021/11/25/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025726"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=13e4ad2ce8df6e058ef482a31fdd81c725b0f7ea"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4a118f2eead1d6c49e00765de89878288d4b890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2021/11/25/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-459"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-02 23:15
Modified
2024-11-21 06:22
Severity ?
Summary
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "103D9D8F-806F-4043-80C3-73831775798E",
"versionEndExcluding": "5.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFF1109-26F3-43A5-A4CB-0F169FDBC0DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF71C49-ADEF-4EE2-802C-6159ADD51355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*",
"matchCriteriaId": "B3BC6E59-2134-4A28-AAD2-77C8AE236BCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*",
"matchCriteriaId": "24377899-5389-4BDC-AC82-0E4186F4DE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*",
"matchCriteriaId": "23FE83DE-AE7C-4313-88E3-886110C31302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*",
"matchCriteriaId": "490B327B-AC20-419B-BB76-8AB6971304BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*",
"matchCriteriaId": "8DCE2754-7A9E-4B3B-91D1-DCF90C1BABE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CA74E8B-51E2-4A7C-8A98-0583D31134A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7B64AB37-A1D9-4163-A51B-4C780361F1F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7BE9C9D7-9CED-4184-A190-1024A6FB8C82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*",
"matchCriteriaId": "B73D4C3C-A511-4E14-B19F-91F561ACB1B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "0C47D72C-9B6B-4E52-AF0E-56AD58E4A930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*",
"matchCriteriaId": "039C3790-5AA2-4895-AEAE-CC84A71DB907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4592238-D1F2-43D6-9BAB-2F63ECF9C965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BA78068-80E9-4E49-9056-88EAB7E3682C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*",
"matchCriteriaId": "092F366C-E8B0-4BE5-B106-0B7A73B08D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E7992E92-B159-4810-B895-01A9B944058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5BDD7AAB-2BF3-4E8C-BEE2-5217E2926C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire_\\\u0026_hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire_\\\u0026_hci_storage_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D452B464-1200-4B72-9A89-42DC58486191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7447BC-F315-4298-A822-549942FC118B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89612649-BACF-4FAC-9BA4-324724FD93A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D9B255-C1AF-42D1-BF9B-13642FBDC080",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7CFE0E-9D1E-4495-B302-89C3096FC0DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5921A877-18BF-43FE-915C-D226E140ACFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7296A1F2-D315-4FD5-8A73-65C480C855BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo en la pila SCTP de Linux. Un atacante ciego puede ser capaz de matar una asociaci\u00f3n SCTP existente mediante trozos no v\u00e1lidos si el atacante conoce las direcciones IP y los n\u00fameros de puerto que est\u00e1n siendo usados y el atacante puede enviar paquetes con direcciones IP falsas"
}
],
"id": "CVE-2021-3772",
"lastModified": "2024-11-21T06:22:23.343",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-02T23:15:09.127",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221007-0001/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://ubuntu.com/security/CVE-2021-3772"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221007-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://ubuntu.com/security/CVE-2021-3772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-354"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-354"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-25 19:15
Modified
2024-11-21 06:38
Severity ?
Summary
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2042822 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c | Patch, Vendor Advisory | |
| secalert@redhat.com | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2042822 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | 5.15 | |
| linux | linux_kernel | 5.15 | |
| linux | linux_kernel | 5.15 | |
| linux | linux_kernel | 5.15 | |
| linux | linux_kernel | 5.15 | |
| linux | linux_kernel | 5.15 | |
| fedoraproject | fedora | 35 | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "037A6DFB-B41D-4CC7-86C1-A201809B79C4",
"versionEndExcluding": "5.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:-:*:*:*:*:*:*",
"matchCriteriaId": "40D9C0D1-0F32-4A2B-9840-1072F5497540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*",
"matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*",
"matchCriteriaId": "AF55383D-4DF2-45DC-93F7-571F4F978EAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc5:*:*:*:*:*:*",
"matchCriteriaId": "9E9481B2-8AA6-4CBD-B5D3-C10F51FF6D01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS)."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo en la funci\u00f3n sctp_make_strreset_req en el archivo net/sctp/sm_make_chunk.c en el protocolo de red SCTP en el kernel de Linux con un acceso de privilegio de usuario local. En este fallo, un intento de usar m\u00e1s b\u00fafer del asignado desencadena un problema BUG_ON, conllevando a una denegaci\u00f3n de servicio (DOS)"
}
],
"id": "CVE-2022-0322",
"lastModified": "2024-11-21T06:38:22.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-25T19:15:09.967",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042822"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-681"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-704"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-18 18:15
Modified
2024-11-21 05:46
Severity ?
Summary
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD6377A-504B-4498-B927-044687AD07F8",
"versionEndIncluding": "5.14.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\\u0026_hci_storage_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA3919C-B2B1-4CB5-BA76-7A079AAFFC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire_\\\u0026_hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:fas_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "836065F6-BB90-435B-95A7-1A2EE1299D92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:fas_baseboard_management_controller:8300:*:*:*:*:*:*:*",
"matchCriteriaId": "073800FE-1C89-41B2-B6E9-A82459EF62BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:fas_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "836065F6-BB90-435B-95A7-1A2EE1299D92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:fas_baseboard_management_controller:8700:*:*:*:*:*:*:*",
"matchCriteriaId": "70F880F0-C9DC-448F-902D-C2AFDDED40BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:aff_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D90857-AB13-47AF-B42A-7ADB190DB189",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:aff_baseboard_management_controller:a400:*:*:*:*:*:*:*",
"matchCriteriaId": "2D144BC7-D837-4145-9DF8-BA5E08C8FD33",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:aff_a700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "952F55C9-7E7C-4539-9D08-E736B3488569",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:aff_a700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FED1B0D-F901-413A-85D9-05D4C427570D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F921BC85-568E-4B69-A3CD-CF75C76672F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7447BC-F315-4298-A822-549942FC118B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un fallo en el procesamiento de los errores ICMP recibidos (fragmento ICMP necesario y redireccionamiento ICMP) en la funcionalidad del kernel de Linux que permite la capacidad de escanear r\u00e1pidamente los puertos UDP abiertos. Este fallo permite a un usuario remoto fuera de la ruta de acceso omitir efectivamente la aleatorizaci\u00f3n del puerto de origen UDP. La mayor amenaza de esta vulnerabilidad es la confidencialidad y posiblemente la integridad, porque el software que depende de la aleatorizaci\u00f3n del puerto de origen UDP tambi\u00e9n est\u00e1 afectado indirectamente"
}
],
"id": "CVE-2021-20322",
"lastModified": "2024-11-21T05:46:22.573",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-18T18:15:09.013",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220303-0002/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=4785305c05b25a242e5314cc821f54ade4c18810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6\u0026id=6457378fe796815c973f631a1904e147d6ee33b1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6\u0026id=67d6d681e15b578c1725bad8ad079e05d1c48a8e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6\u0026id=a00df2caffed3883c341d5685f830434312e4a43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220303-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-11 18:15
Modified
2024-11-21 06:37
Severity ?
