admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-09-12T14:00:29.248440+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-09-12 14:03:30 +00:00
parent dc6fc87062
commit d1249b1afa
156 changed files with 5807 additions and 533 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
CVE-2021/CVE-2021-225xx/CVE-2021-22503.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2021-22503",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:08.203",
"lastModified": "2024-09-12T13:15:08.203",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Possible \nImproper Neutralization of Input During Web Page Generation Vulnerability\n\nin eDirectory has been discovered in\nOpenText\u2122 eDirectory 9.2.3.0000."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@opentext.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@opentext.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.netiq.com/documentation/edirectory-92/edirectory924_releasenotes/data/edirectory924_releasenotes.html",
"source": "security@opentext.com"
}
]
}

56
CVE-2021/CVE-2021-225xx/CVE-2021-22518.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2021-22518",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:08.553",
"lastModified": "2024-09-12T13:15:08.553",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability identified in OpenText\u2122 \nIdentity Manager AzureAD Driver that allows logging of sensitive information into log file. This impacts all versions before 5.1.4.0"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@opentext.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.3,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "security@opentext.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"references": [
{
"url": "https://www.netiq.com/documentation/identity-manager-48-drivers/AzureADDriver514/data/AzureADDriver514.html",
"source": "security@opentext.com"
}
]
}

56
CVE-2021/CVE-2021-225xx/CVE-2021-22532.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2021-22532",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:08.837",
"lastModified": "2024-09-12T13:15:08.837",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Possible\u00a0NLDAP Denial of Service attack Vulnerability\n\nin eDirectory has been discovered in\nOpenText\u2122 \neDirectory before 9.2.4.0000."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@opentext.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security@opentext.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://www.netiq.com/documentation/edirectory-92/edirectory925_releasenotes/data/edirectory925_releasenotes.html",
"source": "security@opentext.com"
}
]
}

56
CVE-2021/CVE-2021-225xx/CVE-2021-22533.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2021-22533",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:09.137",
"lastModified": "2024-09-12T13:15:09.137",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Possible Insertion of Sensitive Information into Log File Vulnerability\n\nin eDirectory has been discovered in\nOpenText\u2122 eDirectory 9.2.4.0000."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@opentext.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security@opentext.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"references": [
{
"url": "https://www.netiq.com/documentation/edirectory-92/edirectory925_releasenotes/data/edirectory925_releasenotes.html",
"source": "security@opentext.com"
}
]
}

56
CVE-2021/CVE-2021-381xx/CVE-2021-38131.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2021-38131",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:09.700",
"lastModified": "2024-09-12T13:15:09.700",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Possible Cross-Site Scripting (XSS) Vulnerability\n\nin eDirectory has been discovered in\nOpenText\u2122 eDirectory 9.2.5.0000."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@opentext.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@opentext.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.netiq.com/documentation/edirectory-92/edirectory926_releasenotes/data/edirectory926_releasenotes.html",
"source": "security@opentext.com"
}
]
}

56
CVE-2021/CVE-2021-381xx/CVE-2021-38132.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2021-38132",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:10.050",
"lastModified": "2024-09-12T13:15:10.050",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Possible \nExternal Service Interaction attack\n\nin eDirectory has been discovered in\nOpenText\u2122 eDirectory. This impact all version before\u00a09.2.6.0000."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@opentext.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@opentext.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://www.netiq.com/documentation/edirectory-92/edirectory926_releasenotes/data/edirectory926_releasenotes.html",
"source": "security@opentext.com"
}
]
}

56
CVE-2021/CVE-2021-381xx/CVE-2021-38133.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2021-38133",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:10.327",
"lastModified": "2024-09-12T13:15:10.327",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Possible \nExternal Service Interaction attack\n\nin eDirectory has been discovered in\nOpenText\u2122 eDirectory. This impact all version before\u00a09.2.6.0000."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@opentext.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security@opentext.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-521"
}
]
}
],
"references": [
{
"url": "https://www.netiq.com/documentation/edirectory-92/edirectory926_releasenotes/data/edirectory926_releasenotes.html",
"source": "security@opentext.com"
}
]
}

