admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-02 21:00:39 +00:00
parent 49887c6f3e
commit ec8e6117c7
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
51 changed files with 5638 additions and 1508 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
2017/15xxx/CVE-2017-15085.json
View File

@ -1,36 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2017-10-24T00:00:00",
"ID": "CVE-2017-15085",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Gluster Storage for RHEL 6",
"version": {
"version_data": [
{
"version_value": "3.3"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -45,28 +21,81 @@
"description": [
{
"lang": "eng",
"value": "CWE-300"
"value": "Channel Accessible by Non-Endpoint",
"cweId": "CWE-300"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Gluster Storage 3.3 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "0:4.6.3-8.el6rhs",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "101554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101554"
"url": "https://access.redhat.com/errata/RHSA-2017:3110",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2017:3110"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15085",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15085"
"url": "http://www.securityfocus.com/bid/101554",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/101554"
},
{
"name": "RHSA-2017:3110",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3110"
"url": "https://access.redhat.com/security/cve/CVE-2017-15085",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2017-15085"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1505787",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1505787"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15085",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15085"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
]
}

229
2017/15xxx/CVE-2017-15124.json
View File

@ -1,41 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2017-12-18T00:00:00",
"ID": "CVE-2017-15124",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Qemu",
"version": {
"version_data": [
{
"version_value": "2.11.0 and older"
}
]
}
}
]
},
"vendor_name": "QEMU"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto this data. A malicious remote VNC client could use this flaw to cause DoS to the server host."
"value": "VNC server implementation in Quick Emulator (QEMU) was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto this data. A malicious remote VNC client could use this flaw to cause DoS to the server host."
}
]
},
@ -45,53 +21,198 @@
"description": [
{
"lang": "eng",
"value": "CWE-770"
"value": "Allocation of Resources Without Limits or Throttling",
"cweId": "CWE-770"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "10:1.5.3-156.el7",
"version_affected": "!"
},
{
"version_value": "10:2.12.0-18.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat OpenStack Platform 10.0 (Newton)",
"version": {
"version_data": [
{
"version_value": "10:2.10.0-21.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat OpenStack Platform 11.0 (Ocata)",
"version": {
"version_data": [
{
"version_value": "10:2.10.0-21.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat OpenStack Platform 12.0 (Pike)",
"version": {
"version_data": [
{
"version_value": "10:2.10.0-21.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat OpenStack Platform 8.0 (Liberty)",
"version": {
"version_data": [
{
"version_value": "10:2.10.0-21.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat OpenStack Platform 9.0 (Mitaka)",
"version": {
"version_data": [
{
"version_value": "10:2.10.0-21.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "10:2.10.0-21.el7",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "102295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102295"
"url": "http://www.securityfocus.com/bid/102295",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/102295"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1525195",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525195"
"url": "https://access.redhat.com/errata/RHSA-2018:0816",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:0816"
},
{
"name": "DSA-4213",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4213"
"url": "https://access.redhat.com/errata/RHSA-2018:1104",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:1104"
},
{
"name": "RHSA-2018:0816",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0816"
"url": "https://access.redhat.com/errata/RHSA-2018:1113",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:1113"
},
{
"name": "RHSA-2018:1104",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1104"
"url": "https://access.redhat.com/errata/RHSA-2018:3062",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:3062"
},
{
"name": "RHSA-2018:1113",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1113"
"url": "https://access.redhat.com/security/cve/CVE-2017-15124",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2017-15124"
},
{
"name": "USN-3575-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3575-1/"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525195",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1525195"
},
{
"name": "RHSA-2018:3062",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3062"
"url": "https://usn.ubuntu.com/3575-1/",
"refsource": "MISC",
"name": "https://usn.ubuntu.com/3575-1/"
},
{
"url": "https://www.debian.org/security/2018/dsa-4213",
"refsource": "MISC",
"name": "https://www.debian.org/security/2018/dsa-4213"
}
]
},
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Daniel Berrange (Red Hat)."
}
],
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
}
]
}

124
2017/15xxx/CVE-2017-15127.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-15127",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Linux kernel before 4.13",
"version": {
"version_data": [
{
"version_value": "Linux kernel before 4.13"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG)."
"value": "A flaw was found in the Linux kernel when freeing pages in hugetlbfs. This could trigger a local denial of service by crashing the kernel."
}
]
},
@ -44,48 +21,95 @@
"description": [
{
"lang": "eng",
"value": "CWE-460"
"value": "Improper Cleanup on Thrown Exception",
"cweId": "CWE-460"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:3.10.0-862.rt56.804.el7",
"version_affected": "!"
},
{
"version_value": "0:3.10.0-862.el7",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5af10dfd0afc559bb4b0f7e3e8227a1578333995",
"url": "https://access.redhat.com/errata/RHSA-2018:0676",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5af10dfd0afc559bb4b0f7e3e8227a1578333995"
"name": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"name": "RHSA-2018:1062",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1525218",
"url": "https://access.redhat.com/errata/RHSA-2018:1062",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525218"
"name": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"name": "RHSA-2018:0676",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"name": "https://github.com/torvalds/linux/commit/5af10dfd0afc559bb4b0f7e3e8227a1578333995",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5af10dfd0afc559bb4b0f7e3e8227a1578333995",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/5af10dfd0afc559bb4b0f7e3e8227a1578333995"
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5af10dfd0afc559bb4b0f7e3e8227a1578333995"
},
{
"name": "https://access.redhat.com/security/cve/CVE-2017-15127",
"url": "http://www.securityfocus.com/bid/102517",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/CVE-2017-15127"
"name": "http://www.securityfocus.com/bid/102517"
},
{
"name": "102517",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102517"
"url": "https://access.redhat.com/security/cve/CVE-2017-15127",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2017-15127"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525218",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1525218"
},
{
"url": "https://github.com/torvalds/linux/commit/5af10dfd0afc559bb4b0f7e3e8227a1578333995",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/5af10dfd0afc559bb4b0f7e3e8227a1578333995"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
]
}

131
2017/15xxx/CVE-2017-15135.json
View File

@ -1,41 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2017-12-13T00:00:00",
"ID": "CVE-2017-15135",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "389-ds-base",
"version": {
"version_data": [
{
"version_value": "since 1.3.6.1 up to and including 1.4.0.3"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was found that 389-ds-base since 1.3.6.1 up to and including 1.4.0.3 did not always handle internal hash comparison operations correctly during the authentication process. A remote, unauthenticated attacker could potentially use this flaw to bypass the authentication process under very rare and specific circumstances."
"value": "It was found that 389-ds-base did not always handle internal hash comparison operations correctly during the authentication process. A remote, unauthenticated attacker could potentially use this flaw to bypass the authentication process under very rare and specific circumstances."
}
]
},
@ -45,38 +21,103 @@
"description": [
{
"lang": "eng",
"value": "CWE-287"
"value": "Improper Authentication",
"cweId": "CWE-287"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.2.11.15-94.el6_9",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:1.3.6.1-28.el7_4",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "102811",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102811"
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1525628",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525628"
"url": "http://www.securityfocus.com/bid/102811",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/102811"
},
{
"name": "RHSA-2018:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0414"
"url": "https://access.redhat.com/errata/RHSA-2018:0414",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:0414"
},
{
"name": "RHSA-2018:0515",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0515"
"url": "https://access.redhat.com/errata/RHSA-2018:0515",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:0515"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1397",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00033.html"
"url": "https://access.redhat.com/security/cve/CVE-2017-15135",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2017-15135"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525628",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1525628"
}
]
},
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Martin Poole (Red Hat)."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
]
}

1434
2017/15xxx/CVE-2017-15137.json
View File

File diff suppressed because it is too large Load Diff

150
2017/2xxx/CVE-2017-2596.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2596",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references."
"value": "Linux kernel built with the KVM visualization support (CONFIG_KVM), with nested visualization(nVMX) feature enabled(nested=1), is vulnerable to host memory leakage issue. It could occur while emulating VMXON instruction in 'handle_vmon'. An L1 guest user could use this flaw to leak host memory potentially resulting in DoS."
}
]
},
@ -44,43 +21,122 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Missing Release of Resource after Effective Lifetime",
"cweId": "CWE-772"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:3.10.0-693.rt56.617.el7",
"version_affected": "!"
},
{
"version_value": "0:3.10.0-693.el7",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1417812",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1417812"
"url": "http://www.debian.org/security/2017/dsa-3791",
"refsource": "MISC",
"name": "http://www.debian.org/security/2017/dsa-3791"
},
{
"name": "[oss-security] 20170131 CVE-2017-2596 Kernel: kvm: page reference leakage in handle_vmon",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/4"
"url": "https://access.redhat.com/errata/RHSA-2017:1842",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "95878",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95878"
"url": "https://access.redhat.com/errata/RHSA-2017:2077",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:2077",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2017/01/31/4"
},
{
"name": "RHSA-2017:1842",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
"url": "http://www.securityfocus.com/bid/95878",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/95878"
},
{
"name": "DSA-3791",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3791"
"url": "https://access.redhat.com/security/cve/CVE-2017-2596",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2017-2596"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1417812",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1417812"
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Dmitry Vyukov (Google Inc.) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:H/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
]
}