Summary
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@intel.com | http://www.openwall.com/lists/oss-security/2022/03/18/2 | Mailing List, Third Party Advisory | |
| secure@intel.com | https://security.netapp.com/advisory/ntap-20220818-0004/ | Third Party Advisory | |
| secure@intel.com | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html | Vendor Advisory | |
| secure@intel.com | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2022/03/18/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20220818-0004/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:atom_c3308:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E18B9E2-0659-4A50-88F6-D3D429EC5F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3336:-:*:*:*:*:*:*:*",
"matchCriteriaId": "158C116D-5E24-4593-A283-F6810E424B5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3338:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEE5F25C-8092-4A74-B265-4BB720DA1A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3338r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C58BF4A8-2B69-49B7-9113-554D61CE9FDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3436l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11C5EF68-F91F-4395-BDC6-CD3B7348C45C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A33FC1CB-7983-48B9-AF3C-E3CF958B5FA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3538:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF500096-2B4A-476B-BBCA-1FEE100ABC91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3558:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F17C3AB-AC03-427F-B0A9-9EACD2A231C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3558r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2951F904-97AA-4AE6-B227-0A0D282369ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3558rc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70C31407-B78D-4406-B3B8-49BD89E674ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3708:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4058BBB2-268F-47E6-BE5A-992C5F460BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F191949-2674-4968-90CC-030D6E8901D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3758:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6893581C-5447-4FAD-BFCB-41727FAB4CF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3758r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E89FF1-C329-4975-9706-75FD84FDD5C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3808:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42737F96-25B8-4E3E-AED2-47FA27075A23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3830:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D397ED37-60EE-49F0-95F0-2C6F666E9368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3850:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65F731F9-59EB-4161-AB8B-506BC336B987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3858:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F35B073-EA5F-4746-AB8B-674C9EAFDC3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA6C3DB-8E6D-4CF8-BD52-B362C83DF4A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3955:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6107B3F-C7FE-46EF-A80E-1A4DD55F9306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_c3958:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36E7FA68-B62B-4EEF-B8EA-665026E1E3F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_p5921b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D6CEE1-25DF-43C5-AEBB-49585B64236A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_p5931b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31E2104F-0CE3-4B9D-88B3-35D982C36562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_p5942b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D860FEC-BA79-4FEE-A79C-88AA857358E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_p5962b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2CEF8A6-2445-4B63-822D-81F6AC708D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x5-a3930:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E374730D-0311-47F5-9EE3-ECD205693167",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x5-a3940:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45765887-0882-4D33-9D32-675581C35BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x5-a3950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2D4F4B-6DB7-414D-A41F-DA17D7C1AA52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x5-a3960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB4891F-358E-4A6E-A3D4-C83F8E45B19D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*",
"matchCriteriaId": "454AC633-5F1C-47BB-8FA7-91A5C29A1DD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2394E8C-58D9-480B-87A7-A41CD7697FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x5-z8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "340E1684-9D34-4EE5-BE07-3F60E73CBCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x5-z8330:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34955A77-9727-40DA-8A8D-7C3959548F07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x5-z8350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "010EF148-6B26-4A06-BACC-E99053B477D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x5-z8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6225DAE1-2391-4983-B2AE-4E3697D1A636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x5-z8550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "275DC6ED-703A-4527-95CA-A0A3A28221FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x6200fe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89231773-9D9B-434A-A6A3-8527C4F6FEBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x6211e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A85EA674-2537-4323-AEDA-FA356489E7DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x6212re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F85599DD-3F80-4EB0-9753-D24EDD8D76CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x6413e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B3348F4-8E2B-42BE-9F3A-48DFF5CE0047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x6425e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F068F4F-8CCD-4218-871C-BEABEB0DAB55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x6425re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7313975C-41A5-4657-8758-1C16F947BE4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x6427fe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBE4406-9979-4723-833C-176F051E6389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9AC02B-D3AE-4FAF-836E-55515186A462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x7-z8700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89150484-4C7D-4FC7-A7D5-1B95F0277BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:atom_x7-z8750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA42676-1442-4692-8F2D-6A42E5E40DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_5305u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39831D4E-743A-4C09-900F-24DDAB5D1B22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_6305:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D63F16DE-E30E-4268-B079-E07FD28355BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_6305e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "936DAD12-11D6-4AAF-B48D-5076C94BF30C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_6600he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F11BB81D-8243-4B19-835C-6E0B4341894A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5205u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BFB5A51-399C-4AC5-BA09-E74C5AD520EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5305u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F42D5DAA-8279-4A4F-A843-EBA0814952BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "545649F6-46CA-40CB-8A00-5DD40F6A83B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5900t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D42AC70C-B114-4795-8769-D9AF12298456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5905:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DEF520D-9427-4C5A-81F0-FCED5E2A8B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5905t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B773674-1DB0-41D8-A758-2AF49F4722D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5920:-:*:*:*:*:*:*:*",
"matchCriteriaId": "153ABD9D-2C72-40C6-8DF9-3EB7D1D35B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g5925:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4036274A-CC6F-48B2-BF2E-DF51C4148B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABAF1125-B4F7-4BC9-B9DA-CA9125D4BC65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_g6900t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AA8490E-45D6-4B6E-AF98-B75385574D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j3355:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7087FCA7-6D5C-45A5-B380-533915BC608A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j3355e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85683891-11D4-47B1-834B-5E0380351E78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j3455:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBF2D89D-AC2D-4EAB-ADF3-66C25FE54E19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j3455e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03D778C7-F242-4A6A-9B62-A7C578D985FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*",
"matchCriteriaId": "652EC574-B9B6-4747-AE72-39D1379A596B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*",
"matchCriteriaId": "522A9A57-B8D8-4C61-92E3-BE894A765C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A588BEB3-90B5-482E-B6C4-DC6529B0B4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "826BAF04-E174-483D-8700-7FA1EAC4D555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_j6413:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A8BF58-1D33-484A-951C-808443912BE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n3350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5884F21-BAB5-4A45-8C72-C90D07BAECA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n3350e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2A2AC5-FA56-49F0-BA00-E96B10FEF889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n3450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8FF7ADD-9E27-4A23-9714-5B76132C20BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8771AB4-2F51-494D-8C86-3524BB4219C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D7E822D-994F-410D-B13C-939449FFC293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5576F2-4914-427C-9518-ED7D16630CC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ABB7C52-863F-4291-A05B-422EE9615FAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B54D15DF-53EA-4611-932A-EDB8279F582A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n4504:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06499DE1-DA07-4C39-BBAC-FC57F4E0D4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96D6F5D3-3559-47AD-8201-C9D34417DC09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n5105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA455AC5-8434-4B59-BE89-E82CDACD2AEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:celeron_n6211:-:*:*:*:*:*:*:*",
"matchCriteriaId": "406E9139-BCFF-406B-A856-57896D27B752",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DAA00D4-A8AA-44AA-9609-0A40BD4FB2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF64D95C-653A-4864-A572-CD0A64B6CDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30B2F570-1DD9-49C7-BB72-0EA0E9A417C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA9CBE9-CF87-495B-8D80-5DDDCD2044B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10100f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "614B1B4E-E1D7-417F-86D1-92F75D597E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10100t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD11E86-B786-43C8-9B67-8F680CC30451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10100te:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D740D69-83B6-4DBF-8617-9B1E96DFF4FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BB09ACB-EFFF-4C2F-BEB5-AE1EEDC1EC2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10105f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8B15567-BFEA-43BE-9817-98A1F5548541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10105t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "984C7C7A-2F8E-4918-8526-64A080943E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10110u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44BF0AFB-E9DC-4EA5-BFFF-48F896C655E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7AFC285-2248-45E7-9009-1402628F17E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10300t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "078DAE1F-8581-44FB-83EA-575685928C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10305:-:*:*:*:*:*:*:*",