56
CVE-2022/CVE-2022-263xx/CVE-2022-26322.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2022-26322",
"sourceIdentifier": "security@opentext.com",
"published": "2024-09-12T13:15:10.620",
"lastModified": "2024-09-12T13:15:10.620",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Possible Insertion of Sensitive Information into Log File Vulnerability\n\nin Identity Manager has been discovered in\nOpenText\u2122 \nIdentity Manager REST Driver. This impact version before 1.1.2.0200."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@opentext.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@opentext.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"references": [
{
"url": "https://www.netiq.com/documentation/identity-manager-48-drivers/RESTDriver1.1.2.0300_readme/data/RESTDriver1.1.2.0300_readme.html",
"source": "security@opentext.com"
}
]
}

34
CVE-2022/CVE-2022-270xx/CVE-2022-27003.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27003",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-03-15T22:15:15.320",
"lastModified": "2023-08-08T14:22:24.967",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T13:35:03.300",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

34
CVE-2022/CVE-2022-270xx/CVE-2022-27004.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27004",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-03-15T22:15:15.373",
"lastModified": "2023-08-08T14:22:24.967",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T13:35:10.583",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

34
CVE-2022/CVE-2022-270xx/CVE-2022-27005.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27005",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-03-15T22:15:15.423",
"lastModified": "2023-08-08T14:22:24.967",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T13:35:11.427",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

8
CVE-2022/CVE-2022-487xx/CVE-2022-48733.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48733",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-20T12:15:11.700",
"lastModified": "2024-08-19T17:39:17.383",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T12:15:46.847",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -84,6 +84,10 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7e4c72dbaf62f8978af8321a24dbd35566d3a78a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9372fa1d73da5f1673921e365d0cd2c27ec7adc2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

