Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2022-AVI-789
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service, une élévation de priviliège et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "$ref": "https://www.cert.ssi.gouv.fr/openapi.json", "affected_systems": [ { "description": "Ubuntu 16.04 ESM", "product": { "name": "Ubuntu", "vendor": { "name": "Ubuntu", "scada": false } } }, { "description": "Ubuntu 18.04 LTS", "product": { "name": "Ubuntu", "vendor": { "name": "Ubuntu", "scada": false } } }, { "description": "Ubuntu 20.04 LTS", "product": { "name": "Ubuntu", "vendor": { "name": "Ubuntu", "scada": false } } }, { "description": "Ubuntu 14.04 ESM", "product": { "name": "Ubuntu", "vendor": { "name": "Ubuntu", "scada": false } } }, { "description": "Ubuntu 22.04 LTS", "product": { "name": "Ubuntu", "vendor": { "name": "Ubuntu", "scada": false } } } ], "affected_systems_content": null, "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n", "cves": [ { "name": "CVE-2021-33656", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33656" }, { "name": "CVE-2021-33061", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33061" }, { "name": "CVE-2022-1943", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1943" }, { "name": "CVE-2022-1012", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1012" }, { "name": "CVE-2022-2873", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2873" }, { "name": "CVE-2022-2959", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2959" }, { "name": "CVE-2022-1729", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1729" }, { "name": "CVE-2022-1852", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1852" }, { "name": "CVE-2022-1973", "url": "https://www.cve.org/CVERecord?id=CVE-2022-1973" }, { "name": "CVE-2022-2503", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2503" } ], "initial_release_date": "2022-09-02T00:00:00", "last_revision_date": "2022-09-02T00:00:00", "links": [ { "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu du 01 sept. 2022", "url": "https://ubuntu.com/security/notices/USN-5591-3" }, { "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu du 01 sept. 2022", "url": "https://ubuntu.com/security/notices/USN-5591-2" }, { "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu du 02 sept. 2022", "url": "https://ubuntu.com/security/notices/USN-5592-1" }, { "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu du 31 ao\u00fbt 2022", "url": "https://ubuntu.com/security/notices/USN-5591-1" }, { "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu du 31 ao\u00fbt 2022", "url": "https://ubuntu.com/security/notices/USN-5594-1" } ], "reference": "CERTFR-2022-AVI-789", "revisions": [ { "description": "Version initiale", "revision_date": "2022-09-02T00:00:00.000000" } ], "risks": [ { "description": "Ex\u00e9cution de code arbitraire" }, { "description": "D\u00e9ni de service" }, { "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es" }, { "description": "\u00c9l\u00e9vation de privil\u00e8ges" } ], "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice, une \u00e9l\u00e9vation de privili\u00e8ge et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n", "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu", "vendor_advisories": [ { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5591-1 du 31 ao\u00fbt 2022", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5592-1 du 02 sept. 2022", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5591-2 du 01 sept. 2022", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5591-3 du 01 sept. 2022", "url": null }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-5594-1 du 31 ao\u00fbt 2022", "url": null } ] }
CVE-2022-1943 (GCVE-0-2022-1943)
Vulnerability from cvelistv5
Published
2022-06-01 00:00
Modified
2024-08-03 00:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:43.781Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1ad35dd0548ce947d97aaf92f7f2f9a202951cf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Linux kernel 5.18-rc7" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-07T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1ad35dd0548ce947d97aaf92f7f2f9a202951cf" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-1943", "datePublished": "2022-06-01T00:00:00", "dateReserved": "2022-05-30T00:00:00", "dateUpdated": "2024-08-03T00:24:43.781Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-33656 (GCVE-0-2021-33656)
Vulnerability from cvelistv5
Published
2022-07-18 14:44
Modified
2024-08-03 23:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.