"matchCriteriaId": "887BEC29-AD0D-4BEB-B50B-F961629BBF23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10305t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93859A03-DE41-4E7B-8646-93925ACBFC42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD8BD84-B6F9-48D5-8903-2C56C12EFFEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-10325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9877F278-641B-4F83-B420-AB4E1018EA9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-11100he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABF9AEE-BE1C-40EF-9E5F-6F3641BA7CDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C60AF0D-983D-454E-8940-209C471DC041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F26C6DA-ED6B-444A-A63A-5155FCA4F0DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1115g4e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66BAF09D-8199-4579-B25A-E7C5177385E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1115gre:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EA30AA-713F-40AD-8C94-C1129198EE98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D9B687-C3EE-4AF5-B9BE-7F0698D0F258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "114DF43C-839F-4066-AA30-8DC16B1D6687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-12100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A87E241-4E74-4F89-8E5A-1A3980A5DDDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-12100f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4325860-834E-4042-BDB2-5EB5A2D0F1F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-12100t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0765F36F-94F8-45BE-8AF9-3373E5E567F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-1220p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0F50A0-5F1D-4D30-B5F3-C94C44C323D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-12300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31A8AC04-8182-4BF2-9FDA-B2D607222EDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-12300t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "082596F0-6707-4175-A9CB-868D853F7362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3-l13g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39FD6F9C-FEEA-4D52-8745-6477B50AFB0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10110y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62BFF15A-0C78-45BC-8E71-EDF624AC162D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10200h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB69A6F1-9B4D-4CDA-8388-E7FCBB2163DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71615EAF-4DF4-4B9E-BF34-6ED0371A53D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "376B6DD7-1284-4BD9-88A4-5C34303CC5D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10300h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "403E8A3A-28C2-4329-BF31-1A530E317959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5F6F725-217C-48FF-86DD-E91A24156121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "365696BF-CE3D-4CE6-92A8-413DDE43774E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8515D29-3823-4F9B-9578-8BB52336A2A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE048AEB-094D-4102-9DBF-488FEB53FF89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3907FA31-6F1A-45BA-ACF3-1C8EE05D9BA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D48D9F5F-95BD-4F6B-8A37-D1CAA7D2DB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF497A0-30BC-42A4-A000-C0D564D4872A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10400f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3025301-52D3-43D7-B6AB-F3F0A5C882DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10400h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B2A62F5-A8DF-4565-B89F-9C58B1FB8D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10400t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9466A6CC-8D69-4EB5-94E2-611297120462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D116C4-698B-45BC-8622-87E142B37922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10500t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36836EB0-99DD-4217-9182-1E9FC5656C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10500te:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD507601-CD6D-4F11-A4A7-790FB740B401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C26205-C602-46F6-B611-424709325D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "464587A0-9EAA-4DF5-AFEB-15F2FA9CD407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10600k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1940F59A-67FD-45F9-9C78-51A50687628F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10600kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B722E2A-1262-44FD-8F7C-F9A9A5C78744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-10600t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DEFF6A7-0DE2-4BEE-80DC-BBAB259647AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11260h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BCD9C35-95D0-49E6-A9AC-E3AA8CD3F7B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11300h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B40E9EC2-A8A6-4800-9F9E-B1237832D6F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "158CC66D-32E5-4396-8E5D-4D90EE9AB62C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11320h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55227C1C-D6CE-40AD-A5AA-7143E0A7AEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E84F0381-296A-408E-90D4-A316EE894A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "092E3E45-5F58-412F-BAC9-C3B5290D8349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11400f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA7E6D0-0ADA-4BE1-8273-69AB3DE3BA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11400h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6FCAFC0-EEE2-43E4-AE90-1803588B5689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11400t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8640175-3BC2-4C7B-A5A3-51E5677EDECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1140g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7077CBF1-1FC8-4AF9-8B39-A15871FFD3CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1145g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53D902B5-D135-4961-AED9-EA6DF06534B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1145g7e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2910EB49-C9C6-4FC9-AA55-E7A0DAE28B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1145gre:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B858B433-9DA0-4224-B94C-4962FB3A4138",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6B5FC3-8E55-430A-A55A-AF541690C576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11500h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55568460-F318-48FB-90E4-55CBBAF13E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11500t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7AFF680-DBC6-432E-A6DE-E7E7E4F2F26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1155g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB84973-3DAC-4458-A817-943302F5EFF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B26C730-32FA-4D51-88FA-E724147147BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11600k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF7C5BF-E151-42DB-B0CF-E2589904C9A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11600kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E12D6BD2-7D32-4194-84D3-A0DE4B88BFF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-11600t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EC487F-B9A8-410F-AE1F-8D1B74BA77D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74A47464-BB99-44BB-A1B7-D8469BEAF408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12400f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12882E19-1107-48E7-9ECD-A2891B8900D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12400t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "896688AD-84FF-4270-8F44-61764C0052B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1240p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1646C42-B42B-451F-9B9D-AEE7CF74E9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12450h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9729F36E-F830-4397-8B0E-A91BF5601F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEC0A8-69C2-4BE9-B510-5C111C6EE9BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12500h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "047CB3C6-C53C-4BA5-AB1C-5D739B30F9FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12500t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91BF3506-7257-4E37-98AC-DDF0283C1FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-1250p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65E0B274-5CFA-481E-8355-64D7BC16D871",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CC5B69A-022B-4F8C-BAAC-97AFBAEA9730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12600h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63684C47-972B-45A3-9234-111F25FD35B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12600k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28CE6C6D-7D12-4E4F-BB76-54BF1C0A7B97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12600kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A4AFFB3-6117-4BCC-BE63-814042823182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-12600t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F880C0CA-815A-49D2-8BA6-F220E3E467D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC12E92-33CB-4603-AC14-3351CE1D4E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E62309E-1071-4569-8C9A-11748D629CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3E166F-3D9F-4D0D-924A-147883598EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71294A32-F3DD-45EA-A0FC-C3EA0351FA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9054F35-AAB5-481E-B512-EDF4C3F2EA2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-9300h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A735A90-47E1-44C6-AE76-F6C7FFDCD4D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC9F52F-6669-459A-A0A9-8F472E1F2761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-9400f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7E91B92-4DB7-4866-8370-C6F8616D3D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-9400h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85F465BF-4548-45EB-AC40-384F4E6248EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-9600k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1DFFFEB-CC63-4F51-8828-C5D4E0287264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-9600kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B176D141-26B0-477E-B2DB-2E48D6FB82AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5-l16g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A4FD69F-FF53-43F4-97C8-40867DB67958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "494A828B-F2BF-40CA-AAFB-7D2AF2BAF3AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD97F84B-ED73-4FFD-8634-10631FEE03EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CDC1BE-6A64-425C-AF2C-7DFB28FB604A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10610u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D974FFFD-BBCC-444C-9EF1-AE478EEDB6E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2243674B-E505-4FED-B063-953A1569EA30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1978F85-5BA5-468E-B797-7FA7EB4F489D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10700e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8D3D0CA-C981-4091-99F9-203DA8F156F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10700f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EB23D0C-D2BC-4E7F-94AF-CAF171A64307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CC9312B-40A7-4D4A-A61C-3BA865C29F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10700kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EBECBE5-2BF0-4175-81CC-C6D054C819B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10700t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB33CC4F-9D51-4A11-B063-6E78F0D71555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10700te:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7092B8E-DD3F-440D-B2AA-F0E5FC4A9725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA491401-C484-4F77-ABF8-D389C94BF7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10750h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F8B600-B618-48E1-81EE-14A8A843F09F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10810u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ADD367-82C8-4761-AEBA-A0200C5D1CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10850h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF75C0E-BA48-4C56-8398-109D06B5A5D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10870h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25329A6F-9D49-4EA7-B9FB-8C2FA5343475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-10875h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22921B65-513F-4ACE-80A2-4A31199BB5EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11370h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63719B1D-5A98-44E3-80D8-CF0B4C1C6F80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11375h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5365D3B-1B0B-416D-ACFB-23843FD25EAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11390h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2556EF0A-B29F-4E9E-BB77-955CBC851EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F5409D-23C7-4CA9-951C-8EEEAE31DFDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5601E40A-96E1-4321-9682-055A1C607488",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF36D9CC-2FD8-4D08-8712-E625D4754613",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11700f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3252CF19-9D1D-4A46-9C94-0E7255CDDD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11700k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E11C7F38-3313-4F6D-9D5D-E61C89E716B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11700kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70B0C976-3B68-4647-909A-5D574D711C7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11700t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA18192E-7DBB-45BB-8568-CA7159AF8CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11800h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2FDB568-5340-4DD8-B933-1CD64C370BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1180g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D28DF93B-E15D-47D3-B9C0-4AEE8B7FADD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11850h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78F2DD1D-DB6F-44D1-BE3B-C798C09CC5F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-11850he:-:*:*:*:*:*:*:*",