122
CVE-2022/CVE-2022-489xx/CVE-2022-48903.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48903",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:04.897",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:58:48.473",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,119 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: btrfs: corrige el fallo de reubicaci\u00f3n debido al retorno prematuro de btrfs_commit_transaction() Estamos viendo fallos similares al siguiente rastro: [38.969182] ADVERTENCIA: CPU: 20 PID: 2105 en fs/btrfs /relocation.c:4070 btrfs_relocate_block_group + 0x2dc/0x340 [btrfs] [38.973556] cpu: 20 pid: 2105 coms: btrfs no tinted 5.17.0-rc4 #54 [38.974580] nombre de hardware: qtrfs no tinteded 5.17.0-rc4 #54 [38.974580] Nombre de hardware: QTRFS no est\u00e1 Tainted 5.17.0-rc4 #54 [38.974580] Nombre de hardware: QTRFS no Tainted 5.17.0-rc4 #54 [38.974580] Nombre de hardware: QTRFS no Tainted 5.17.0-rc4 #54 [38.974580] Nombre de hardware: QTRFS no Tainted 5.17. ), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 01/04/2014 [38.976539] RIP: 0010:btrfs_relocate_block_group+0x2dc/0x340 [btrfs] [38.980336] RSP: 42e03c20 EFLAGS: 00010206 [ 38.981218] RAX: ffff96cfc4ede800 RBX: ffff96cfc3ce0000 RCX: 000000000002ca14 [38.982560] RDX: 00000000000000000 RSI: 4cfd109a0bcb5d7f RDI: 3ce0360 [38.983619] RBP: ffff96cfc309c000 R08: 0000000000000000 R09: 0000000000000000 [38.984678] R10: ffff96cec0000001 R11: 12: ffff96cfc4ede800 [38.985735] R13: 0000000000000000 R14: 0000000000000000 R15: ffff96cfc3ce0360 [38.987146] FS: 00007f11c15218c0(0000) GS:ffff96d6dfb00000(0000) 0000000000000000 [38.988662] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [38.989398] CR2: 00007ffc922c8e60 CR3: 00000001147a6001 CR4: 0000000000370ee0 [38.990279] DR0: 0000000000000000 DR1: 00000000000000000 DR2: 00000000000000000 [38.991219] DR3: 000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [38.992528] Seguimiento de llamadas: [38.992854] [38.993148] btrfs_relocate_chunk+0x27/0xe0 [btrfs ] [38.993941] btrfs_balance+0x78e/0xea0 [btrfs] [38.994801] ? vsnprintf+0x33c/0x520 [38.995368] ? __kmalloc_track_caller+0x351/0x440 [38.996198] btrfs_ioctl_balance+0x2b9/0x3a0 [btrfs] [38.997084] btrfs_ioctl+0x11b0/0x2da0 [btrfs] [38.997867] ? mod_objcg_state+0xee/0x340 [38.998552] ? seq_release+0x24/0x30 [38.999184] ? proc_nr_files+0x30/0x30 [38.999654] ? call_rcu+0xc8/0x2f0 [39.000228] ? __x64_sys_ioctl+0x84/0xc0 [39.000872] ? btrfs_ioctl_get_supported_features+0x30/0x30 [btrfs] [39.001973] __x64_sys_ioctl+0x84/0xc0 [39.002566] do_syscall_64+0x3a/0x80 [39.003011] Entry_SYSCALL_64_after_hwframe+ 0x44/0xae [39.003735] RIP: 0033:0x7f11c166959b [39.007324] RSP: 002b:00007fff2543e998 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [39.008521] RAX: ffffffffffffffda RBX: 00007f11c1521698 RCX: 00007f11c166959b [39.009833] RDX: 00007fff2543 ea40 RSI: 00000000c4009420 RDI: 00000000000000003 [39.011270] RBP: 0000000000000003 R08: 00000000000000013 R09: 00007f11c16f94e0 [39.0125 81] R10: 0000000000000000 R11: 0000000000000246 R12 : 00007fff25440df3 [39.014046] R13: 00000000000000000 R14: 00007fff2543ea40 R15: 0000000000000001 [39.015040] [39.015418] ---[ final de seguimiento 0 000000000000000 ]--- [43.131559] ------------ [cortar aqu\u00ed]------------ [43.132234] \u00a1ERROR del kernel en fs/btrfs/extent-tree.c:2717! [43.133031] c\u00f3digo de operaci\u00f3n no v\u00e1lido: 0000 [#1] PREEMPT SMP PTI [43.133702] CPU: 1 PID: 1839 Comm: btrfs Tainted: GW 5.17.0-rc4 #54 [43.134863] Nombre de hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 01/04/2014 [43.136426] RIP: 0010:unpin_extent_range+0x37a/0x4f0 [btrfs] [43.139913] RSP: 216bc70 EFLAGS: 00010246 [43.140629] RAX: 0000000000000000 RBX: ffff96cfc34490f8 RCX: 0000000000000001 [43.141604] RDX: 0000000080000001 RSI: 0000000051d00000 : 00000000ffffffff [43.142645] RBP: 0000000000000000 R08: 0000000000000000 R09: ffff96cfd07dca50 [43.143669] R10: ffff96cfc46e8a00 R11: 00 R12: 0000000041d00000 [43.144657 ] R13: ffff96cfc3ce0000 R14: ffffb0dd4216bd08 R15: 0000000000000000 [43.145686] FS: 00007f7657dd68c0(0000) GS:ffff96d6df640000(0000) 00000000000000 [43.146808] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [43.147584] CR2: 00007f7fe81bf5b0 CR3 : 00000001093ee004 CR4: 0000000000370ee0 [43.148589] ---truncado---"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/5fd76bf31ccfecc06e2e6b29f8c809e934085b99",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/725a6ac389b182261af174176e561a36b0f39ffc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/a4378947ae39f08c6ae4c6a87ccdebc981a7bbcb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.15.27",
"matchCriteriaId": "0124F44D-3165-4025-A6AD-1C47145E6B2A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.13",
"matchCriteriaId": "B871B667-EDC0-435D-909E-E918D8D90995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*",
"matchCriteriaId": "BED18363-5ABC-4639-8BBA-68E771E5BB3F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/5fd76bf31ccfecc06e2e6b29f8c809e934085b99",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/725a6ac389b182261af174176e561a36b0f39ffc",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a4378947ae39f08c6ae4c6a87ccdebc981a7bbcb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