145
2017/2xxx/CVE-2017-2621.json
View File

@ -1,92 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2621",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "openstack-heat",
"version": {
"version_data": [
{
"version_value": "openstack-heat-8.0.0"
},
{
"version_value": "openstack-heat-6.1.0"
},
{
"version_value": "openstack-heat-7.0.2"
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information."
"value": "An access-control flaw was found in the OpenStack Orchestration (heat) service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.9/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-552"
"value": "Files or Directories Accessible to External Parties",
"cweId": "CWE-552"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat OpenStack Platform 10.0 (Newton)",
"version": {
"version_data": [
{
"version_value": "1:7.0.2-4.el7ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat OpenStack Platform 9.0 (Mitaka)",
"version": {
"version_data": [
{
"version_value": "1:6.1.0-3.el7ost",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2621",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2621"
"url": "http://www.securityfocus.com/bid/96280",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/96280"
},
{
"name": "RHSA-2017:1243",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1243"
"url": "https://access.redhat.com/errata/RHSA-2017:1243",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2017:1243"
},
{
"name": "RHSA-2017:1464",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1464"
"url": "https://access.redhat.com/errata/RHSA-2017:1464",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2017:1464"
},
{
"name": "96280",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96280"
"url": "https://access.redhat.com/security/cve/CVE-2017-2621",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2017-2621"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420990",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1420990"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2621",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2621"
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Hans Feldt (Ericsson) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
}
]
}

114
2017/2xxx/CVE-2017-2622.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2622",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "openstack-mistral",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -38,39 +15,88 @@
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.9/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-552"
"value": "Files or Directories Accessible to External Parties",
"cweId": "CWE-552"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat OpenStack Platform 10.0 (Newton)",
"version": {
"version_data": [
{
"version_value": "0:3.0.2-11.el7ost",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2622",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2622"
"url": "https://access.redhat.com/errata/RHSA-2017:1584",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2017:1584"
},
{
"name": "RHSA-2017:1584",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1584"
"url": "https://access.redhat.com/security/cve/CVE-2017-2622",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2017-2622"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420992",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1420992"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2622",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2622"
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Hans Feldt (Ericsson) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
}
]
}

113
2017/2xxx/CVE-2017-2628.json
View File

@ -1,41 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2017-03-29T00:00:00",
"ID": "CVE-2017-2628",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "curl",
"version": {
"version_data": [
{
"version_value": "7.19.7-53"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the fact that the HAVE_GSSAPI define was meanwhile substituted by USE_HTTP_NEGOTIATE. This issue was introduced in RHEL 6.7 and affects RHEL 6 curl only."
"value": "It was found that the fix for CVE-2015-3148 in curl was incomplete. An application using libcurl with HTTP Negotiate authentication could incorrectly re-use credentials for subsequent requests to the same server."
}
]
},
@ -45,28 +21,87 @@
"description": [
{
"lang": "eng",
"value": "CWE-287"
"value": "Improper Authentication",
"cweId": "CWE-287"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:7.19.7-53.el6_9",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:0847",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0847.html"
"url": "http://rhn.redhat.com/errata/RHSA-2017-0847.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2017-0847.html"
},
{
"name": "97187",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97187"
"url": "http://www.securityfocus.com/bid/97187",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/97187"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1422464",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1422464"
"url": "https://access.redhat.com/errata/RHSA-2017:0847",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2017:0847"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2017-2628",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2017-2628"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1422464",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1422464"
}
]
},
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Paulo Andrade (Red Hat)."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
]
}

207
2017/2xxx/CVE-2017-2647.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2647",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c."
"value": "A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges."
}
]
},
@ -44,63 +21,175 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-754.33.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.6 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-504.84.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:3.10.0-693.rt56.617.el7",
"version_affected": "!"
},
{
"version_value": "0:3.10.0-693.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.3 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:3.10.0-514.28.1.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "1:3.10.0-514.rt56.231.el6rt",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:2437",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2437"
"url": "https://usn.ubuntu.com/3849-1/",
"refsource": "MISC",
"name": "https://usn.ubuntu.com/3849-1/"
},
{
"name": "RHSA-2017:2444",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2444"
"url": "https://usn.ubuntu.com/3849-2/",
"refsource": "MISC",
"name": "https://usn.ubuntu.com/3849-2/"
},
{
"name": "97258",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97258"
"url": "https://access.redhat.com/errata/RHSA-2017:1842",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "https://github.com/torvalds/linux/commit/c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81"
"url": "https://access.redhat.com/errata/RHSA-2017:2077",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "USN-3849-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3849-1/"
"url": "https://access.redhat.com/errata/RHSA-2017:2437",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2017:2437"
},
{
"name": "USN-3849-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3849-2/"
"url": "https://access.redhat.com/errata/RHSA-2017:2444",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2017:2444"
},
{
"name": "RHSA-2017:2077",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81",
"refsource": "MISC",
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81"
},
{
"name": "RHSA-2017:1842",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
"url": "http://www.securityfocus.com/bid/97258",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/97258"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1428353",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428353"
"url": "https://access.redhat.com/errata/RHSA-2020:3548",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2020:3548"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81"
"url": "https://access.redhat.com/errata/RHSA-2020:3836",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2020:3836"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2017-2647",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2017-2647"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428353",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1428353"
},
{
"url": "https://github.com/torvalds/linux/commit/c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/c06cfb08b88dfbe13be44a69ae2fdc3a7c902d81"
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Andrey Ryabinin (Virtuozzo) and Igor Redko (Virtuozzo) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
}

121
2017/2xxx/CVE-2017-2662.json
View File

@ -1,76 +1,107 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2662",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "foreman katello plugin",
"version": {
"version_data": [
{
"version_value": "3.4.5"
}
]
}
}
]
},
"vendor_name": "The Foreman Project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in Foreman's katello plugin version 3.4.5. After setting a new role to allow restricted access on a repository with a filter (filter set on the Product Name), the filter is not respected when the actions are done via hammer using the repository id."
"value": "CVE-2017-2662 foreman: Managing repositories with their id via hammer does not respect the role filters"
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "4.3/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862"
"value": "Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Satellite 6.9 for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2.3.1.20-1.el7sat",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2662",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2662"
"url": "https://access.redhat.com/errata/RHSA-2021:1313",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:1313"
},
{
"name": "https://projects.theforeman.org/issues/18838",
"refsource": "CONFIRM",
"url": "https://projects.theforeman.org/issues/18838"
"url": "https://access.redhat.com/security/cve/CVE-2017-2662",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2017-2662"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1434106",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1434106"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2662",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2662"
},
{
"url": "https://projects.theforeman.org/issues/18838",
"refsource": "MISC",
"name": "https://projects.theforeman.org/issues/18838"
}
]
},
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Brad Buckingham (Red Hat)."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
]
}

107
2021/3xxx/CVE-2021-3442.json
View File

@ -1,25 +1,75 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3442",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the Red Hat OpenShift API Management product. User input is not validated allowing an authenticated user to inject scripts into some text boxes leading to a XSS attack. The highest threat from this vulnerability is to data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Externally-Controlled Format String",
"cweId": "CWE-134"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat OpenShift API Management.",
"product_name": "3scale API Management",
"version": {
"version_data": [
{
"version_value": "Affects v2.9.1 GA."
"version_value": "1.14.0-4",
"version_affected": "!"
},
{
"version_value": "2.11.0-16",
"version_affected": "!"
},
{
"version_value": "1.20.0-6",
"version_affected": "!"
},
{
"version_value": "1.14.0-3",
"version_affected": "!"
},
{
"version_value": "2.11.0-9",
"version_affected": "!"
},
{
"version_value": "1.4.16-38",
"version_affected": "!"
},
{
"version_value": "1.15.0-8",
"version_affected": "!"
},
{
"version_value": "1.6.0-7",
"version_affected": "!"
}
]
}
@ -30,37 +80,46 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 - Improper Input Validation -> CWE-134 - Use of Externally-Controlled Format String"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3442",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1930083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930083"
"name": "https://access.redhat.com/security/cve/CVE-2021-3442"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:3851",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3442",
"url": "https://access.redhat.com/security/cve/CVE-2021-3442"
"name": "https://access.redhat.com/errata/RHSA-2021:3851"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930083",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1930083"
}
]
},
"description": {
"description_data": [
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Or Asaf (Red Hat Product Security) and Siddharth Sharma (Red Hat Product Security)."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A flaw was found in the Red Hat OpenShift API Management product. User input is not validated allowing an authenticated user to inject scripts into some text boxes leading to a XSS attack. The highest threat from this vulnerability is to data confidentiality."
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
]
}

172
2021/3xxx/CVE-2021-3499.json
View File

@ -1,25 +1,139 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3499",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in OVN Kubernetes where the Egress Firewall does not reliably apply firewall rules when there is multiple dns rules. It could lead to potentially lose of confidentiality, integrity or availability of a service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Authorization",
"cweId": "CWE-863"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "openshift/ovn-kubernetes",
"product_name": "Red Hat OpenShift Container Platform 4.7",
"version": {
"version_data": [
{
"version_value": "All ovn-kubernetes versions up to and including 0.3.0"
"version_value": "v4.7.0-202105102252.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105010012.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105101449.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105061841.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105061754.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202104291920.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202104292145.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105072257.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202104302340.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105071917.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105060839.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105070703.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202104290851.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105071232.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105091821.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105062344.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105111107.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105071334.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105111940.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105071028.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105111858.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202104300003.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202104280847.p0",
"version_affected": "!"
},
{
"version_value": "v4.7.0-202105110735.p0",
"version_affected": "!"
}
]
}
@ -30,32 +144,46 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHBA-2021:1550",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1949188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1949188"
"name": "https://access.redhat.com/errata/RHBA-2021:1550"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3499",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3499"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1949188",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1949188"
}
]
},
"description": {
"description_data": [
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Michael Swenson (Red Hat)."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A vulnerability was found in OVN Kubernetes in versions up to and including 0.3.0 where the Egress Firewall does not reliably apply firewall rules when there is multiple DNS rules. It could lead to potentially lose of confidentiality, integrity or availability of a service."
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
]
}