"matchCriteriaId": "104B88E7-3B8F-4C4E-AD07-CAD1DCD7898B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12ADA9A2-6E64-4F17-B369-816639F0D3BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1185g7e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "514B7B5E-D60D-464A-8CB0-273044FD2E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1185gre:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB608EE-83AF-4192-93E1-7DDBA5F6A54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1195g7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B807B5D8-BCDB-4398-8ADC-DBD1BD8D2B88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1260p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "989B6E1C-7681-4A11-B9F4-D94C47D57BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12650h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F75A1B08-CE1F-47A5-B706-104A62861932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E458521-2BD9-4719-9F83-6ECC3BC19B70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12700f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8762D1-5333-4EED-B31E-338052061237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12700h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67DCFA7E-734D-4FE0-913E-74D85564ABE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12700k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF502AE-BD3F-461B-9476-FB04818DA1F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12700kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "445022AC-A3CD-402E-AF44-2C1BC2B790E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12700t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF63765B-1BAE-4B53-9BA8-FDFDD2C58417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1270p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D78245E2-BE22-4BD5-9252-44FF5815D7CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-12800h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E1DF00E-1B1A-4FCA-BEEF-7D2BF9F001A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-1280p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91A093D4-A800-4F28-8480-85D62068CB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-7640x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F946429E-3362-41E5-88D9-FA01BE8D4312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-7740x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E9EF2F2-750C-4CB7-9858-69D7FFA4EF31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-7800x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8580A81E-8BDE-4EB5-B830-6AA7550A25C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-7820x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43756EB8-9F85-4499-99F0-43E69CA3F470",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "957F3AC9-D071-4932-B2C9-1643FB78BC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F41025AC-6EFE-4562-B1D1-BAB004875B06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34DD3CCB-91D5-48D6-80BC-CA643385BCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-9700k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB0C1DA-60C6-4C9E-99D6-7A47696DACD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-9700kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2EB81B1-7DEF-4CC3-ADC9-A4CB1042E406",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-9750hf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31CD303F-AAE9-4635-987D-742031232BDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7-9850h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0320CB-05E3-4D5B-BCEF-D862566B0AA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10850h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D48C9306-80AD-40CC-9516-E1B6F5A63556",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10850k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39F9F143-0AB4-4302-82B8-B4EA790EB08D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10885h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE73B0A0-E275-449D-8ADD-86AE188DE82A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE06C64A-1610-4340-98CF-AC91258AB215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C27F79F3-EA0A-429C-8DA9-BC276A94AFB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B07609EB-E10B-4253-938E-81566036D81B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B7AEF3-7A62-43B2-8F0C-70E5A2CDB29A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC44D69-AAAB-4524-9D12-F1A606D57831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D23D2887-1246-4EA4-B8B6-57BC7FB869E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900te:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEFC46D5-B23D-4513-9669-4DC53662F87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10900x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93E897C-5D7B-4532-99D9-53192A1F776A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10920x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33D0D618-D738-47F5-B7F7-C7F07972C893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10940x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A147E8-0778-49CE-92EF-ED1950138528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-10980hk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D264277-00CB-4FCC-ADAA-38536609D0F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC25725-73F6-4948-B17A-A05E8978EB78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11900f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D9BFA32-89B3-4E26-B980-2694B5378D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11900h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65E2A7C5-78D9-4F75-B8A2-5EB3ECEFBFF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11900k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2D04A37-79EE-467B-BD8A-0CA0BDD85F0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11900kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FECF6BE-2CED-4510-91C5-195686C9C421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11900t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B903E2A0-EE73-4F13-AB26-8F5644462E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11950h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "170B497C-05F2-46B5-92CD-ACF7C0BE1711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-11980hk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEF53EA8-8EB4-455C-A986-405DBB122D3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-12900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6A5B34-780D-46F2-8DC8-F310F9201FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-12900f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D78411-A542-48D7-B840-22290B3A98A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-12900h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86AABCC6-4CA4-4A2D-9DC6-D0AD6FF99BB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-12900hk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58A1375C-4B33-4557-9BA0-D03EAC350D86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-12900k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "783F6EC3-354C-4501-9557-E1BFFC0852DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-12900kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC8F48DC-E327-4B3D-BA52-901D21A6412E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-12900t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82004D25-6F97-4549-B98E-148E44134529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-7900x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B97260E-1D7A-45B5-AD86-EBF8CA259FE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-7920x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58002875-D63D-4ABD-A8B7-DCAEB7E94AE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-7940x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAC07903-D4B7-423F-9F79-7DF45E5350BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-7960x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBC4FB5-7C2D-4E10-80BB-3951FFA3A6CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9800x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B32C5EE-D845-471C-85EA-DA5F9B04F01B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9820x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D93CC48C-DCCB-442A-98D5-3165CCFAE7F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9880h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "659206BB-510A-47F8-8B6E-FD030A6BE1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9900k:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3257F5-CA55-4F35-9D09-5B85253DE786",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9900kf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6F8CEA0-1CD6-4F17-85E3-C1CB04D9833A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9900x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "655E770E-B9EE-4B08-B1EE-F393C7F68941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9920x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBC47200-8F3F-4969-AABA-39F4B1E4E263",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9940x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EB17629-2454-478B-8E1A-AC2D2FC2233C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9960x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A28B6DE9-D383-4CA2-94D5-4C9CFF95E01E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i9-9980hk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A48A2969-DC53-48E2-A5CA-4DF2B00D1960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AFFC8B-3AC1-49B4-9A73-18A3EC928591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_7505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD6B51B5-96AA-44C8-9539-9D7F67143DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A263FA56-5F1F-4E91-A354-38648E130685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6400t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D24E8214-881A-4C15-A544-FB3FD5D14DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6405:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1EDE72E-3734-4FB5-BC77-B7C3838D41F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6405t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E07450B-D81B-474D-9150-C9D8A62D44A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6405u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E78C7A9B-7DCE-416F-909E-B3CC52AEBE9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A892B60-7FD3-41A6-9997-586B76757416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6500t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4701D592-F06C-4713-9736-19DB130B5E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E6063A-23C9-4845-B575-5D330B6C68F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6505t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D50C73A4-D52E-4560-B725-61F416E18505",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25570E2C-BBE9-402F-9631-FA5014767CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g6605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D59D57C2-CFB5-486E-A340-E63C7D7A8B6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g7400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "998DCE68-F426-47C5-80F7-BFE42FD69DFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_gold_g7400t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE04ADB-3037-41E8-8DF4-8588FDFB759A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_j4205:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6585755-C56C-4910-A7D5-B2153396AC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_j6425:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D97C7A90-D8C6-4901-BCA1-E40DA173AA9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_n4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A944A8C-462E-4FF9-8AD6-1687297DD0DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_n4200e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5378FE6C-251A-4BCD-B151-EA42B594DC37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_n6415:-:*:*:*:*:*:*:*",
"matchCriteriaId": "638FA431-71EA-4668-AFF2-989A4994ED12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_silver_j5005:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC903FA4-2C4E-4EBB-8BFA-579844B87354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_silver_j5040:-:*:*:*:*:*:*:*",
"matchCriteriaId": "667F2E6C-C2FD-4E4B-9CC4-2EF33A74F61B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_silver_n5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF16D51-5662-47C3-8911-0FACEEDB9D80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_silver_n5030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC4430E-E4B1-454F-8C95-6412D34454C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_silver_n6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31282347-8DCB-4B37-A853-DFD9D5AF31EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:pentium_silver_n6005:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42841FAC-A6EC-44F3-9FCD-B4549A783014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:puma_7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5707E22-2D01-4A48-BB2E-0C284C2B424C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_bronze_3204:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E687CADE-6E49-4284-BD41-6CA2FDD846FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_bronze_3206r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7540F0-7EB8-4F64-AA31-9AF3D79BEC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_d1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D94D7B29-565F-4E62-A958-27FFDDD7399E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_d2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "594DDCAB-96D4-4999-824E-7597B971B6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63650DBF-4DBD-4655-AE93-5CBE53F8E0FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2278ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00912C9C-D386-445E-B390-E96361ECDFA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2278gel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60B582A1-784C-4BE8-A0D5-706DE01D769E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2286m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "556637E1-9502-41E7-B91D-082C92F233A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA930BC-EF68-4AD5-AA1B-0659358028D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2314:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A8EA870-2228-4E81-A417-30E040A5C0E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2324g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "656D31B6-1E8D-4A44-9D7A-023051E7050A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2334:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49EEE5AA-3867-4137-B165-5004C34C77B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2336:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A38417-1DB2-4C85-80D9-D3968BF7A83B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2356g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F74E9E4-F84C-4B7F-8A42-20EEC60986DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