122
CVE-2022/CVE-2022-489xx/CVE-2022-48904.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48904",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:04.980",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:55:34.123",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,119 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: iommu/amd: corrige la p\u00e9rdida de memoria de la tabla de p\u00e1ginas de E/S. La l\u00f3gica actual actualiza el modo de tabla de p\u00e1ginas de E/S para el dominio antes de llamar a la l\u00f3gica para liberar la memoria utilizada para la tabla de p\u00e1ginas. Esto da como resultado una p\u00e9rdida de memoria en la tabla de p\u00e1ginas de IOMMU y se puede observar al iniciar VM con dispositivos de paso. Se soluciona liberando la memoria utilizada para la tabla de p\u00e1ginas antes de actualizar el modo."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/378e2fe1eb58d5c2ed55c8fe5e11f9db5033cdd6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/6b0b2d9a6a308bcd9300c2d83000a82812c56cea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/c78627f757e37c2cf386b59c700c4e1574988597",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12",
"versionEndExcluding": "5.15.27",
"matchCriteriaId": "0124F44D-3165-4025-A6AD-1C47145E6B2A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.13",
"matchCriteriaId": "B871B667-EDC0-435D-909E-E918D8D90995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*",
"matchCriteriaId": "BED18363-5ABC-4639-8BBA-68E771E5BB3F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/378e2fe1eb58d5c2ed55c8fe5e11f9db5033cdd6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6b0b2d9a6a308bcd9300c2d83000a82812c56cea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c78627f757e37c2cf386b59c700c4e1574988597",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

174
CVE-2022/CVE-2022-489xx/CVE-2022-48905.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48905",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:05.050",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:44:45.753",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,161 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ibmvnic: elemento de trabajo de reinicio gratuito al vaciar Se corrige una peque\u00f1a p\u00e9rdida de memoria al vaciar la cola de trabajo de reinicio."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/39738a2346b270e8f72f88d8856de2c167bd2899",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/4c26745e4576cec224092e6cc12e37829333b183",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/58b07100c20e95c78b8cb4d6d28ca53eb9ef81f2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/6acbc8875282d3ca8a73fa93cd7a9b166de5019c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/786576c03b313a9ff6585458aa0dfd039d897f51",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/8d0657f39f487d904fca713e0bc39c2707382553",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.18",
"versionEndExcluding": "4.19.233",
"matchCriteriaId": "94F03986-C560-4F93-9BAB-D48C438A6B89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.183",
"matchCriteriaId": "76A7616E-E6B9-4A7F-AA7C-1D47F774215F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.104",
"matchCriteriaId": "764998FC-D1F7-4BAA-BD56-A553C7AB8F08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.27",
"matchCriteriaId": "B3A8E092-3021-4A34-8DCE-B89D2238818B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.13",
"matchCriteriaId": "B871B667-EDC0-435D-909E-E918D8D90995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*",
"matchCriteriaId": "BED18363-5ABC-4639-8BBA-68E771E5BB3F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/39738a2346b270e8f72f88d8856de2c167bd2899",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4c26745e4576cec224092e6cc12e37829333b183",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/58b07100c20e95c78b8cb4d6d28ca53eb9ef81f2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6acbc8875282d3ca8a73fa93cd7a9b166de5019c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/786576c03b313a9ff6585458aa0dfd039d897f51",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8d0657f39f487d904fca713e0bc39c2707382553",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

129
CVE-2022/CVE-2022-489xx/CVE-2022-48906.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48906",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:05.120",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:41:56.660",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,126 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: establece correctamente el tiempo de espera de DATA_FIN cuando el n\u00famero de retransmisiones es grande Syzkaller con UBSAN descubri\u00f3 un escenario en el que una gran cantidad de retransmisiones de DATA_FIN provocaban un desplazamiento fuera de los l\u00edmites en el tiempo de espera de DATA_FIN c\u00e1lculo: =================================================== ================================ UBSAN: desplazamiento fuera de los l\u00edmites en net/mptcp/protocol.c: El exponente de desplazamiento 470:29 32 es demasiado grande para el tipo 'unsigned int' de 32 bits CPU: 1 PID: 13059 Comm: kworker/1:0 Not tainted 5.17.0-rc2-00630-g5fbf21c90c60 #1 Nombre de hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 01/04/2014 Cola de trabajo: eventos mptcp_worker Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0xcd/0x134 lib/dump_stack .c:106 ubsan_epilogue+0xb/0x5a lib/ubsan.c:151 __ubsan_handle_shift_out_of_bounds.cold+0xb2/0x20e lib/ubsan.c:330 mptcp_set_datafin_timeout net/mptcp/protocol.c:470 __mptcp_retrans.cold+0x7 2/0x77 net/mptcp/protocol.c:2445 mptcp_worker+0x58a/0xa70 net/mptcp/protocol.c:2528 Process_one_work+0x9df/0x16d0 kernel/workqueue.c:2307 trabajador_thread+0x95/0xe10 kernel/workqueue.c:2454 kthread+0x2f4 /0x3b0 kernel/kthread.c:377 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295 ====================== ==================================================== ========= Este cambio limita el tiempo de espera m\u00e1ximo al limitar el tama\u00f1o del turno, lo que mantiene todos los valores intermedios dentro de los l\u00edmites."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/03ae283bd71f761feae3f402668d698b393b0e79",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/0c3f34beb459753f9f80d0cc14c1b50ab615c631",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/877d11f0332cd2160e19e3313e262754c321fa36",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12.4",
"versionEndExcluding": "5.13",
"matchCriteriaId": "962DCAA0-5F0D-4E2B-9CC7-53800AB2E504"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13",
"versionEndExcluding": "5.15.27",
"matchCriteriaId": "30FF1CEF-6370-4679-8AB5-D39C2D09A3D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.13",
"matchCriteriaId": "B871B667-EDC0-435D-909E-E918D8D90995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*",
"matchCriteriaId": "BED18363-5ABC-4639-8BBA-68E771E5BB3F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/03ae283bd71f761feae3f402668d698b393b0e79",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0c3f34beb459753f9f80d0cc14c1b50ab615c631",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/877d11f0332cd2160e19e3313e262754c321fa36",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