108
2021/3xxx/CVE-2021-3507.json
View File

@ -1,25 +1,58 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3507",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap buffer overflow was found in the floppy disk emulator of QEMU. It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or potential information leakage from the host memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "QEMU",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "up to 6.0.0 (including)"
"version_value": "8070020220921004438.3b9f49c4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "17:7.0.0-13.el9",
"version_affected": "!"
}
]
}
@ -30,42 +63,61 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2022:7472",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1951118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951118"
"name": "https://access.redhat.com/errata/RHSA-2022:7472"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210528-0005/",
"url": "https://security.netapp.com/advisory/ntap-20210528-0005/"
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220905 [SECURITY] [DLA 3099-1] qemu security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html"
"url": "https://access.redhat.com/errata/RHSA-2022:7967",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:7967"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3507",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3507"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951118",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1951118"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210528-0005/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20210528-0005/"
}
]
},
"description": {
"description_data": [
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Alexander Bulekov for reporting this issue."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or potential information leakage from the host memory."
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:L",
"version": "3.1"
}
]
}

125
2021/3xxx/CVE-2021-3520.json
View File

@ -1,25 +1,66 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3520",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "lz4",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "lz4-1.8.3"
"version_value": "0:1.8.3-3.el8_4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Migration Toolkit for Containers 1.4",
"version": {
"version_data": [
{
"version_value": "v1.4.6-4",
"version_affected": "!"
},
{
"version_value": "v1.4.6-5",
"version_affected": "!"
},
{
"version_value": "v1.4.6-3",
"version_affected": "!"
}
]
}
@ -30,25 +71,8 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190->CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559"
},
{
"url": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
@ -65,17 +89,62 @@
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20211104-0005/",
"url": "https://security.netapp.com/advisory/ntap-20211104-0005/"
"url": "https://access.redhat.com/errata/RHBA-2021:2854",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHBA-2021:2854"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:2575",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:2575"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:1345",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:1345"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:5606",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:5606"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:6407",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:6407"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3520",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3520"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1954559"
},
{
"url": "https://security.netapp.com/advisory/ntap-20211104-0005/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20211104-0005/"
}
]
},
"description": {
"description_data": [
"impact": {
"cvss": [
{
"lang": "eng",
"value": "There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well."
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
]
}

125
2021/3xxx/CVE-2021-3521.json
View File

@ -1,25 +1,69 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3521",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a \"binding signature.\"[1] RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a malicious subkey to a legitimate public key, RPM could wrongly trust a malicious signature. The greatest impact of this flaw is to data integrity. 1. https://tools.ietf.org/html/rfc4880#section-5.2.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Verification of Cryptographic Signature",
"cweId": "CWE-347"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "RPM",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "Fixed in rpm-4.18.0-beta1, rpm-4.18.0-alpha2, rpm-4.18.0-alpha1 ."
"version_value": "0:4.14.3-19.el8_5.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:4.14.2-40.el8_2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:4.14.3-14.el8_4.2",
"version_affected": "!"
}
]
}
@ -30,52 +74,71 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347 - Improper Verification of Cryptographic Signature"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3521",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1941098",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941098"
"name": "https://access.redhat.com/security/cve/CVE-2021-3521"
},
{
"url": "https://github.com/rpm-software-management/rpm/pull/1795/",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3521",
"url": "https://access.redhat.com/security/cve/CVE-2021-3521"
"name": "https://github.com/rpm-software-management/rpm/pull/1795/"
},
{
"url": "https://github.com/rpm-software-management/rpm/commit/bd36c5dc9fb6d90c46fbfed8c2d67516fc571ec8",
"refsource": "MISC",
"name": "https://github.com/rpm-software-management/rpm/pull/1795/",
"url": "https://github.com/rpm-software-management/rpm/pull/1795/"
"name": "https://github.com/rpm-software-management/rpm/commit/bd36c5dc9fb6d90c46fbfed8c2d67516fc571ec8"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0254",
"refsource": "MISC",
"name": "https://github.com/rpm-software-management/rpm/commit/bd36c5dc9fb6d90c46fbfed8c2d67516fc571ec8",
"url": "https://github.com/rpm-software-management/rpm/commit/bd36c5dc9fb6d90c46fbfed8c2d67516fc571ec8"
"name": "https://access.redhat.com/errata/RHSA-2022:0254"
},
{
"refsource": "GENTOO",
"name": "GLSA-202210-22",
"url": "https://security.gentoo.org/glsa/202210-22"
"url": "https://access.redhat.com/errata/RHSA-2022:0368",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0368"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0634",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0634"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941098",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1941098"
},
{
"url": "https://security.gentoo.org/glsa/202210-22",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202210-22"
}
]
},
"description": {
"description_data": [
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Demi M. Obenour for reporting this issue."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a \"binding signature.\" RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a malicious subkey to a legitimate public key, RPM could wrongly trust a malicious signature. The greatest impact of this flaw is to data integrity. To exploit this flaw, an attacker must either compromise an RPM repository or convince an administrator to install an untrusted RPM or public key. It is strongly recommended to only use RPMs and public keys from trusted sources."
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
]
}

156
2021/3xxx/CVE-2021-3564.json
View File

@ -1,25 +1,66 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3564",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Double Free",
"cweId": "CWE-415"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "kernel",
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "All Linux kernel versions starting from 3.13"
"version_value": "0:3.10.0-1160.59.1.rt56.1200.el7",
"version_affected": "!"
},
{
"version_value": "0:3.10.0-1160.59.1.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "0:4.18.0-348.rt7.130.el8",
"version_affected": "!"
},
{
"version_value": "0:4.18.0-348.el8",
"version_affected": "!"
}
]
}
@ -30,57 +71,92 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-415"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20210525 CVE-2021-3564 Linux Bluetooth device initialization implementation bug",
"url": "http://www.openwall.com/lists/oss-security/2021/05/25/1"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210601 Re: CVE-2021-3564 Linux Bluetooth device initialization implementation bug",
"url": "http://www.openwall.com/lists/oss-security/2021/06/01/2"
},
{
"url": "https://www.openwall.com/lists/oss-security/2021/05/25/1",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1964139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964139"
"name": "https://www.openwall.com/lists/oss-security/2021/05/25/1"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2021/05/25/1",
"url": "https://www.openwall.com/lists/oss-security/2021/05/25/1"
"name": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
"url": "https://access.redhat.com/errata/RHSA-2021:4140",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:4140"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:4356",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:4356"
},
{
"url": "http://www.openwall.com/lists/oss-security/2021/05/25/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/05/25/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2021/06/01/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/06/01/2"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0620",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0620"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0622",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0622"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3564",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3564"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964139",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1964139"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank HaoXiong, LinMa (ckSec) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13."
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
]
}

102
2021/3xxx/CVE-2021-3575.json
View File

@ -1,25 +1,47 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3575",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap-based buffer overflow was found in OpenJPEG. This flaw allows an attacker to execute arbitrary code with the permissions of the application compiled against OpenJPEG."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "OpenJPEG",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "Afeects v2.4.0 and prior."
"version_value": "0:2.4.0-4.el8",
"version_affected": "!"
}
]
}
@ -30,52 +52,60 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "FEDORA",
"name": "FEDORA-2021-c1ac2ee5ee",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-e145f477df",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP/"
},
{
"url": "https://github.com/uclouvain/openjpeg/issues/1347",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1957616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957616"
"name": "https://github.com/uclouvain/openjpeg/issues/1347"
},
{
"url": "https://ubuntu.com/security/CVE-2021-3575",
"refsource": "MISC",
"name": "https://github.com/uclouvain/openjpeg/issues/1347",
"url": "https://github.com/uclouvain/openjpeg/issues/1347"
"name": "https://ubuntu.com/security/CVE-2021-3575"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:4251",
"refsource": "MISC",
"name": "https://ubuntu.com/security/CVE-2021-3575",
"url": "https://ubuntu.com/security/CVE-2021-3575"
"name": "https://access.redhat.com/errata/RHSA-2021:4251"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3575",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3575"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957616",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1957616"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP/"
}
]
},
"description": {
"description_data": [
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg."
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