2374g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74F99F83-A7E6-4AFD-BC42-7348EF6613AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2378:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A62A9F4-2B98-4F2D-9143-08D1689E38AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2378g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8FD06CB-F456-44BD-900B-06131DC68B6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2386g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9044310E-4DF9-47BA-9D05-C1405DC8CDB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_e-2388g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA881CDA-1C16-43F1-A7D5-69502512A21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5215:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA109ED-BC4D-4F70-81B2-3CE0E2B3D9DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5215l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "070C20AB-66F2-4EE2-8134-5E40DBB9B9E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5217:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CA49CF7-C6BE-4337-A0A8-A603D8955EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5218:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C8F7F6B-847A-479D-B6B1-BBA331D06DE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5218b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C375A9D-C7CE-49A6-B08D-9CAB22E16D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5218n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8D06DC-6B8A-4B7B-BB3E-778D432CFEF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5218r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E06531E6-126A-4FBB-BEBB-F9023C4738F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5218t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93B8CDF0-1489-4E4C-B004-A22E06FC10D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6ACF161-472E-4088-85C2-5940C9C88D45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5220r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0B94F6-EC15-4C12-8BA5-CC6602A7A725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5220s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "067C65E5-5392-4DAF-A6BD-640D78C19CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5220t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1647DAC-CED6-4DAF-8F82-A42D6D691DF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5222:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D93CC498-F558-4C2F-9E14-7897060CA9FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5315y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6839AE9B-9A8A-4312-80FC-0549C675A815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5317:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E0E7358-1EC1-43DA-99B3-A2D6D57E0121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5318h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43808CCF-1EF0-41CE-983D-DD6BB775895E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5318n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C5D3DE-5506-4F16-B7F9-5032A1277D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5318s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED598260-2A9B-46F7-AA85-0DA97DA0D42D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5318y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06F1CFD2-8F32-4CE8-9D9B-C65B332775B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD98889-58A1-4A5A-B79A-B2DA9EDA63DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5320h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BF1F73B-4736-40BC-9053-951B5BF1059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_5320t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDA47606-176C-4F6B-A316-4C536B63FA4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6208u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76D48CFC-1322-4C53-8B53-88E7ACC724BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6209u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6456D0-32AE-44A9-9F63-AD64B5E49182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6210u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38EA99F9-22C2-47ED-9DDD-928E19C4C51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6212u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F8867B2-F297-4D30-AD43-77B0F67FAE3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6222v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "178345A5-9A38-4C8F-B3BB-430276FA4998",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6226:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831A7D63-4638-480C-94CB-ED06613BA75C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6226r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "178D9E36-79EC-4672-8E46-0FD6597CA1CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EED0D492-ADAB-41ED-A283-024D3CED441F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6230n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BBB5A97-EA4F-454C-819C-DE1CE7018E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6230r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9733E69-E7CF-444C-B72C-AC8E5DEF2449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6230t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD24563-9157-4DE1-95ED-D4E3E879219E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6234:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F83F8602-6679-4B3C-BBDD-3BDB2B317F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6238:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CD3E45C-1943-42BA-9F6D-EA64D67BF954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6238l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7B4C84-1258-4F2F-B8A3-55353B3D13BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6238r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B27F755-4C38-4469-8A9D-C9266BDA53ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6238t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E21977E-7085-46C5-8E89-F952C2EBCE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB72D13B-5880-4CB2-8E80-CB6A39B5A302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6240l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02BCB7D2-4B68-4FF8-BFC9-06C39A708C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6240r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAF31FBF-20FB-4B8A-ADE1-E29BB8B8A702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6240y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF7298E-BC07-4C42-8F9C-C3B0CDFC86C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6242:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C8292CC-DACB-489A-BCB2-73DC2C6F944C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6242r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D83AEDF-2671-4278-8088-BA517192AB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6244:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF72F37A-2F28-40E6-A84B-0E1DF63B1812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6246:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C1742C-96CC-4BCA-928E-D6B53ED2DB0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6246r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EAE9CE6-DA95-40B0-AE65-656FA4603D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6248:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CAD0B5C3-633D-4F2A-8D56-8FA83F1B581C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6248r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5241B3E0-F968-4B16-8BF8-191C6F7B224A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EFB52DD-5B7D-45BA-B249-A134D1B9EBD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6250l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B82FC910-F3AB-42BF-9740-EC09F0AC179D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6252:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BAE2B11-B0F5-415F-BD6B-E285EF9C9095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6252n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BA58EFB-7672-4902-ABC1-65217AA617AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6254:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96E2764D-7D6A-4CE0-A628-FFE966A6462F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6256:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D66D18C-17F2-4259-B1D8-7C63797A024C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6258r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25C8DFB5-9D8B-4370-849A-DC061910E54F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6262v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B704835-1250-44E1-923C-5DE2F4DD25D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6312u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7D9572-8D03-4D54-B0E1-C0A3F3F90FCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6314u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3CA224-B5DE-4451-9CF9-929ABEA242EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6326:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3D8E340-AE91-4F29-9F22-E0CE6718FC13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6328h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "710DBCD5-788D-4140-AC16-EC6E126CFA66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6328hl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A767EC83-AAED-4FEA-A35E-A503369FE4FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6330:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB1ACDED-85B4-4A11-BD03-8E1B9563B7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6330h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C4A47D-7F66-4ACC-9C69-0A355D46CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6330n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20821868-F7D2-4132-8D63-98E1089DB46C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6334:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB9295A-8832-4670-B268-FBD0BC086447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6336y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489BD4AC-50C6-422B-A2B2-00A70E611114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6338:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5694238-F4E5-4689-ADD2-67C25762ED92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6338n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A57D44C0-AA8D-46B0-8923-ADB312E3937F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6338t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A551BBB-76CD-4C26-913F-B02C66E5D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6342:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4A44F2-68BF-4709-946B-C976DA3A9C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6346:-:*:*:*:*:*:*:*",
"matchCriteriaId": "038AC553-5523-4687-843D-6FEA7264EDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6348:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE5D09C-3272-4810-9F41-97BDBBFE4160",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6348h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59C5122F-D822-4E71-A417-88EB51F1786B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_gold_6354:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F14C3438-B876-45B9-85F5-61354207AF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94A6DA7A-7C97-40E1-B31A-B92BB658C429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54AF128B-9984-4C91-B7F6-968DE376C3BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28B167F1-63FA-4C86-84AB-836ABF84E6E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "955420F9-3A3F-40E0-9940-DD43C5C78D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC4A437C-6C00-4729-91CC-D27EB3542633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74ED727D-B1A9-4F4B-92C7-3F00F3A80013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2C24951-B3FA-48E6-AFAC-6CA0D2348230",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:*",
"matchCriteriaId": "185E8FBC-9EE9-472E-867B-0B0DEEECA13E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB3C00A0-C28A-46EB-853D-DAE3819399D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0951DB50-AC8E-4C17-A2A9-DD4A198C4DD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CAB607-87B2-49F4-9FAB-662D5EA3D11C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8351n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7C504C3-7EEE-4A0F-8589-19C1E806E690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8352m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5230F6AF-88CB-4EE2-B292-8B9A7217D10F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8352s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B45C39D-03E8-46C1-88DD-94E382F4A961",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8352v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF2DC691-025A-441E-AAC2-C8583F54733D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8352y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8FB7EE6-6808-4879-A0A3-E85FE5CB37CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8353h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBE07EA7-4CDF-4038-A948-6AC126C7F6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8354h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A2241C-37AE-41AE-A8D1-D9AB18CCE16D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8356h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB6DEAA1-3209-4B49-B931-43E8C1C5BE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8358:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE086F8-5C8B-4F0C-B53A-76BD4E67B678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8358p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00B21B5C-0FDE-4A8E-A9FC-5CF822A74B20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8360h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB15368B-21A1-429E-8B9C-A095C4E8BA67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8360hl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA925F96-6DDD-4F71-BF13-710C8A89D860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8360y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E41414A-6B0B-4511-A9A1-7FF99DD25DB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8362:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91EB66B4-8F1B-4F35-9371-17FB761997CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