122
CVE-2022/CVE-2022-489xx/CVE-2022-48907.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48907",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:05.187",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:33:22.423",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,119 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: auxdisplay: lcd2s: corrige la p\u00e9rdida de memoria en ->remove() Una vez asignada, la estructura lcd2s_data nunca se libera. Solucione la p\u00e9rdida de memoria cambiando a devm_kzalloc()."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/3585ed5f9b11a6094dd991d76a1541e5d03b986a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/5d53cd33f4253aa4cf02bf7e670b3c6a99674351",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/898c0a15425a5bcaa8d44bd436eae5afd2483796",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.27",
"matchCriteriaId": "B3A8E092-3021-4A34-8DCE-B89D2238818B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.13",
"matchCriteriaId": "B871B667-EDC0-435D-909E-E918D8D90995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*",
"matchCriteriaId": "BED18363-5ABC-4639-8BBA-68E771E5BB3F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/3585ed5f9b11a6094dd991d76a1541e5d03b986a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5d53cd33f4253aa4cf02bf7e670b3c6a99674351",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/898c0a15425a5bcaa8d44bd436eae5afd2483796",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

210
CVE-2022/CVE-2022-489xx/CVE-2022-48908.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48908",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:05.247",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:37:52.190",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,189 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: arcnet: com20020: corrija null-ptr-deref en com20020pci_probe() Durante la inicializaci\u00f3n del controlador, se requiere el puntero de informaci\u00f3n de la tarjeta, es decir, la variable 'ci'. Sin embargo, la definici\u00f3n de 'com20020pci_id_table' revela que este campo est\u00e1 vac\u00edo para algunos dispositivos, lo que provocar\u00e1 una desreferencia del puntero nulo al inicializar estos dispositivos. El siguiente registro lo revela: [3.973806] KASAN: null-ptr-deref en el rango [0x0000000000000028-0x000000000000002f] [3.973819] RIP: 0010:com20020pci_probe+0x18d/0x13e0 [com20020_p ci] [3.975181] Seguimiento de llamadas: [3.976208] local_pci_probe+0x13f /0x210 [3.977248] pci_device_probe+0x34c/0x6d0 [3.977255]? pci_uevent+0x470/0x470 [3.978265] very_probe+0x24c/0x8d0 [3.978273] __driver_probe_device+0x1b3/0x280 [3.979288] driver_probe_device+0x50/0x370 Solucione este problema comprobando primero si el 'ci' es un puntero nulo."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/5f394102ee27dbf051a4e283390cd8d1759dacea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/8e3bc7c5bbf87e86e9cd652ca2a9166942d86206",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/b1ee6b9340a38bdb9e5c90f0eac5b22b122c3049",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/b838add93e1dd98210482dc433768daaf752bdef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bd6f1fd5d33dfe5d1b4f2502d3694a7cc13f166d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ca0bdff4249a644f2ca7a49d410d95b8dacf1f72",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/e50c589678e50f8d574612e473ca60ef45190896",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ea372aab54903310756217d81610901a8e66cb7d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.18",
"versionEndExcluding": "4.9.305",
"matchCriteriaId": "FD5759B6-D0C9-44AA-A127-E183C95F00A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.270",
"matchCriteriaId": "51C0B6F2-A904-4FE6-B06B-CE26226B22B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.233",
"matchCriteriaId": "B59A7E33-6262-458E-AC76-E8CC4E812344"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.183",
"matchCriteriaId": "76A7616E-E6B9-4A7F-AA7C-1D47F774215F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.104",
"matchCriteriaId": "764998FC-D1F7-4BAA-BD56-A553C7AB8F08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.27",
"matchCriteriaId": "B3A8E092-3021-4A34-8DCE-B89D2238818B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.13",
"matchCriteriaId": "B871B667-EDC0-435D-909E-E918D8D90995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*",
"matchCriteriaId": "BED18363-5ABC-4639-8BBA-68E771E5BB3F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/5f394102ee27dbf051a4e283390cd8d1759dacea",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8e3bc7c5bbf87e86e9cd652ca2a9166942d86206",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b1ee6b9340a38bdb9e5c90f0eac5b22b122c3049",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b838add93e1dd98210482dc433768daaf752bdef",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/bd6f1fd5d33dfe5d1b4f2502d3694a7cc13f166d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ca0bdff4249a644f2ca7a49d410d95b8dacf1f72",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e50c589678e50f8d574612e473ca60ef45190896",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ea372aab54903310756217d81610901a8e66cb7d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