185
2021/3xxx/CVE-2021-3609.json
View File

@ -1,25 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3609",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
"cweId": "CWE-362"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "kernel",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "Affects kernel v2.6.25 to v5.13-rc6"
"version_value": "0:4.18.0-305.12.1.rt7.84.el8_4",
"version_affected": "!"
},
{
"version_value": "0:4.18.0-305.12.1.el8_4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:4.18.0-147.54.2.el8_1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:4.18.0-193.64.1.rt13.115.el8_2",
"version_affected": "!"
},
{
"version_value": "0:4.18.0-193.64.1.el8_2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "0:4.4.7-20210804.0.el8_4",
"version_affected": "!"
}
]
}
@ -30,52 +93,112 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2021/06/19/1",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1971651",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1971651"
"name": "https://www.openwall.com/lists/oss-security/2021/06/19/1"
},
{
"url": "https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2021/06/19/1",
"url": "https://www.openwall.com/lists/oss-security/2021/06/19/1"
"name": "https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md"
},
{
"url": "https://github.com/torvalds/linux/commit/d5f9023fa61ee8b94f37a93f08e94b136cf1e463",
"refsource": "MISC",
"name": "https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md",
"url": "https://github.com/nrb547/kernel-exploitation/blob/main/cve-2021-3609/cve-2021-3609.md"
"name": "https://github.com/torvalds/linux/commit/d5f9023fa61ee8b94f37a93f08e94b136cf1e463"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:3044",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/d5f9023fa61ee8b94f37a93f08e94b136cf1e463",
"url": "https://github.com/torvalds/linux/commit/d5f9023fa61ee8b94f37a93f08e94b136cf1e463"
"name": "https://access.redhat.com/errata/RHSA-2021:3044"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220419-0004/",
"url": "https://security.netapp.com/advisory/ntap-20220419-0004/"
"url": "https://access.redhat.com/errata/RHSA-2021:3057",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:3057"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:3088",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:3088"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:3235",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:3235"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:3363",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:3363"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:3375",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:3375"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:3380",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:3380"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:3442",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:3442"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:3444",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:3444"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3609",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3609"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1971651",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1971651"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220419-0004/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20220419-0004/"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "As the CAN module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions:\n\n# echo \"install can-bcm /bin/true\" >> /etc/modprobe.d/disable-can-bcm.conf\n\nThe system will need to be restarted if the CAN modules are loaded. In most circumstances, the CAN kernel modules will be unable to be unloaded while any network interfaces are active and the protocol is in use.\n\nIf the system requires this module to work correctly, this mitigation may not be suitable.\n\nIf you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services."
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Norbert Slusarek for reporting this issue."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root."
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

96
2021/3xxx/CVE-2021-3611.json
View File

@ -1,25 +1,47 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3611",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "QEMU",
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "QEMU versions prior to 7.0.0"
"version_value": "17:7.0.0-13.el9",
"version_affected": "!"
}
]
}
@ -30,47 +52,61 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security.gentoo.org/glsa/202208-27",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1973784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973784"
"name": "https://security.gentoo.org/glsa/202208-27"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:7967",
"refsource": "MISC",
"name": "https://gitlab.com/qemu-project/qemu/-/issues/542",
"url": "https://gitlab.com/qemu-project/qemu/-/issues/542"
"name": "https://access.redhat.com/errata/RHSA-2022:7967"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220624-0001/",
"url": "https://security.netapp.com/advisory/ntap-20220624-0001/"
"url": "https://access.redhat.com/security/cve/CVE-2021-3611",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3611"
},
{
"refsource": "GENTOO",
"name": "GLSA-202208-27",
"url": "https://security.gentoo.org/glsa/202208-27"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973784",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1973784"
},
{
"url": "https://gitlab.com/qemu-project/qemu/-/issues/542",
"refsource": "MISC",
"name": "https://gitlab.com/qemu-project/qemu/-/issues/542"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220624-0001/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20220624-0001/"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0."
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
}
]
}

201
2021/3xxx/CVE-2021-3620.json
View File

@ -1,25 +1,140 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3620",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Generation of Error Message Containing Sensitive Information",
"cweId": "CWE-209"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "ansible",
"product_name": "Red Hat Ansible Automation Platform 2.0 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "Fixed in Ansible Engine v2.9.27"
"version_value": "0:2.9.27-1.el8ap",
"version_affected": "!"
},
{
"version_value": "0:2.11.6-1.el8ap",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Ansible Engine 2.9 for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2.9.27-1.el7ae",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Ansible Engine 2.9 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "0:2.9.27-1.el8ae",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Ansible Engine 2 for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2.9.27-1.el7ae",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Ansible Engine 2 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "0:2.9.27-1.el8ae",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "0:2.9.27-1.el8ae",
"version_affected": "!"
},
{
"version_value": "0:1.6.5-1.el8ev",
"version_affected": "!"
},
{
"version_value": "0:4.4.9-202111172338_8.5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "0:1.6.5-1.el8ev",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization Engine 4.4",
"version": {
"version_data": [
{
"version_value": "0:2.9.27-1.el8ae",
"version_affected": "!"
},
{
"version_value": "0:1.6.5-1.el8ev",
"version_affected": "!"
}
]
}
@ -30,42 +145,76 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-209 - Generation of Error Message Containing Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1975767",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975767"
"name": "https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes"
},
{
"url": "https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0",
"refsource": "MISC",
"name": "https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes",
"url": "https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes"
"name": "https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:3871",
"refsource": "MISC",
"name": "https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0",
"url": "https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0"
"name": "https://access.redhat.com/errata/RHSA-2021:3871"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:3872",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:3872"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:3874",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:3874"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:4703",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:4703"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:4750",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:4750"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3620",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3620"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975767",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1975767"
}
]
},
"description": {
"description_data": [
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Dalton Rardin for reporting this issue."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality."
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

77
2021/3xxx/CVE-2021-3639.json
View File

@ -1,25 +1,47 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3639",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threat from this liability is to confidentiality and integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "URL Redirection to Untrusted Site ('Open Redirect')",
"cweId": "CWE-601"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "mod_auth_mellon",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "Fixed in v0.18.0"
"version_value": "0:0.14.0-12.el8.1",
"version_affected": "!"
}
]
}
@ -30,42 +52,45 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3639",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1980648",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980648"
"name": "https://access.redhat.com/security/cve/CVE-2021-3639"
},
{
"url": "https://github.com/latchset/mod_auth_mellon/commit/42a11261b9dad2e48d70bdff7c53dd57a12db6f5",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3639",
"url": "https://access.redhat.com/security/cve/CVE-2021-3639"
"name": "https://github.com/latchset/mod_auth_mellon/commit/42a11261b9dad2e48d70bdff7c53dd57a12db6f5"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:1934",
"refsource": "MISC",
"name": "https://github.com/latchset/mod_auth_mellon/commit/42a11261b9dad2e48d70bdff7c53dd57a12db6f5",
"url": "https://github.com/latchset/mod_auth_mellon/commit/42a11261b9dad2e48d70bdff7c53dd57a12db6f5"
"name": "https://access.redhat.com/errata/RHSA-2022:1934"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980648",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1980648"
}
]
},
"description": {
"description_data": [
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threat from this liability is to confidentiality and integrity."
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
]
}

159
2021/3xxx/CVE-2021-3640.json
View File

@ -1,25 +1,66 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3640",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "kernel",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "Affects kernel v5.15.3 and prior, Fixed in v5.16-rc1 and above."
"version_value": "0:4.18.0-425.3.1.rt7.213.el8",
"version_affected": "!"
},
{
"version_value": "0:4.18.0-425.3.1.el8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "0:5.14.0-162.6.1.rt21.168.el9_1",
"version_affected": "!"
},
{
"version_value": "0:5.14.0-162.6.1.el9_1",
"version_affected": "!"
}
]
}
@ -30,72 +71,106 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'), CWE-416 - Use After Free."
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://ubuntu.com/security/CVE-2021-3640",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1980646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980646"
"name": "https://ubuntu.com/security/CVE-2021-3640"
},
{
"url": "https://www.openwall.com/lists/oss-security/2021/07/22/1",
"refsource": "MISC",
"name": "https://ubuntu.com/security/CVE-2021-3640",
"url": "https://ubuntu.com/security/CVE-2021-3640"
"name": "https://www.openwall.com/lists/oss-security/2021/07/22/1"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/bluetooth/sco.c?h=v5.16&id=99c23da0eed4fd20cae8243f2b51e10e66aa0951",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2021/07/22/1",
"url": "https://www.openwall.com/lists/oss-security/2021/07/22/1"
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/bluetooth/sco.c?h=v5.16&id=99c23da0eed4fd20cae8243f2b51e10e66aa0951"
},
{
"url": "https://github.com/torvalds/linux/commit/99c23da0eed4fd20cae8243f2b51e10e66aa0951",
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/bluetooth/sco.c?h=v5.16&id=99c23da0eed4fd20cae8243f2b51e10e66aa0951",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/bluetooth/sco.c?h=v5.16&id=99c23da0eed4fd20cae8243f2b51e10e66aa0951"
"name": "https://github.com/torvalds/linux/commit/99c23da0eed4fd20cae8243f2b51e10e66aa0951"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:7444",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/99c23da0eed4fd20cae8243f2b51e10e66aa0951",
"url": "https://github.com/torvalds/linux/commit/99c23da0eed4fd20cae8243f2b51e10e66aa0951"
"name": "https://access.redhat.com/errata/RHSA-2022:7444"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
"url": "https://access.redhat.com/errata/RHSA-2022:7683",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:7683"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
"url": "https://access.redhat.com/errata/RHSA-2022:7933",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:7933"
},
{
"refsource": "DEBIAN",
"name": "DSA-5096",
"url": "https://www.debian.org/security/2022/dsa-5096"
"url": "https://access.redhat.com/errata/RHSA-2022:8267",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:8267"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220419-0003/",
"url": "https://security.netapp.com/advisory/ntap-20220419-0003/"
"url": "https://access.redhat.com/security/cve/CVE-2021-3640",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3640"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980646",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1980646"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"url": "https://lkml.org/lkml/2021/8/28/238",
"refsource": "MISC",
"name": "https://lkml.org/lkml/2021/8/28/238"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220419-0003/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20220419-0003/"
},
{
"url": "https://www.debian.org/security/2022/dsa-5096",
"refsource": "MISC",
"name": "https://www.debian.org/security/2022/dsa-5096"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system."
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