References
URL | Tags | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | openEuler:kernel |
Version: <5.10.127 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:58:21.558Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-33656\u0026packageName=kernel" }, { "name": "[oss-security] 20220719 CVE-2021-33656: Linux kernel: When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.(\u003c5.10.127)", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/07/19/3" }, { "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "openEuler:kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "\u003c5.10.127" } ] } ], "descriptions": [ { "lang": "en", "value": "When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-02T18:06:13", "orgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2", "shortName": "openEuler" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-33656\u0026packageName=kernel" }, { "name": "[oss-security] 20220719 CVE-2021-33656: Linux kernel: When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.(\u003c5.10.127)", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2022/07/19/3" }, { "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "securities@openeuler.org", "ID": "CVE-2021-33656", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "openEuler:kernel", "version": { "version_data": [ { "version_value": "\u003c5.10.127" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-787 Out-of-bounds Write" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch", "refsource": "MISC", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/releases/5.10.127/vt-drop-old-font-ioctls.patch" }, { "name": "https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-33656\u0026packageName=kernel", "refsource": "MISC", "url": "https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-33656\u0026packageName=kernel" }, { "name": "[oss-security] 20220719 CVE-2021-33656: Linux kernel: When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.(\u003c5.10.127)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/07/19/3" }, { "name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2", "assignerShortName": "openEuler", "cveId": "CVE-2021-33656", "datePublished": "2022-07-18T14:44:28", "dateReserved": "2021-05-28T00:00:00", "dateUpdated": "2024-08-03T23:58:21.558Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2022-1973 (GCVE-0-2022-1973)
Vulnerability from cvelistv5
Published
2022-08-05 00:00
Modified
2024-08-03 00:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:24:43.660Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092542" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230120-0001/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "kernel 5.19 rc1" } ] } ], "descriptions": [ { "lang": "en", "value": "A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak problem." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "CWE-416", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-20T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092542" }, { "url": "https://security.netapp.com/advisory/ntap-20230120-0001/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-1973", "datePublished": "2022-08-05T00:00:00", "dateReserved": "2022-06-01T00:00:00", "dateUpdated": "2024-08-03T00:24:43.660Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2022-2959 (GCVE-0-2022-2959)
Vulnerability from cvelistv5
Published
2022-08-25 00:00
Modified
2024-08-03 00:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:53:00.487Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1165/" }, { "tags": [ "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/189b0ddc245139af81198d1a3637cac74f96e13a" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230214-0005/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in kernel 5.19" } ] } ], "descriptions": [ { "lang": "en", "value": "A race condition was found in the Linux kernel\u0027s watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-667", "description": "CWE-667", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-14T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1165/" }, { "url": "https://github.com/torvalds/linux/commit/189b0ddc245139af81198d1a3637cac74f96e13a" }, { "url": "https://security.netapp.com/advisory/ntap-20230214-0005/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-2959", "datePublished": "2022-08-25T00:00:00", "dateReserved": "2022-08-23T00:00:00", "dateUpdated": "2024-08-03T00:53:00.487Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-33061 (GCVE-0-2021-33061)
Vulnerability from cvelistv5
Published
2022-02-09 22:04
Modified
2025-05-05 16:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- denial of service
Summary
Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.
References
URL | Tags | |||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | Intel(R) 82599 Ethernet Controllers and Adapters |
Version: See references |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:42:19.563Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220210-0010/" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-33061", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-04-23T13:21:33.110089Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "NVD-CWE-Other", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-05-05T16:52:43.248Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Intel(R) 82599 Ethernet Controllers and Adapters", "vendor": "n/a", "versions": [ { "status": "affected", "version": "See references" } ] } ], "descriptions": [ { "lang": "en", "value": "Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access." } ], "problemTypes": [ { "descriptions": [ { "description": " denial of service ", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-02-10T09:07:37.000Z", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220210-0010/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secure@intel.com", "ID": "CVE-2021-33061", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Intel(R) 82599 Ethernet Controllers and Adapters", "version": { "version_data": [ { "version_value": "See references" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": " denial of service " } ] } ] }, "references": { "reference_data": [ { "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00571.html" }, { "name": "https://security.netapp.com/advisory/ntap-20220210-0010/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220210-0010/" } ] } } } }, "cveMetadata": { "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2021-33061", "datePublished": "2022-02-09T22:04:34.000Z", "dateReserved": "2021-05-18T00:00:00.000Z", "dateUpdated": "2025-05-05T16:52:43.248Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2022-2873 (GCVE-0-2022-2873)
Vulnerability from cvelistv5
Published
2022-08-22 00:00
Modified
2024-08-03 00:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:52:59.620Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://lore.kernel.org/lkml/20220729093451.551672-1-zheyuma97%40gmail.com/T/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230120-0001/" }, { "name": "DSA-5324", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5324" }, { "name": "[debian-lts-announce] 20230302 [SECURITY] [DLA 3349-1] linux-5.10 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html" }, { "name": "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Linux kernel 5.19-rc8" } ] } ], "descriptions": [ { "lang": "en", "value": "An out-of-bounds memory access flaw was found in the Linux kernel Intel\u2019s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-131", "description": "CWE-131", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-03T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://lore.kernel.org/lkml/20220729093451.551672-1-zheyuma97%40gmail.com/T/" }, { "url": "https://security.netapp.com/advisory/ntap-20230120-0001/" }, { "name": "DSA-5324", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5324" }, { "name": "[debian-lts-announce] 20230302 [SECURITY] [DLA 3349-1] linux-5.10 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html" }, { "name": "[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-2873", "datePublished": "2022-08-22T00:00:00", "dateReserved": "2022-08-17T00:00:00", "dateUpdated": "2024-08-03T00:52:59.620Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2022-1852 (GCVE-0-2022-1852)
Vulnerability from cvelistv5
Published
2022-06-30 12:42
Modified
2024-08-03 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.