138
CVE-2022/CVE-2022-489xx/CVE-2022-48909.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48909",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:05.333",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:36:11.253",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,133 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/smc: reparar fuga de conexi\u00f3n Hay un posible problema de fuga en la siguiente secuencia de ejecuci\u00f3n: smc_release smc_connect_work if (sk->sk_state == SMC_INIT) send_clc_confirim tcp_abort(); ... sk.sk_state = SMC_ACTIVE smc_close_active switch(sk->sk_state) { ... case SMC_ACTIVE: smc_close_final() // luego espera el par cerrado Desafortunadamente, tcp_abort() puede descartar los mensajes CLC CONFIRM que todav\u00eda est\u00e1n en el b\u00fafer de env\u00edo tcp , en cuyo caso nuestro token de conexi\u00f3n no se puede entregar al lado del servidor, lo que significa que no podemos recibir ning\u00fan mensaje de cierre pasivo. Por lo tanto, es imposible desconectarlo en absoluto. Este parche intenta una forma muy sencilla de evitar este problema, una vez que el estado ha cambiado a SMC_ACTIVE despu\u00e9s de tcp_abort(), podemos cancelar activamente la conexi\u00f3n smc, considerando que el estado es SMC_INIT antes de tcp_abort(), abandonar el proceso de desconexi\u00f3n completo no deber\u00eda causar demasiado problema. De hecho, este problema puede existir siempre y cuando el servidor no reciba el mensaje CONFIRM CLC. En el futuro se deber\u00e1 discutir si se debe agregar un temporizador despu\u00e9s de smc_close_final(). Pero aun as\u00ed, este parche proporciona una liberaci\u00f3n m\u00e1s r\u00e1pida para la conexi\u00f3n. En el caso anterior, tambi\u00e9n deber\u00eda ser valioso."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/2e8d465b83db307f04ad265848f8ab3f78f6918f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/80895b6f9154fb22d36fab311ccbb75503a2c87b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/9f1c50cf39167ff71dc5953a3234f3f6eeb8fcb5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/e98d46ccfa84b35a9e4b1ccdd83961b41a5d7ce5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.3",
"versionEndExcluding": "5.10.104",
"matchCriteriaId": "C340B44A-7A5B-4A6D-AB90-C8B64B25908B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.27",
"matchCriteriaId": "B3A8E092-3021-4A34-8DCE-B89D2238818B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.13",
"matchCriteriaId": "B871B667-EDC0-435D-909E-E918D8D90995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*",
"matchCriteriaId": "BED18363-5ABC-4639-8BBA-68E771E5BB3F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2e8d465b83db307f04ad265848f8ab3f78f6918f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/80895b6f9154fb22d36fab311ccbb75503a2c87b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9f1c50cf39167ff71dc5953a3234f3f6eeb8fcb5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e98d46ccfa84b35a9e4b1ccdd83961b41a5d7ce5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