82
2021/3xxx/CVE-2021-3660.json
View File

@ -1,25 +1,47 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3660",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cockpit (and its plugins) do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an <iFrame> HTML entry. This may be used by a malicious website in clickjacking or similar attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Rendered UI Layers or Frames",
"cweId": "CWE-1021"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "cockpit",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "Fixed in cockpit v254 and later."
"version_value": "0:264.1-1.el8",
"version_affected": "!"
}
]
}
@ -30,42 +52,50 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1021 - Improper Restriction of Rendered UI Layers or Frames"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/cockpit-project/cockpit/issues/16122",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1980688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980688"
"name": "https://github.com/cockpit-project/cockpit/issues/16122"
},
{
"url": "https://github.com/cockpit-project/cockpit/commit/8d9bc10d8128aae03dfde62fd00075fe492ead10",
"refsource": "MISC",
"name": "https://github.com/cockpit-project/cockpit/issues/16122",
"url": "https://github.com/cockpit-project/cockpit/issues/16122"
"name": "https://github.com/cockpit-project/cockpit/commit/8d9bc10d8128aae03dfde62fd00075fe492ead10"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:2008",
"refsource": "MISC",
"name": "https://github.com/cockpit-project/cockpit/commit/8d9bc10d8128aae03dfde62fd00075fe492ead10",
"url": "https://github.com/cockpit-project/cockpit/commit/8d9bc10d8128aae03dfde62fd00075fe492ead10"
"name": "https://access.redhat.com/errata/RHSA-2022:2008"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3660",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3660"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980688",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1980688"
}
]
},
"description": {
"description_data": [
"impact": {
"cvss": [
{
"lang": "eng",
"value": "Cockpit (and its plugins) do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an <iFrame> HTML entry. This may be used by a malicious website in clickjacking or similar attacks."
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
]
}

132
2021/3xxx/CVE-2021-3667.json
View File

@ -1,25 +1,69 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3667",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Locking",
"cweId": "CWE-667"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "libvirt",
"product_name": "Advanced Virtualization for RHEL 8.2.1",
"version": {
"version_data": [
{
"version_value": "Fixedin - libvert v7.6.0-rc1 and above"
"version_value": "8020120210917153657.863bb0db",
"version_affected": "!"
}
]
}
},
{
"product_name": "Advanced Virtualization for RHEL 8.4.0.Z",
"version": {
"version_data": [
{
"version_value": "8040020210922084349.522a0ee4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "8050020211001230723.b4937e53",
"version_affected": "!"
}
]
}
@ -30,52 +74,76 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-667 (improper Locking)"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://gitlab.com/libvirt/libvirt/-/commit/447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1986094",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986094"
"name": "https://gitlab.com/libvirt/libvirt/-/commit/447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:3703",
"refsource": "MISC",
"name": "https://libvirt.org/git/?p=libvirt.git;a=commit;h=447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87",
"url": "https://libvirt.org/git/?p=libvirt.git;a=commit;h=447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87"
"name": "https://access.redhat.com/errata/RHSA-2021:3703"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:3704",
"refsource": "MISC",
"name": "https://gitlab.com/libvirt/libvirt/-/commit/447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87",
"url": "https://gitlab.com/libvirt/libvirt/-/commit/447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87"
"name": "https://access.redhat.com/errata/RHSA-2021:3704"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220331-0005/",
"url": "https://security.netapp.com/advisory/ntap-20220331-0005/"
"url": "https://access.redhat.com/errata/RHSA-2021:4191",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:4191"
},
{
"refsource": "GENTOO",
"name": "GLSA-202210-06",
"url": "https://security.gentoo.org/glsa/202210-06"
"url": "https://access.redhat.com/security/cve/CVE-2021-3667",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3667"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986094",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1986094"
},
{
"url": "https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87",
"refsource": "MISC",
"name": "https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87"
},
{
"url": "https://security.gentoo.org/glsa/202210-06",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202210-06"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220331-0005/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20220331-0005/"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability."
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

96
2021/3xxx/CVE-2021-3669.json
View File

@ -1,25 +1,51 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3669",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption",
"cweId": "CWE-400"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "kernel",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "Not Known"
"version_value": "0:4.18.0-372.9.1.rt7.166.el8",
"version_affected": "!"
},
{
"version_value": "0:4.18.0-372.9.1.el8",
"version_affected": "!"
}
]
}
@ -30,47 +56,61 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 - Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980619",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1986473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986473"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1980619"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3669",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1980619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980619"
"name": "https://access.redhat.com/security/cve/CVE-2021-3669"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3669",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3669",
"url": "https://access.redhat.com/security/cve/CVE-2021-3669"
"name": "https://security-tracker.debian.org/tracker/CVE-2021-3669"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:1975",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2021-3669",
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3669"
"name": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:1988",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:1988"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986473",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1986473"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS."
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

191
2021/3xxx/CVE-2021-3688.json
View File

@ -1,25 +1,154 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3688",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat JBCS HTTP Server",
"product_name": "JBoss Core Services for RHEL 8",
"version": {
"version_data": [
{
"version_value": "Fixed in jbcs-httpd-2.4.37.SP10 GA"
"version_value": "0:1.6.3-107.el8jbcs",
"version_affected": "!"
},
{
"version_value": "0:1.6.1-84.el8jbcs",
"version_affected": "!"
},
{
"version_value": "0:7.78.0-2.el8jbcs",
"version_affected": "!"
},
{
"version_value": "0:2.4.37-78.el8jbcs",
"version_affected": "!"
},
{
"version_value": "0:1.3.16-9.Final_redhat_2.el8jbcs",
"version_affected": "!"
},
{
"version_value": "0:1.15.7-21.el8jbcs",
"version_affected": "!"
},
{
"version_value": "0:1.2.48-20.redhat_1.el8jbcs",
"version_affected": "!"
},
{
"version_value": "1:2.0.8-40.el8jbcs",
"version_affected": "!"
},
{
"version_value": "0:2.9.2-67.GA.el8jbcs",
"version_affected": "!"
},
{
"version_value": "0:1.39.2-39.el8jbcs",
"version_affected": "!"
},
{
"version_value": "1:1.1.1g-8.el8jbcs",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-7.el8jbcs",
"version_affected": "!"
},
{
"version_value": "0:0.4.10-22.el8jbcs",
"version_affected": "!"
}
]
}
},
{
"product_name": "JBoss Core Services on RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:1.6.3-107.jbcs.el7",
"version_affected": "!"
},
{
"version_value": "0:1.6.1-84.jbcs.el7",
"version_affected": "!"
},
{
"version_value": "0:7.78.0-2.jbcs.el7",
"version_affected": "!"
},
{
"version_value": "0:2.4.37-78.jbcs.el7",
"version_affected": "!"
},
{
"version_value": "0:1.3.16-9.Final_redhat_2.jbcs.el7",
"version_affected": "!"
},
{
"version_value": "0:1.15.7-21.jbcs.el7",
"version_affected": "!"
},
{
"version_value": "0:1.2.48-20.redhat_1.jbcs.el7",
"version_affected": "!"
},
{
"version_value": "1:2.0.8-40.jbcs.el7",
"version_affected": "!"
},
{
"version_value": "0:2.9.2-67.GA.jbcs.el7",
"version_affected": "!"
},
{
"version_value": "0:1.39.2-39.jbcs.el7",
"version_affected": "!"
},
{
"version_value": "1:1.1.1g-8.jbcs.el7",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-7.jbcs.el7",
"version_affected": "!"
},
{
"version_value": "0:0.4.10-22.jbcs.el7",
"version_affected": "!"
}
]
}
@ -30,37 +159,51 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3688",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252"
"name": "https://access.redhat.com/security/cve/CVE-2021-3688"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:4613",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3688",
"url": "https://access.redhat.com/security/cve/CVE-2021-3688"
"name": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"url": "https://access.redhat.com/errata/RHSA-2021:4614",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "Manually add LocationMatch directive to deny any possible problem requests in the JBCS httpd configuration. For example:\n~~~\n<LocationMatch \".*\\.\\.;.*\">\n Require all denied\n</LocationMatch>\n~~~"
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity."
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
]
}

127
2021/3xxx/CVE-2021-3743.json
View File

@ -1,25 +1,51 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3743",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Kernel",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "Affects linux kernel v5.14.0-rc6 and above."
"version_value": "0:4.18.0-372.9.1.rt7.166.el8",
"version_affected": "!"
},
{
"version_value": "0:4.18.0-372.9.1.el8",
"version_affected": "!"
}
]
}
@ -30,49 +56,32 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 - Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://lists.openwall.net/netdev/2021/08/17/124",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1997961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997961"
"name": "https://lists.openwall.net/netdev/2021/08/17/124"
},
{
"url": "https://www.openwall.com/lists/oss-security/2021/08/27/2",
"refsource": "MISC",
"name": "https://lists.openwall.net/netdev/2021/08/17/124",
"url": "https://lists.openwall.net/netdev/2021/08/17/124"
"name": "https://www.openwall.com/lists/oss-security/2021/08/27/2"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2021/08/27/2",
"url": "https://www.openwall.com/lists/oss-security/2021/08/27/2"
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e78c597c3ebfd0cb329aa09a838734147e4f117",
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb"
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e78c597c3ebfd0cb329aa09a838734147e4f117"
},
{
"url": "https://github.com/torvalds/linux/commit/7e78c597c3ebfd0cb329aa09a838734147e4f117",
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e78c597c3ebfd0cb329aa09a838734147e4f117",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e78c597c3ebfd0cb329aa09a838734147e4f117"
},
{
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/7e78c597c3ebfd0cb329aa09a838734147e4f117",
"url": "https://github.com/torvalds/linux/commit/7e78c597c3ebfd0cb329aa09a838734147e4f117"
"name": "https://github.com/torvalds/linux/commit/7e78c597c3ebfd0cb329aa09a838734147e4f117"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html",
@ -80,17 +89,59 @@
"name": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220407-0007/",
"url": "https://security.netapp.com/advisory/ntap-20220407-0007/"
"url": "https://access.redhat.com/errata/RHSA-2022:1975",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:1988",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:1988"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3743",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3743"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997961",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1997961"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220407-0007/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20220407-0007/"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Active Defense Lab (Venustech) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability."
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