References
URL | Tags | |||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:17:00.872Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/fee060cd52d69c114b62d1a2948ea9648b5131f9" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089815" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "kernel 5.19 rc1" } ] } ], "descriptions": [ { "lang": "en", "value": "A NULL pointer dereference flaw was found in the Linux kernel\u2019s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-05T16:45:50", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/torvalds/linux/commit/fee060cd52d69c114b62d1a2948ea9648b5131f9" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089815" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2022-1852", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "kernel", "version": { "version_data": [ { "version_value": "kernel 5.19 rc1" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A NULL pointer dereference flaw was found in the Linux kernel\u2019s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-476" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/torvalds/linux/commit/fee060cd52d69c114b62d1a2948ea9648b5131f9", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/fee060cd52d69c114b62d1a2948ea9648b5131f9" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2089815", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089815" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-1852", "datePublished": "2022-06-30T12:42:20", "dateReserved": "2022-05-24T00:00:00", "dateUpdated": "2024-08-03T00:17:00.872Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2022-1729 (GCVE-0-2022-1729)
Vulnerability from cvelistv5
Published
2022-09-01 00:00
Modified
2024-08-03 00:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | linux kernel |
Version: linux kernel 5.18 rc9 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:16:58.917Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3ac6487e584a1eb54071dbe1212e05b884136704" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2022/05/20/2" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230214-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "linux kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "linux kernel 5.18 rc9" } ] } ], "descriptions": [ { "lang": "en", "value": "A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-366", "description": "CWE-366", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-14T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3ac6487e584a1eb54071dbe1212e05b884136704" }, { "url": "https://www.openwall.com/lists/oss-security/2022/05/20/2" }, { "url": "https://security.netapp.com/advisory/ntap-20230214-0006/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-1729", "datePublished": "2022-09-01T00:00:00", "dateReserved": "2022-05-16T00:00:00", "dateUpdated": "2024-08-03T00:16:58.917Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2022-2503 (GCVE-0-2022-2503)
Vulnerability from cvelistv5
Published
2022-08-12 00:00
Modified
2025-04-21 13:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-302 - Authentication Bypass by Assumed-Immutable Data
Summary
Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Linux Kernel | Linux Kernel |
Version: unspecified < 4caae58406f8ceb741603eee460d79bacca9b1b5 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T00:39:07.939Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/google/security-research/security/advisories/GHSA-6vq3-w69p-w63m" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230214-0005/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-2503", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-04-21T13:39:52.291093Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-04-21T13:50:47.533Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Linux Kernel", "vendor": "Linux Kernel", "versions": [ { "lessThan": "4caae58406f8ceb741603eee460d79bacca9b1b5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates. We recommend upgrading past commit 4caae58406f8ceb741603eee460d79bacca9b1b5" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-302", "description": "CWE-302 Authentication Bypass by Assumed-Immutable Data", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-14T00:00:00.000Z", "orgId": "14ed7db2-1595-443d-9d34-6215bf890778", "shortName": "Google" }, "references": [ { "url": "https://github.com/google/security-research/security/advisories/GHSA-6vq3-w69p-w63m" }, { "url": "https://security.netapp.com/advisory/ntap-20230214-0005/" } ], "source": { "discovery": "INTERNAL" }, "title": "Linux Kernel LoadPin bypass via dm-verity table reload", "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", "assignerShortName": "Google", "cveId": "CVE-2022-2503", "datePublished": "2022-08-12T00:00:00.000Z", "dateReserved": "2022-07-21T00:00:00.000Z", "dateUpdated": "2025-04-21T13:50:47.533Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2022-1012 (GCVE-0-2022-1012)
Vulnerability from cvelistv5
Published
2022-08-05 00:00
Modified
2024-08-02 23:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:47:42.922Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://lore.kernel.org/lkml/20220427065233.2075-1-w%401wt.eu/T/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064604" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221020-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Linux kernel version prior to 5.18-rc6" } ] } ], "descriptions": [ { "lang": "en", "value": "A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-401", "description": "CWE-401", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-20T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://lore.kernel.org/lkml/20220427065233.2075-1-w%401wt.eu/T/" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064604" }, { "url": "https://security.netapp.com/advisory/ntap-20221020-0006/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-1012", "datePublished": "2022-08-05T00:00:00", "dateReserved": "2022-03-17T00:00:00", "dateUpdated": "2024-08-02T23:47:42.922Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…