192
CVE-2022/CVE-2022-489xx/CVE-2022-48910.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48910",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:05.403",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:31:57.197",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,35 +15,175 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ipv6: aseg\u00farese de llamar a ipv6_mc_down() como m\u00e1ximo una vez. Hay dos razones para llamar a addrconf_notify() con NETDEV_DOWN: o el dispositivo de red realmente est\u00e1 cayendo o IPv6 estaba deshabilitado en la interfaz. Si alguno de ellos permanece inactivo mientras el otro est\u00e1 activado, llamamos repetidamente al c\u00f3digo para NETDEV_DOWN, incluido ipv6_mc_down(), pero nunca llamamos al ipv6_mc_up() correspondiente en el medio. Esto har\u00e1 que se asigne una nueva entrada en idev->mc_tomb para cada grupo de multidifusi\u00f3n al que est\u00e9 suscrita la interfaz, lo que a su vez filtrar\u00e1 una estructura ifmcaddr6 por cada grupo de multidifusi\u00f3n no trivial al que est\u00e9 suscrita la interfaz. El siguiente reproductor filtrar\u00e1 al menos $n objetos: ip addr add ff2e::4242/32 dev eth0 autojoin sysctl -w net.ipv6.conf.eth0.disable_ipv6=1 for i in $(seq 1 $n); configurar el enlace ip eth0; ip link set down eth0 done Unirse a grupos con IPV6_ADD_MEMBERSHIP (sin privilegios) o configurar sysctl net.ipv6.conf.eth0.forwarding en 1 (=> suscribirse a ff02::2) tambi\u00e9n se puede usar para crear un idev->mc_list no trivial , que filtrar\u00e1 objetos con la secuencia correcta de arriba a abajo. Seg\u00fan ambas fuentes de eventos NETDEV_DOWN, se debe considerar el estado de la interfaz IPv6: - no lista si la interfaz de red no est\u00e1 lista O IPv6 est\u00e1 deshabilitado - lista si la interfaz de red est\u00e1 lista Y IPv6 est\u00e1 habilitada Las funciones ipv6_mc_up() e ipv6_down() solo debe ejecutarse cuando este estado cambie. Implemente esto recordando cu\u00e1ndo el estado de IPv6 est\u00e1 listo y solo ejecute ipv6_mc_down() si realmente cambi\u00f3 de listo a no listo. La otra direcci\u00f3n (no listo -> listo) ya funciona correctamente, ya que: - la ruta de c\u00f3digo activada de notificaci\u00f3n de interfaz para NETDEV_UP / NETDEV_CHANGE regresa antes si ipv6 est\u00e1 deshabilitado, y - la ruta de c\u00f3digo activada enable_ipv6=0 omite la inicializaci\u00f3n completa de la interfaz siempre que addrconf_link_ready (dev) devuelve falso: llamar a ipv6_mc_up() repetidamente no filtra nada"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/72124e65a70b84e6303a5cd21b0ac1f27d7d61a4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/9588ac2eddc2f223ebcebf6e9f5caed84d32922b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/9995b408f17ff8c7f11bc725c8aa225ba3a63b1c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/9a8736b2da28b24f01707f592ff059b9f90a058c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b11781515208dd31fbcd0b664078dce5dc44523f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c71bf3229f9e9dd60ba02f5a5be02066edf57012",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f4c63b24dea9cc2043ff845dcca9aaf8109ea38a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.18",
"versionEndExcluding": "4.9.313",
"matchCriteriaId": "927E10B9-07A2-4D21-B518-62246BE28995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.278",
"matchCriteriaId": "050329AA-B7D6-45EA-9341-E396DC054423"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "5.4.193",
"matchCriteriaId": "A014E697-B30F-4699-8F9E-0FB4E2BB359C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.104",
"matchCriteriaId": "764998FC-D1F7-4BAA-BD56-A553C7AB8F08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.27",
"matchCriteriaId": "B3A8E092-3021-4A34-8DCE-B89D2238818B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.13",
"matchCriteriaId": "B871B667-EDC0-435D-909E-E918D8D90995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*",
"matchCriteriaId": "BED18363-5ABC-4639-8BBA-68E771E5BB3F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/72124e65a70b84e6303a5cd21b0ac1f27d7d61a4",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9588ac2eddc2f223ebcebf6e9f5caed84d32922b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9995b408f17ff8c7f11bc725c8aa225ba3a63b1c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9a8736b2da28b24f01707f592ff059b9f90a058c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b11781515208dd31fbcd0b664078dce5dc44523f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c71bf3229f9e9dd60ba02f5a5be02066edf57012",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f4c63b24dea9cc2043ff845dcca9aaf8109ea38a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