167
2021/3xxx/CVE-2021-3744.json
View File

@ -1,25 +1,51 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3744",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the Linux kernel. A memory leak in the ccp-ops crypto driver can allow attackers to cause a denial of service. This vulnerability is similar with the older CVE-2019-18808. The highest threat from this vulnerability is to system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Release of Memory after Effective Lifetime",
"cweId": "CWE-401"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "kernel",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "Fixed in v5.15-rc4 and above."
"version_value": "0:4.18.0-372.9.1.rt7.166.el8",
"version_affected": "!"
},
{
"version_value": "0:4.18.0-372.9.1.el8",
"version_affected": "!"
}
]
}
@ -30,82 +56,101 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-401"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20210914 Disclosure: CVE-2021-3744: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()",
"url": "http://www.openwall.com/lists/oss-security/2021/09/14/1"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-79cbbefebe",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-ffda3d6fa1",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-9dd76a1ed0",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/"
},
{
"url": "https://seclists.org/oss-sec/2021/q3/164",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2000627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000627"
"name": "https://seclists.org/oss-sec/2021/q3/164"
},
{
"url": "https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0",
"refsource": "MISC",
"name": "https://seclists.org/oss-sec/2021/q3/164",
"url": "https://seclists.org/oss-sec/2021/q3/164"
"name": "https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0"
},
{
"url": "https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680",
"refsource": "MISC",
"name": "https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0",
"url": "https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0"
},
{
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680",
"url": "https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-5096",
"url": "https://www.debian.org/security/2022/dsa-5096"
"name": "https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:1975",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:1988",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:1988"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"url": "https://www.debian.org/security/2022/dsa-5096",
"refsource": "MISC",
"name": "https://www.debian.org/security/2022/dsa-5096"
},
{
"url": "http://www.openwall.com/lists/oss-security/2021/09/14/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2021/09/14/1"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3744",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3744"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000627",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2000627"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation baser or stability."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808."
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

106
2021/3xxx/CVE-2021-3750.json
View File

@ -1,25 +1,47 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3750",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions (such as reset) while the device is still transferring packets. This can ultimately lead to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, or potentially execute arbitrary code within the context of the QEMU process on the host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "QEMU",
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "QEMU before version 7.0.0"
"version_value": "17:7.0.0-13.el9",
"version_affected": "!"
}
]
}
@ -30,52 +52,72 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://gitlab.com/qemu-project/qemu/-/issues/541",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1999073",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999073"
"name": "https://gitlab.com/qemu-project/qemu/-/issues/541"
},
{
"url": "https://gitlab.com/qemu-project/qemu/-/issues/556",
"refsource": "MISC",
"name": "https://gitlab.com/qemu-project/qemu/-/issues/541",
"url": "https://gitlab.com/qemu-project/qemu/-/issues/541"
"name": "https://gitlab.com/qemu-project/qemu/-/issues/556"
},
{
"url": "https://security.gentoo.org/glsa/202208-27",
"refsource": "MISC",
"name": "https://gitlab.com/qemu-project/qemu/-/issues/556",
"url": "https://gitlab.com/qemu-project/qemu/-/issues/556"
"name": "https://security.gentoo.org/glsa/202208-27"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220624-0003/",
"url": "https://security.netapp.com/advisory/ntap-20220624-0003/"
"url": "https://access.redhat.com/errata/RHSA-2022:7967",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:7967"
},
{
"refsource": "GENTOO",
"name": "GLSA-202208-27",
"url": "https://security.gentoo.org/glsa/202208-27"
"url": "https://access.redhat.com/security/cve/CVE-2021-3750",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3750"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999073",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1999073"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220624-0003/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20220624-0003/"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Alexander Bulekov, Gaoning Pan (Zhejiang University), Haoran Qin (Sangfor), Qiuhao Li, Xiao Wei, Xingwei Lin (Ant Security Light-Year Lab), and Zhiniang Peng (Sangfor) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions (such as reset) while the device is still transferring packets. This can ultimately lead to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, or potentially execute arbitrary code within the context of the QEMU process on the host. This flaw affects QEMU versions before 7.0.0."
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

133
2021/3xxx/CVE-2021-3772.json
View File

@ -1,25 +1,51 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3772",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Validation of Integrity Check Value",
"cweId": "CWE-354"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "kernel",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "Fixed in linux kernel v5.15 and above"
"version_value": "0:4.18.0-372.9.1.rt7.166.el8",
"version_affected": "!"
},
{
"version_value": "0:4.18.0-372.9.1.el8",
"version_affected": "!"
}
]
}
@ -30,49 +56,22 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-354 - Improper Validation of Integrity Check Value"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://ubuntu.com/security/CVE-2021-3772",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694"
"name": "https://ubuntu.com/security/CVE-2021-3772"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df",
"refsource": "MISC",
"name": "https://ubuntu.com/security/CVE-2021-3772",
"url": "https://ubuntu.com/security/CVE-2021-3772"
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df"
},
{
"url": "https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df",
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df"
},
{
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df",
"url": "https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-5096",
"url": "https://www.debian.org/security/2022/dsa-5096"
"name": "https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html",
@ -80,17 +79,63 @@
"name": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20221007-0001/",
"url": "https://security.netapp.com/advisory/ntap-20221007-0001/"
"url": "https://access.redhat.com/errata/RHSA-2022:1975",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:1988",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:1988"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"
},
{
"url": "https://www.debian.org/security/2022/dsa-5096",
"refsource": "MISC",
"name": "https://www.debian.org/security/2022/dsa-5096"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3772",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3772"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694"
},
{
"url": "https://security.netapp.com/advisory/ntap-20221007-0001/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20221007-0001/"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "As the SCTP module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions:\nif\n# echo \"install sctp /bin/true\" >> /etc/modprobe.d/disable-sctp.conf\n\nThe system will need to be restarted if the SCTP modules are loaded. In most circumstances, the SCTP kernel modules will be unable to be unloaded while any network interfaces are active and the protocol is in use.\n\nIf the system requires this module to work correctly, this mitigation may not be suitable.\n\nIf you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses."
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

87
2021/3xxx/CVE-2021-3798.json
View File

@ -1,25 +1,47 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3798",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObject, nor when C_DeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "opencryptoki",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "Fixed in v3.17.0"
"version_value": "0:3.15.1-6.el8_4",
"version_affected": "!"
}
]
}
@ -30,47 +52,56 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3798",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1990591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990591"
"name": "https://access.redhat.com/security/cve/CVE-2021-3798"
},
{
"url": "https://github.com/opencryptoki/opencryptoki/pull/402",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3798",
"url": "https://access.redhat.com/security/cve/CVE-2021-3798"
"name": "https://github.com/opencryptoki/opencryptoki/pull/402"
},
{
"url": "https://github.com/opencryptoki/opencryptoki/commit/4e3b43c3d8844402c04a66b55c6c940f965109f0",
"refsource": "MISC",
"name": "https://github.com/opencryptoki/opencryptoki/pull/402",
"url": "https://github.com/opencryptoki/opencryptoki/pull/402"
"name": "https://github.com/opencryptoki/opencryptoki/commit/4e3b43c3d8844402c04a66b55c6c940f965109f0"
},
{
"url": "https://access.redhat.com/errata/RHBA-2021:3054",
"refsource": "MISC",
"name": "https://github.com/opencryptoki/opencryptoki/commit/4e3b43c3d8844402c04a66b55c6c940f965109f0",
"url": "https://github.com/opencryptoki/opencryptoki/commit/4e3b43c3d8844402c04a66b55c6c940f965109f0"
"name": "https://access.redhat.com/errata/RHBA-2021:3054"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990591",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1990591"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObject, nor when C_DeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack."
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