8368:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDFD1AF-2716-4C95-ADFF-79EFA915C286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8368q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5390A12B-80BD-4889-BF0F-95E65D10D037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8376h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1D6444A-B9CF-4D70-A8A9-E6B57B6F13DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8376hl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05637A96-AF09-4FF5-A918-AB369AA2D1CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33FA0279-D587-471E-8EC0-211F78DA4DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8380h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CC27DB-11D4-412A-BC69-CF32A0CABCF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_8380hl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8FE9694-F0E7-4B45-82A1-065DA96B9794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_9221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBC93757-5FD7-403D-B5ED-CC8793002352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_9222:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7019D4-58E0-4B73-93B8-D3B0E86BF2D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DF8D8C4-29EA-4D09-87AB-A570403BA0E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89421EC5-52E5-441F-AD3B-5C5E964F836D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4208:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA909754-B60A-4B30-AF42-4C8734E155AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4209t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBEFB056-0872-434B-9630-28A1AAEAD470",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21A62CB9-FB01-45CB-9E10-E72D87C0E1F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4210r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD8EBFCC-AD76-4285-93BD-D14219C6EA5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4210t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FF7E334-6DC7-44B5-A102-649A68300C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B4F7FE-61A3-417A-BAA9-E686A76F3A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4214r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DE4C87E-CB23-4804-9BBD-2533C5E1D6D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4214y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7305838B-84CA-4BB8-A350-B2D2844F1041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4215:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D356D196-8AB0-4387-A644-C5E68174A60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4215r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89587A92-6234-40C3-83DB-F72319FFBC79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F50C03E-CBEB-4738-BDF4-DC296CE9DFA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4309y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB267830-FA6E-4C2E-8BBE-C3DA12A6A33D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D557D68C-8279-4BFD-9EA6-17A83754B8FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4310t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ECA0BC9-1CA4-4B95-B98F-9098B2550309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4314:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1298CF87-124D-450B-928D-F39CCA2BAF42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_silver_4316:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF12820F-A2BE-44BF-A85D-7F4623898DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-10855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65A473FF-F3AD-41F5-B63A-3D6DDB0BD216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-10855m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "853DE44A-84C9-4959-865F-D538DF895647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-10885m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13326C69-C160-482F-BF28-5425B57BE738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11155mle:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F15EF0E-37CF-4944-8B6B-A82B4348CDC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11155mre:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92D12220-840B-4397-889C-9649F34B7E25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11555mle:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AB926B2-077B-4752-80EC-D39446115FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11555mre:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8C1D750-1FE9-40F8-BCB9-77D13C13906C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11855m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D07040D2-2ADC-4CC4-860F-74A7C64FD6FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11865mld:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D2ED18E-241E-4154-9793-FB0E60F9C00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11865mre:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D59D80E8-5A2C-402F-8AE3-766ECEDA14F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-11955m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F66D2E5-BD5B-406D-82A0-4E1E32EDC337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "557E240A-6760-434E-9C3A-1E5E9129912D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1250p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B7565F3-5D41-4A1F-948B-1A55E3AD3EF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C71A52C1-1FBF-4730-8234-700F87D5E74D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1270p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B930DF9-C425-41AF-9736-0BD611C79CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1290:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF260A0-CDD8-4EE1-B3F4-73CD02FDCD11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1290e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B84F7DC-EE67-4748-8AE2-7070A6F79BAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1290p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C156433-48A3-4B2E-A8DB-AF1F09B2EFA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1290t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D78A1CFF-F05E-429C-A9AA-935078574A3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1290te:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE28AD41-2287-4F2B-924C-30B66A320443",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3A7AD3-D7D4-40A5-B1B6-A818B5ACE6D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1350:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E31FFECA-F663-4B59-9800-1C6A8BD84626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1350p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F194D4-9425-470E-B812-CD92B5C5A68A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E426811-F97D-42CE-B06D-41CDA84E1B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1370p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5F5950-C21F-4142-BA1E-E074FAF249F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC8A89-4CF3-473B-9251-9FA5FF8ADBD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1390p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30EE6B10-84FC-4D9D-8F39-4B7000CC85AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-1390t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFDA5D5-F00F-40CC-B492-C433200A491C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2223:-:*:*:*:*:*:*:*",
"matchCriteriaId": "708D6E00-A2E5-4B08-88E7-C872ACFC341D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2225:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD8EE0E-2BA3-49DD-91D1-81AB67F16475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2235:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC75E5CF-4241-45A8-AD45-1F7F077CEEA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2245:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D132291B-AADD-49E3-ADD6-333E1F1D8DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2255:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ADF328B-D286-4C36-9F21-11A58D55D03A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2265:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D23470-A702-426D-A63C-4F7BAC158762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2275:-:*:*:*:*:*:*:*",
"matchCriteriaId": "750A77C5-1367-4E04-9ABF-1AB2D46C29C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-2295:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1340A29-3428-4FAD-AA07-7F625915E34D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3223:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA1FA19-A836-4D6A-8C2D-718ECE6866D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3225:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ECEBDB0-2E0A-416B-9737-82C1FC65A06C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3235:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C39B6A99-7060-4011-8FA3-E5ABE5C02813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3245:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF9E723E-1095-424E-A90D-380CA0D2795E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3245m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35380FB9-90FF-405F-8E2E-01C1DD209540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3265:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2215D655-0EA9-4530-AB68-7B1C7360D692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3265m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "020B6FED-EAE2-478C-8FF4-CB75F24E9A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3275:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE519C62-F5BB-461C-91EF-2979CD506C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:xeon_w-3275m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F693457C-3529-4E62-A672-1B862F235D0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access."
},
{
"lang": "es",
"value": "La compartici\u00f3n no transparente de selectores de predicci\u00f3n de rama dentro de un contexto en algunos procesadores Intel(R) puede permitir que un usuario autorizado permita potencialmente una divulgaci\u00f3n de informaci\u00f3n por medio del acceso local"
}
],
"id": "CVE-2022-0002",
"lastModified": "2024-11-21T06:37:45.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-11T18:15:25.373",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/18/2"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220818-0004/"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/18/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220818-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-24 15:15
Modified
2024-11-21 06:52
Severity ?
Summary
net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| debian | debian_linux | 11.0 | |
| netapp | h300e | - | |
| netapp | h300s | - | |
| netapp | h410c | - | |
| netapp | h410s | - | |
| netapp | h500e | - | |
| netapp | h500s | - | |
| netapp | h700e | - | |
| netapp | h700s | - | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EC14C1-75C4-4ECD-94D3-EB9151F1007E",
"versionEndExcluding": "5.4.182",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A95B717-3110-4D4F-B8FC-373919BB514D",
"versionEndExcluding": "5.10.103",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AB342AE-A62E-4947-A6EA-511453062B2B",
"versionEndExcluding": "5.15.26",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C76BAB21-7F23-4AD8-A25F-CA7B262A2698",
"versionEndExcluding": "5.16.12",
"versionStartIncluding": "5.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload."
},
{
"lang": "es",
"value": "El archivo net/netfilter/nf_dup_netdev.c en el kernel de Linux versiones 5.4 hasta 5.6.10, permite a usuarios locales alcanzar privilegios debido a una escritura fuera de los l\u00edmites de la pila. Esto est\u00e1 relacionado con nf_tables_offload"
}
],
"id": "CVE-2022-25636",
"lastModified": "2024-11-21T06:52:29.017",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-24T15:15:31.993",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/02/22/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Bonfee/CVE-2022-25636"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220325-0002/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5095"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/02/21/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/02/22/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/Bonfee/CVE-2022-25636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220325-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/02/21/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-30 12:15
Modified
2024-11-21 06:40
Severity ?
Summary
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vim | vim | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2771F51-99CD-4914-9DBB-55E53B495B93",
"versionEndExcluding": "8.2.4646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646."
},
{
"lang": "es",
"value": "Un uso de memoria previamente liberada en utf_ptr2char en el repositorio de GitHub vim/vim versiones anteriores a 8.2"
}
],
"id": "CVE-2022-1154",
"lastModified": "2024-11-21T06:40:08.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0,
"source": "security@huntr.dev",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-30T12:15:07.943",
"references": [
{
"source": "security@huntr.dev",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5"
},
{
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425"
},
{
"source": "security@huntr.dev",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html"
},
{
"source": "security@huntr.dev",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
},
{
"source": "security@huntr.dev",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J/"
},
{
"source": "security@huntr.dev",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/"
},
{
"source": "security@huntr.dev",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"source": "security@huntr.dev",
"url": "https://security.gentoo.org/glsa/202305-16"
},
{
"source": "security@huntr.dev",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C2CQXRLBIC4S7JQVEIN5QXKQPYWB5E3J/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-32"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202305-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "security@huntr.dev",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "security@huntr.dev",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-25 19:15
Modified
2024-11-21 06:37
Severity ?
Summary
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | 5.15 | |
| linux | linux_kernel | 5.15 | |
| linux | linux_kernel | 5.15 | |
| linux | linux_kernel | 5.15 | |
| netapp | active_iq_unified_manager | - | |
| netapp | e-series_santricity_os_controller | * | |
| netapp | element_software | - | |
| netapp | hci_management_node | - | |
| netapp | solidfire | - | |
| netapp | bootstrap_os | - | |
| netapp | hci_compute_node | - | |
| netapp | a700s_firmware | - | |
| netapp | a700s | - | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "037A6DFB-B41D-4CC7-86C1-A201809B79C4",
"versionEndExcluding": "5.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:-:*:*:*:*:*:*",
"matchCriteriaId": "40D9C0D1-0F32-4A2B-9840-1072F5497540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*",
"matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C5DA53D-744B-4087-AEA9-257F18949E4D",
"versionEndIncluding": "11.70.2",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C19813-E823-456A-B1CE-EC0684CE1953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95BA156C-C977-4F0C-8DFB-3FAE9CC8C02D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7447BC-F315-4298-A822-549942FC118B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD92BFA-9117-4E6E-A13F-ED064B4B7284",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7DA42F-5D64-4967-A2D4-6210FE507841",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo de lectura de uso de memoria previamente liberada en la funci\u00f3n sock_getsockopt() en el archivo net/core/sock.c debido a la carrera de SO_PEERCRED y SO_PEERGROUPS con listen() (y connect()) en el kernel de Linux. En este fallo, un atacante con privilegios de usuario puede bloquear el sistema o filtrar informaci\u00f3n interna del kernel"
}
],
"id": "CVE-2021-4203",
"lastModified": "2024-11-21T06:37:08.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-25T19:15:09.833",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2230\u0026can=7\u0026q=modified-after%3Atoday-30\u0026sort=-modified\u0026colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve\u0026cells=tiles\u0026redir=1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036934"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814"
},
{
"source": "secalert@redhat.com",
"url": "https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet%40gmail.com/T/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221111-0003/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2230\u0026can=7\u0026q=modified-after%3Atoday-30\u0026sort=-modified\u0026colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary%20Modified%20Cve\u0026cells=tiles\u0026redir=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lore.kernel.org/netdev/20210929225750.2548112-1-eric.dumazet%40gmail.com/T/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221111-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-362"
},
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-04 16:15
Modified
2024-11-21 06:22
Severity ?
Summary
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "037A6DFB-B41D-4CC7-86C1-A201809B79C4",
"versionEndExcluding": "5.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:-:*:*:*:*:*:*",
"matchCriteriaId": "40D9C0D1-0F32-4A2B-9840-1072F5497540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*",
"matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:build_of_quarkus:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D2076F4-560A-4A96-A6E7-EA45037194DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93A089E2-D66E-455C-969A-3140D991BAF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE16CC2-C6B4-4B73-98A1-F28475A92F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5F48D0CB-CB06-4456-B918-6549BC6C7892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "845B853C-8F99-4987-AA8E-76078CE6A977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60937D60-6B78-400F-8D30-7FCF328659A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3741B8-851F-475D-B428-523F4F722350",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF5C4AC-CA69-41E3-AD93-7AC21931374A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "729C515E-1DD3-466D-A50B-AFE058FFC94A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF9BCF3-187F-410A-96CA-9C47D3ED6924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4023C74B-8CB5-4351-A645-DBFD8BDBFD32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*",
"matchCriteriaId": "E5CB3640-F55B-4127-875A-2F52D873D179",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5DE3C5-B090-4CE7-9AF2-DEB379D7D5FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DFE17EF-9FAB-4C79-A778-22923413C015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "871A5C26-DB7B-4870-A5B2-5DD24C90B4A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1272DF03-7674-4BD4-8E64-94004B195448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7614E5D3-4643-4CAE-9578-9BB9D558211F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo de p\u00e9rdida de memoria en el kernel de Linux en la funci\u00f3n ccp_run_aes_gcm_cmd() en el archivo drivers/crypto/ccp/ccp-ops.c, que permite a atacantes causar una denegaci\u00f3n de servicio (consumo de memoria). Esta vulnerabilidad es similar a la anterior CVE-2019-18808"
}
],
"id": "CVE-2021-3744",
"lastModified": "2024-11-21T06:22:19.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-04T16:15:08.817",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/09/14/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000627"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://seclists.org/oss-sec/2021/q3/164"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/09/14/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://seclists.org/oss-sec/2021/q3/164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-11-20 04:15
Modified
2024-11-21 05:33
Severity ?
Summary
IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | vios | 3.1.0 | |
| ibm | vios | 3.1.1 | |
| ibm | vios | 3.1.2 | |
| ibm | aix | 7.1.0 | |
| ibm | aix | 7.1.5 | |
| ibm | aix | 7.2.0 | |
| ibm | aix | 7.2.3 | |
| ibm | aix | 7.2.4 | |
| ibm | aix | 7.2.5 | |
| ibm | power9 | - | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:vios:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3939ADB4-5177-45C2-9C29-932E81D27F9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B809C4C8-2FE4-4DB6-8975-4259FF705D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:vios:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4149DA62-D7FA-4431-8139-419AAB6EE744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1C208E-967A-40B1-AD9D-AFBA78D3C317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:7.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48F204DE-2F8F-4854-A127-9CF20F3CEC2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE65FF3-C4F6-4BAF-85D3-CA86D16E8B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8D4C29-833C-4467-B06A-D8067AAEF3D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "984D9159-2FF2-4D1E-94F7-CC207C04F125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB863845-F3F4-46AD-B686-F9B6B7EF3607",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:power9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA7D79D-5032-41BC-BC5C-1029BD551FAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296."
},
{
"lang": "es",
"value": "Los procesadores IBM Power9 (AIX versiones 7.1, 7.2 y VIOS versi\u00f3n 3.1), podr\u00edan permitir a un usuario local obtener informaci\u00f3n confidencial de los datos en la cach\u00e9 L1 en circunstancias atenuantes. IBM X-Force ID: 189296"
}
],
"id": "CVE-2020-4788",
"lastModified": "2024-11-21T05:33:15.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.4,
"impactScore": 3.6,
"source": "psirt@us.ibm.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-20T04:15:11.063",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/11/20/3"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/11/23/1"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/189296"
},
{
"source": "psirt@us.ibm.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TITJQPYDWZ4NB2ONJWUXW75KSQIPF35T/"
},
{
"source": "psirt@us.ibm.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZF4OGZPKTAJJXWHPIFP3LHEWWEMR5LPT/"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/6370729"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/11/20/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/11/23/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/189296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TITJQPYDWZ4NB2ONJWUXW75KSQIPF35T/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZF4OGZPKTAJJXWHPIFP3LHEWWEMR5LPT/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/6370729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-25 02:15
Modified
2024-11-21 06:32
Severity ?
Summary
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD89F539-A702-48B0-BFD3-7AC4E4A0A41C",
"versionEndExcluding": "5.13.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EBD848-26BA-4EF6-81C8-83B6DFFC75DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\\u0026_hci_storage_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA3919C-B2B1-4CB5-BA76-7A079AAFFC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire_\\\u0026_hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netapp:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05BEB6DA-10B8-43D8-A527-68E26F4875CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:all_flash_fabric-attached_storage_8300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5753F36-9BB4-47FF-806C-D1C77E8AD0F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:all_flash_fabric-attached_storage_8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA68733C-FB68-4230-B237-C99AC979AD90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:fabric-attached_storage_8300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299AD352-A486-44A7-8507-FB3C3311BB37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:fabric-attached_storage_8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E89C80-A70B-48A3-A076-D9F031C25D1C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:all_flash_fabric-attached_storage_8700_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0F881B-5A23-42F7-8A6B-02BDD10A74DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:all_flash_fabric-attached_storage_8700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "049791FD-C7CE-43E0-8B7B-363B49B40D4A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:fabric-attached_storage_8700_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE584D20-5B46-42B9-B87D-5F4771CED73F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:fabric-attached_storage_8700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF9B5939-68D6-47E1-AFCA-F709F46136C6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:aff_a400_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56FD9B9A-BBE5-4CA5-B9F9-B16E1FE738C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:aff_a400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3E70A56-DBA8-45C7-8C49-1A036501156F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:fabric-attached_storage_a400_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BA5679F-B7F4-482B-92B3-52121124829F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:fabric-attached_storage_a400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02F063AC-FC82-45E4-A977-243FB3569904",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F921BC85-568E-4B69-A3CD-CF75C76672F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7447BC-F315-4298-A822-549942FC118B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89612649-BACF-4FAC-9BA4-324724FD93A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D9B255-C1AF-42D1-BF9B-13642FBDC080",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7CFE0E-9D1E-4495-B302-89C3096FC0DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5921A877-18BF-43FE-915C-D226E140ACFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7296A1F2-D315-4FD5-8A73-65C480C855BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn\u0027t properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses."