113
2021/3xxx/CVE-2021-3979.json
View File

@ -1,25 +1,58 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3979",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of a Cryptographic Primitive with a Risky Implementation",
"cweId": "CWE-1240"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "ceph",
"product_name": "Red Hat Ceph Storage 4.3",
"version": {
"version_data": [
{
"version_value": "Not-Known"
"version_value": "2:14.2.22-110.el8cp",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Ceph Storage 5.1",
"version": {
"version_data": [
{
"version_value": "2:16.2.7-98.el8cp",
"version_affected": "!"
}
]
}
@ -30,57 +63,71 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-327 - Use of a Broken or Risky Cryptographic Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3979",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2024788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024788"
"name": "https://access.redhat.com/security/cve/CVE-2021-3979"
},
{
"url": "https://tracker.ceph.com/issues/54006",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3979",
"url": "https://access.redhat.com/security/cve/CVE-2021-3979"
"name": "https://tracker.ceph.com/issues/54006"
},
{
"url": "https://github.com/ceph/ceph/pull/44765",
"refsource": "MISC",
"name": "https://tracker.ceph.com/issues/54006",
"url": "https://tracker.ceph.com/issues/54006"
"name": "https://github.com/ceph/ceph/pull/44765"
},
{
"url": "https://github.com/ceph/ceph/commit/47c33179f9a15ae95cc1579a421be89378602656",
"refsource": "MISC",
"name": "https://github.com/ceph/ceph/pull/44765",
"url": "https://github.com/ceph/ceph/pull/44765"
"name": "https://github.com/ceph/ceph/commit/47c33179f9a15ae95cc1579a421be89378602656"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:1716",
"refsource": "MISC",
"name": "https://github.com/ceph/ceph/commit/47c33179f9a15ae95cc1579a421be89378602656",
"url": "https://github.com/ceph/ceph/commit/47c33179f9a15ae95cc1579a421be89378602656"
"name": "https://access.redhat.com/errata/RHSA-2022:1716"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-d832fd2f45",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPOK44BESMIFW6BIOGCN452AKKOIIT6Q/"
"url": "https://access.redhat.com/errata/RHSA-2022:1174",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:1174"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024788",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2024788"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPOK44BESMIFW6BIOGCN452AKKOIIT6Q/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPOK44BESMIFW6BIOGCN452AKKOIIT6Q/"
}
]
},
"description": {
"description_data": [
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Mark Kirkwood (Catalyst Cloud) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks."
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
]
}

96
2021/3xxx/CVE-2021-3981.json
View File

@ -1,25 +1,47 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3981",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventually read any encrypted passwords present in grub.cfg."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Default Permissions",
"cweId": "CWE-276"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "grub2",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "grub2 2.06 and previous versions"
"version_value": "1:2.02-123.el8",
"version_affected": "!"
}
]
}
@ -30,42 +52,56 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "FEDORA",
"name": "FEDORA-2021-73d63662b0",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AI776L35DDYPCSAAJPJM3ZEQYSFZHBJX/"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:2110",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2024170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024170"
"name": "https://access.redhat.com/errata/RHSA-2022:2110"
},
{
"refsource": "GENTOO",
"name": "GLSA-202209-12",
"url": "https://security.gentoo.org/glsa/202209-12"
"url": "https://access.redhat.com/security/cve/CVE-2021-3981",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3981"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024170",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2024170"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AI776L35DDYPCSAAJPJM3ZEQYSFZHBJX/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AI776L35DDYPCSAAJPJM3ZEQYSFZHBJX/"
},
{
"url": "https://security.gentoo.org/glsa/202209-12",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202209-12"
}
]
},
"description": {
"description_data": [
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Fabian Vogt (Suse) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventually read any encrypted passwords present in grub.cfg. This flaw affects grub2 2.06 and previous versions. This issue has been fixed in grub upstream but no version with the fix is currently released."
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
}

113
2021/3xxx/CVE-2021-3999.json
View File

@ -1,25 +1,47 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3999",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Off-by-one Error",
"cweId": "CWE-193"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "glibc",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "Fixed in glibc v2.31 and above."
"version_value": "0:2.28-164.el8_5.3",
"version_affected": "!"
}
]
}
@ -30,67 +52,82 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-193 - Off-by-one Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2022/01/24/4",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2022/01/24/4",
"url": "https://www.openwall.com/lists/oss-security/2022/01/24/4"
"name": "https://www.openwall.com/lists/oss-security/2022/01/24/4"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769",
"refsource": "MISC",
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769"
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3999",
"refsource": "MISC",
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e"
"name": "https://access.redhat.com/security/cve/CVE-2021-3999"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3999",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637"
"name": "https://security-tracker.debian.org/tracker/CVE-2021-3999"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0896",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3999",
"url": "https://access.redhat.com/security/cve/CVE-2021-3999"
"name": "https://access.redhat.com/errata/RHSA-2022:0896"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2021-3999",
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3999"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20221104-0001/",
"url": "https://security.netapp.com/advisory/ntap-20221104-0001/"
"url": "https://security.netapp.com/advisory/ntap-20221104-0001/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20221104-0001/"
},
{
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e",
"refsource": "MISC",
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Qualys Research Labs for reporting this issue."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system."
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

352
2021/4xxx/CVE-2021-4034.json
View File

@ -1,25 +1,212 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4034",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "CVE-2021-4034 polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "polkit",
"product_name": "Red Hat Enterprise Linux 6 Extended Lifecycle Support",
"version": {
"version_data": [
{
"version_value": "all"
"version_value": "0:0.96-11.el6_10.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:0.112-26.el7_9.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.3 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.112-12.el7_3.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.4 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.112-12.el7_4.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.6 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.112-18.el7_6.3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.6 Telco Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.112-18.el7_6.3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "0:0.112-18.el7_6.3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.112-22.el7_7.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.7 Telco Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.112-22.el7_7.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "0:0.112-22.el7_7.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "0:0.115-13.el8_5.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "0:0.115-9.el8_1.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.115-11.el8_2.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.115-11.el8_4.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:4.3.21-20220126.0.el7_9",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "0:4.4.10-202202081536_8.5",
"version_affected": "!"
}
]
}
@ -30,39 +217,17 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "(CWE-787|CWE-125)"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"refsource": "MISC",
"name": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
"name": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"url": "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683",
"refsource": "MISC",
"name": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"refsource": "MISC",
"name": "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683",
"url": "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683"
"name": "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
@ -70,37 +235,134 @@
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html"
"name": "http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html"
},
{
"url": "http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html"
"name": "http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html"
},
{
"url": "https://www.suse.com/support/kb/doc/?id=000020564",
"refsource": "MISC",
"name": "https://www.suse.com/support/kb/doc/?id=000020564",
"url": "https://www.suse.com/support/kb/doc/?id=000020564"
"name": "https://www.suse.com/support/kb/doc/?id=000020564"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf"
"url": "https://access.redhat.com/errata/RHSA-2022:0265",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0265"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0266",
"refsource": "MISC",
"name": "https://www.starwindsoftware.com/security/sw-20220818-0001/",
"url": "https://www.starwindsoftware.com/security/sw-20220818-0001/"
"name": "https://access.redhat.com/errata/RHSA-2022:0266"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0267",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0267"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0268",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0268"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0269",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0269"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0270",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0270"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0271",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0271"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0272",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0272"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0273",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0273"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0274",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0274"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0443",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0443"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0540",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0540"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-4034",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-4034"
},
{
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"refsource": "MISC",
"name": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf"
},
{
"url": "https://www.starwindsoftware.com/security/sw-20220818-0001/",
"refsource": "MISC",
"name": "https://www.starwindsoftware.com/security/sw-20220818-0001/"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "For customers who cannot update immediately and doesn't have Secure Boot feature enabled, the issue can be mitigated by executing the following steps:\n\n1) Install required systemtap packages and dependencies as per - pointed by https://access.redhat.com/solutions/5441\n\n2) Install polkit debug info:\n ~~~\n debuginfo-install polkit\n ~~~\n\n3) Create the following systemtap script, and name it pkexec-block.stp:\n ~~~\n probe process(\"/usr/bin/pkexec\").function(\"main\") {\n if (cmdline_arg(1) == \"\")\n raise(9);\n}\n~~~\n\n4) Load the systemtap module into the running kernel:\n ~~~\n stap -g -F -m stap_pkexec_block pkexec_block.stp\n ~~~\n\n5) Ensure the module is loaded:\n ~~~\n lsmod | grep -i stap_pkexec_block\nstap_pkexec_block 434176 0\n~~~\n\n6) Once polkit package was updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n ~~~\n rmmod stap_pkexec_block\n ~~~\n\nThis mitigation doesn't work for Secure Boot enabled system as SystemTap would require an external compiling server to be able to sign the generated kernel module\nwith a key enrolled into the Kernel's keyring."
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Qualys Research Labs for reporting this issue."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine."
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

74
2021/4xxx/CVE-2021-4047.json
View File

@ -1,25 +1,47 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4047",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue was only affects OpenShift 4.9."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "OpenShift",
"product_name": "Red Hat OpenShift Container Platform 4.9",
"version": {
"version_data": [
{
"version_value": "OpenShift 4.9"
"version_value": "0:2.2.15-3.el8",
"version_affected": "!"
}
]
}
@ -30,32 +52,40 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2021:5002",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2027881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027881"
"name": "https://access.redhat.com/errata/RHSA-2021:5002"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-4047",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-4047"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027881",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2027881"
}
]
},
"description": {
"description_data": [
"impact": {
"cvss": [
{
"lang": "eng",
"value": "The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue only affects Red Hat OpenShift 4.9."
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
]
}

106
2021/4xxx/CVE-2021-4112.json
View File

@ -1,25 +1,58 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4112",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Files or Directories Accessible to External Parties",
"cweId": "CWE-552"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "ansible-tower",
"product_name": "Red Hat Ansible Automation Platform 2.0 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "Fixed in ansible-tower 3.8.5"
"version_value": "0:2.0.3-3.el8ap",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Ansible Automation Platform 2.1 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "0:2.1.1-2.el8ap",
"version_affected": "!"
}
]
}
@ -30,37 +63,62 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-552 - Files or Directories Accessible to External Parties"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2021-4112",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2028121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028121"
"name": "https://access.redhat.com/security/cve/CVE-2021-4112"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0460",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-4112",
"url": "https://access.redhat.com/security/cve/CVE-2021-4112"
"name": "https://access.redhat.com/errata/RHSA-2022:0460"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0474",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0474"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0482",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0482"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028121",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2028121"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "Red Hat has investigated whether possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Matei Mal Badanoiu (Deloitte Romania) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment."
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

124
2021/4xxx/CVE-2021-4142.json
View File

@ -1,25 +1,69 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4142",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication",
"cweId": "CWE-287"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "candlepin",
"product_name": "Red Hat Satellite 6.10 for RHEL 7",
"version": {
"version_data": [
{
"version_value": "Affects v3.1.28-2, v3.2.21-1, v4.1.8-1 and earlier are affected."
"version_value": "0:4.0.15-1.el7sat",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Satellite 6.11 for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:6.11.0-2.el7sat",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Satellite 6.11 for RHEL 8",
"version": {
"version_data": [
{
"version_value": "0:6.11.0-2.el8sat",
"version_affected": "!"
}
]
}
@ -30,52 +74,72 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-639 - Authorization Bypass Through User-Controlled Key -> CWE-287 - Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2021-4142",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2034346",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034346"
"name": "https://access.redhat.com/security/cve/CVE-2021-4142"
},
{
"url": "https://github.com/candlepin/candlepin/pull/3199",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-4142",
"url": "https://access.redhat.com/security/cve/CVE-2021-4142"
"name": "https://github.com/candlepin/candlepin/pull/3199"
},
{
"url": "https://github.com/candlepin/candlepin/pull/3197",
"refsource": "MISC",
"name": "https://github.com/candlepin/candlepin/pull/3199",
"url": "https://github.com/candlepin/candlepin/pull/3199"
"name": "https://github.com/candlepin/candlepin/pull/3197"
},
{
"url": "https://github.com/candlepin/candlepin/pull/3198",
"refsource": "MISC",
"name": "https://github.com/candlepin/candlepin/pull/3197",
"url": "https://github.com/candlepin/candlepin/pull/3197"
"name": "https://github.com/candlepin/candlepin/pull/3198"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0790",
"refsource": "MISC",
"name": "https://github.com/candlepin/candlepin/pull/3198",
"url": "https://github.com/candlepin/candlepin/pull/3198"
"name": "https://access.redhat.com/errata/RHSA-2022:0790"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:5498",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:5498"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034346",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2034346"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is not available because it doesn't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"credits": [
{
"lang": "en",
"value": " Upstream acknowledges Barnaby Court and Nikolaos Moumoulidis as the original reporters."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "The Candlepin component of Red Hat Satellite was affected by an improper authentication flaw. Few factors could allow an attacker to use the SCA (simple content access) certificate for authentication with Candlepin."
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

107
2021/4xxx/CVE-2021-4158.json
View File

@ -1,25 +1,58 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4158",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "QEMU",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "Affects v6.0.0 and above."
"version_value": "8060020220408104655.d63f516d",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "17:7.0.0-13.el9",
"version_affected": "!"
}
]
}
@ -30,52 +63,66 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476 - NULL Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://gitlab.com/qemu-project/qemu/-/issues/770",
"refsource": "MISC",
"name": "https://gitlab.com/qemu-project/qemu/-/issues/770",
"url": "https://gitlab.com/qemu-project/qemu/-/issues/770"
"name": "https://gitlab.com/qemu-project/qemu/-/issues/770"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-4158",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2035002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035002"
"name": "https://access.redhat.com/security/cve/CVE-2021-4158"
},
{
"url": "https://gitlab.com/qemu-project/qemu/-/commit/9bd6565ccee68f72d5012e24646e12a1c662827e",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-4158",
"url": "https://access.redhat.com/security/cve/CVE-2021-4158"
"name": "https://gitlab.com/qemu-project/qemu/-/commit/9bd6565ccee68f72d5012e24646e12a1c662827e"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:1759",
"refsource": "MISC",
"name": "https://www.mail-archive.com/qemu-devel@nongnu.org/msg857944.html",
"url": "https://www.mail-archive.com/qemu-devel@nongnu.org/msg857944.html"
"name": "https://access.redhat.com/errata/RHSA-2022:1759"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:7967",
"refsource": "MISC",
"name": "https://gitlab.com/qemu-project/qemu/-/commit/9bd6565ccee68f72d5012e24646e12a1c662827e",
"url": "https://gitlab.com/qemu-project/qemu/-/commit/9bd6565ccee68f72d5012e24646e12a1c662827e"
"name": "https://access.redhat.com/errata/RHSA-2022:7967"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035002",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2035002"
},
{
"url": "https://www.mail-archive.com/qemu-devel%40nongnu.org/msg857944.html",
"refsource": "MISC",
"name": "https://www.mail-archive.com/qemu-devel%40nongnu.org/msg857944.html"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition."
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
]
}

123
2022/0xxx/CVE-2022-0168.json
View File

@ -1,25 +1,66 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-0168",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A denial of service (DOS) issue was found in the Linux kernel\u2019s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "kernel",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "Affects v5.4\u20135.12, v5.13-rc+HEAD"
"version_value": "0:4.18.0-425.3.1.rt7.213.el8",
"version_affected": "!"
},
{
"version_value": "0:4.18.0-425.3.1.el8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "0:5.14.0-162.6.1.rt21.168.el9_1",
"version_affected": "!"
},
{
"version_value": "0:5.14.0-162.6.1.el9_1",
"version_affected": "!"
}
]
}
@ -30,42 +71,72 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476 - NULL Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2022-0168",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2037386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037386"
"name": "https://access.redhat.com/security/cve/CVE-2022-0168"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d6f5e358452479fa8a773b5c6ccc9e4ec5a20880",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2022-0168",
"url": "https://access.redhat.com/security/cve/CVE-2022-0168"
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d6f5e358452479fa8a773b5c6ccc9e4ec5a20880"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:7444",
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d6f5e358452479fa8a773b5c6ccc9e4ec5a20880",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d6f5e358452479fa8a773b5c6ccc9e4ec5a20880"
"name": "https://access.redhat.com/errata/RHSA-2022:7444"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:7683",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:7683"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:7933",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:7933"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:8267",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:8267"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037386",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2037386"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Billy Jheng Bing Jhong (STAR Labs) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A denial of service (DOS) issue was found in the Linux kernel\u2019s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system."
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

169
2022/0xxx/CVE-2022-0185.json
View File

@ -1,25 +1,77 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-0185",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "kernel",
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "8.4"
"version_value": "0:4.18.0-348.12.2.rt7.143.el8_5",
"version_affected": "!"
},
{
"version_value": "0:4.18.0-348.12.2.el8_5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:4.18.0-305.34.2.rt7.107.el8_4",
"version_affected": "!"
},
{
"version_value": "0:4.18.0-305.34.2.el8_4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "0:4.4.10-202202081536_8.5",
"version_affected": "!"
}
]
}
@ -30,52 +82,107 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow or Wraparound CWE-190"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2",
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2"
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2"
},
{
"url": "https://github.com/Crusaders-of-Rust/CVE-2022-0185",
"refsource": "MISC",
"name": "https://github.com/Crusaders-of-Rust/CVE-2022-0185",
"url": "https://github.com/Crusaders-of-Rust/CVE-2022-0185"
"name": "https://github.com/Crusaders-of-Rust/CVE-2022-0185"
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/7",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2022/01/18/7",
"url": "https://www.openwall.com/lists/oss-security/2022/01/18/7"
"name": "https://www.openwall.com/lists/oss-security/2022/01/18/7"
},
{
"url": "https://www.willsroot.io/2022/01/cve-2022-0185.html",
"refsource": "MISC",
"name": "https://www.willsroot.io/2022/01/cve-2022-0185.html",
"url": "https://www.willsroot.io/2022/01/cve-2022-0185.html"
"name": "https://www.willsroot.io/2022/01/cve-2022-0185.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20220225-0003/",
"url": "https://security.netapp.com/advisory/ntap-20220225-0003/"
"url": "https://access.redhat.com/errata/RHSA-2022:0540",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0540"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0176",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0176"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0186",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0186"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0187",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0187"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0188",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0188"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0231",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0231"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0232",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0232"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2022-0185",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2022-0185"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040358",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2040358"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220225-0003/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20220225-0003/"
}
]
},
"description": {
"description_data": [
"work_around": [
{
"lang": "en",
"value": "On non-containerized deployments of Red Hat Enterprise Linux 8, you can disable user namespaces by setting user.max_user_namespaces to 0:\n\n# echo \"user.max_user_namespaces=0\" > /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf\n\nOn containerized deployments, such as Red Hat OpenShift Container Platform, do not use this mitigation as the functionality is needed to be enabled."
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Alec Petridis (alecthechop@gmail.com), Hrvoje Mi\u0161eti\u0107 (misetichrvoje@gmail.com), Isaac Badipe (isaac.badipe@gmail.com), Jamie Hill-Daniel (jamie@hill-daniel.co.uk), Philip Papurt (g@gnk.io), and William Liu (willsroot@protonmail.com) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system."
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

18
2023/25xxx/CVE-2023-25116.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25116",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/25xxx/CVE-2023-25117.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25117",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/25xxx/CVE-2023-25118.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25118",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/25xxx/CVE-2023-25119.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25119",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/25xxx/CVE-2023-25120.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25120",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/25xxx/CVE-2023-25121.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25121",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/25xxx/CVE-2023-25122.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25122",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/25xxx/CVE-2023-25123.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25123",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/25xxx/CVE-2023-25124.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25124",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}