},
{
"lang": "es",
"value": "En la implementaci\u00f3n de IPv6 en el kernel de Linux versiones anteriores a 5.13.3, el archivo net/ipv6/output_core.c presenta un filtrado de informaci\u00f3n debido a determinado uso de una tabla hash que, aunque es grande, no considera apropiadamente que atacantes basados en IPv6 pueden elegir t\u00edpicamente entre muchas direcciones de origen IPv6"
}
],
"id": "CVE-2021-45485",
"lastModified": "2024-11-21T06:32:18.733",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-25T02:15:06.667",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220121-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220121-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-18 15:15
Modified
2024-11-21 05:48
Severity ?
Summary
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process’s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11
References
| ▼ | URL | Tags | |
|---|---|---|---|
| talos-cna@cisco.com | https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243 | Exploit, Third Party Advisory | |
| talos-cna@cisco.com | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | 5.4.54 | |
| linux | linux_kernel | 5.4.66 | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.4.54:*:*:*:*:*:*:*",
"matchCriteriaId": "633D05FD-ACF8-49D1-BEEB-E93D7C0EB258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.4.66:*:*:*:*:*:*:*",
"matchCriteriaId": "08CD832A-636A-4BF7-B1D2-2D244AEACDD1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process\u2019s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11"
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en la funcionalidad ARM SIGPAGE del Kernel de Linux versiones v5.4.66 y v5.4.54. La \u00faltima versi\u00f3n (5.11-rc4) parece seguir siendo vulnerable. Una aplicaci\u00f3n de userland puede leer el contenido de la sigpage, que puede filtrar el contenido de la memoria del kernel. Un atacante puede leer la memoria de un proceso en un desplazamiento espec\u00edfico para desencadenar esta vulnerabilidad. Esto fue corregido en las versiones del kernel: 4.14.222 4.19.177 5.4.99 5.10.17 5.11"
}
],
"id": "CVE-2021-21781",
"lastModified": "2024-11-21T05:48:57.427",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4,
"source": "talos-cna@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-18T15:15:07.733",
"references": [
{
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243"
},
{
"source": "talos-cna@cisco.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
],
"source": "talos-cna@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-25 02:15
Modified
2024-11-21 06:32
Severity ?
Summary
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02E3EF5C-8618-4945-A6A6-D7C1A416754F",
"versionEndExcluding": "5.12.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small."
},
{
"lang": "es",
"value": "En la implementaci\u00f3n de IPv4 en el kernel de Linux versiones anteriores a 5.12.4, el archivo net/ipv4/route.c presenta un filtrado de informaci\u00f3n porque la tabla hash es muy peque\u00f1a"
}
],
"id": "CVE-2021-45486",
"lastModified": "2024-11-21T06:32:18.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-25T02:15:06.710",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://arxiv.org/pdf/2112.09604.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-18 17:15
Modified
2024-11-21 06:36
Severity ?
Summary
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | 5.16 | |
| linux | linux_kernel | 5.16 | |
| linux | linux_kernel | 5.16 | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h300e_firmware | - | |
| netapp | h300e | - | |
| netapp | h500e_firmware | - | |
| netapp | h500e | - | |
| netapp | h700e_firmware | - | |
| netapp | h700e | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| netapp | hci_management_node | - | |
| netapp | solidfire | - | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8453AEE-C6A3-45F8-875D-63F8D19E16F8",
"versionEndExcluding": "4.4.294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB7F6C04-42D3-48A3-892D-2487383B9B6E",
"versionEndExcluding": "4.9.292",
"versionStartIncluding": "4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7080D941-9847-42F5-BA50-0A03CFB61FD1",
"versionEndExcluding": "4.14.257",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE5D9F3-CF1C-4DE8-9116-2EBE7BDEF7FD",
"versionEndExcluding": "4.19.220",
"versionStartIncluding": "4.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D8DC10-1823-4334-BD0F-C1B620602FF9",
"versionEndExcluding": "5.4.164",
"versionStartIncluding": "4.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26973DED-ABFE-45EA-98B6-628224CBB724",
"versionEndExcluding": "5.10.84",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A696A60B-2782-4119-83DD-1EFFBC903F02",
"versionEndExcluding": "5.15.7",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A73429BA-C2D9-4D0C-A75F-06A1CA8B3983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F621B5E3-E99D-49E7-90B9-EC3B77C95383",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C19813-E823-456A-B1CE-EC0684CE1953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A read-after-free memory flaw was found in the Linux kernel\u0027s garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo de lectura de memoria previamente liberada en la recolecci\u00f3n de basura del kernel de Linux para los manejadores de archivos de socket de dominio Unix en la forma en que los usuarios llaman a close() y fget() simult\u00e1neamente y puede potencialmente desencadenar una condici\u00f3n de carrera. Este fallo permite a un usuario local bloquear el sistema o escalar sus privilegios en el sistema. Este fallo afecta a las versiones del kernel de Linux anteriores a la 5.16-rc4"
}
],
"id": "CVE-2021-4083",
"lastModified": "2024-11-21T06:36:52.243",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-18T17:15:09.403",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220217-0005/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220217-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-13 18:15
Modified
2024-11-21 06:29
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Summary
lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lxml | lxml | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| netapp | solidfire | - | |
| netapp | solidfire_enterprise_sds | - | |
| netapp | hci_storage_node_firmware | - | |
| netapp | hci_storage_node | - | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_exposure_function | 22.1.1 | |
| oracle | communications_cloud_native_core_policy | 22.2.0 | |
| oracle | http_server | 12.2.1.3.0 | |
| oracle | http_server | 12.2.1.4.0 | |
| oracle | zfs_storage_appliance_kit | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lxml:lxml:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEE4409E-D026-41BB-B57D-65DCE636B964",
"versionEndExcluding": "4.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire_enterprise_sds:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D18075A-E8D6-48B8-A7FA-54E336A434A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:hci_storage_node_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC4299D-05D3-4875-BC79-C3DC02C88ECE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02DEB4FB-A21D-4CB1-B522-EEE5093E8521",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9955F62A-75D3-4347-9AD3-5947FC365838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6D77C7-A2F4-4700-AB5A-3EC853496ECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFC79B17-E9D2-44D5-93ED-2F959E7A3D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD04BEE5-E9A8-4584-A68C-0195CE9C402C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available."
},
{
"lang": "es",
"value": "lxml es una biblioteca para procesar XML y HTML en el lenguaje Python. En versiones anteriores a 4.6.5, el limpiador de HTML en lxml.html dejaba pasar determinado contenido de scripts manipulados, as\u00ed como contenido de scripts en archivos SVG insertados usando URIs de datos. Los usuarios que empleen el limpiador de HTML en un contexto relevante para la seguridad deben actualizar a lxml versi\u00f3n 4.6.5 para recibir un parche. No se presentan soluciones conocidas disponibles"
}
],
"id": "CVE-2021-43818",
"lastModified": "2024-11-21T06:29:51.497",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-13T18:15:08.387",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/lxml/lxml/commit/a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00037.html"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUIS2KE3HZ2AAQKXFLTJFZPP2IFHJTC7/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2XMOM5PFT6U5AAXY6EFNT5JZCKKHK2V/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZGNET2A4WGLSUXLBFYKNC5PXHQMI3I7/"
},
{
"source": "security-advisories@github.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4SPKJX3RRJK4UWA6FXCRHD2TVRQI44/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-06"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220107-0005/"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5043"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/lxml/lxml/commit/a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUIS2KE3HZ2AAQKXFLTJFZPP2IFHJTC7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2XMOM5PFT6U5AAXY6EFNT5JZCKKHK2V/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZGNET2A4WGLSUXLBFYKNC5PXHQMI3I7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4SPKJX3RRJK4UWA6FXCRHD2TVRQI44/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220107-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}