210
CVE-2022/CVE-2022-489xx/CVE-2022-48911.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48911",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:05.483",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:24:58.060",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,189 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nf_queue: corrige posible use-after-free Eric Dumazet dice: El lado sock_hold() parece sospechoso, porque no hay garant\u00eda de que sk_refcnt no sea ya 0. En caso de falla, No podemos poner en cola el paquete y necesitamos indicar un error. La persona que llama descartar\u00e1 el paquete. v2: dividir el fragmento de captaci\u00f3n previa de skb en un cambio separado"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/21b27b2baa27423286e9b8d3f0b194d587083d95",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/34dc4a6a7f261736ef7183868a5bddad31c7f9e3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/43c25da41e3091b31a906651a43e80a2719aa1ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/4d05239203fa38ea8a6f31e228460da4cb17a71a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/c3873070247d9e3c7a6b0cf9bf9b45e8018427b1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dcc3cb920bf7ba66ac5e9272293a9ba5f80917ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dd648bd1b33a828f62befa696b206c688da0ec43",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/ef97921ccdc243170fcef857ba2a17cf697aece5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.29",
"versionEndExcluding": "4.9.305",
"matchCriteriaId": "C3F18B92-FE18-47E9-A7F2-16F95AB41486"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.270",
"matchCriteriaId": "51C0B6F2-A904-4FE6-B06B-CE26226B22B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.233",
"matchCriteriaId": "B59A7E33-6262-458E-AC76-E8CC4E812344"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.183",
"matchCriteriaId": "76A7616E-E6B9-4A7F-AA7C-1D47F774215F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.104",
"matchCriteriaId": "764998FC-D1F7-4BAA-BD56-A553C7AB8F08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.27",
"matchCriteriaId": "B3A8E092-3021-4A34-8DCE-B89D2238818B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.13",
"matchCriteriaId": "B871B667-EDC0-435D-909E-E918D8D90995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*",
"matchCriteriaId": "BED18363-5ABC-4639-8BBA-68E771E5BB3F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/21b27b2baa27423286e9b8d3f0b194d587083d95",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/34dc4a6a7f261736ef7183868a5bddad31c7f9e3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/43c25da41e3091b31a906651a43e80a2719aa1ff",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/4d05239203fa38ea8a6f31e228460da4cb17a71a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/c3873070247d9e3c7a6b0cf9bf9b45e8018427b1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dcc3cb920bf7ba66ac5e9272293a9ba5f80917ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dd648bd1b33a828f62befa696b206c688da0ec43",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ef97921ccdc243170fcef857ba2a17cf697aece5",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

144
CVE-2022/CVE-2022-489xx/CVE-2022-48914.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48914",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:05.683",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:27:34.623",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,31 +15,131 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: xen/netfront: destruye colas antes de que real_num_tx_queues se ponga a cero xennet_destroy_queues() se basa en info->netdev->real_num_tx_queues para eliminar colas. Dado que d7dac083414eb5bb99a6d2ed53dc2c1b405224e5 (\"net-sysfs: actualice los recuentos de colas en la ruta de cancelaci\u00f3n de registro\"), unregister_netdev() establece indirectamente real_num_tx_queues en 0. Esos dos hechos juntos significan que xennet_destroy_queues() llamado desde xennet_remove() no puede hacer su trabajo, porque s llamado despu\u00e9s de unregister_netdev(). Esto da como resultado colas kfree-ing que todav\u00eda est\u00e1n vinculadas en napi, lo que finalmente falla: ERROR: desreferencia del puntero NULL del kernel, direcci\u00f3n: 0000000000000000 #PF: acceso de lectura del supervisor en modo kernel #PF: c\u00f3digo_error(0x0000) - PGD de p\u00e1gina no presente 0 P4D 0 Ups: 0000 [#1] PREEMPT SMP PTI CPU: 1 PID: 52 Comm: xenwatch Tainted: GW 5.16.10-1.32.fc32.qubes.x86_64+ #226 RIP: 0010:free_netdev+0xa3/0x1a0 C\u00f3digo: ff 48 89 df e8 2e e9 00 00 48 8b 43 50 48 8b 08 48 8d b8 a0 fe ff ff 48 8d a9 a0 fe ff ff 49 39 c4 75 26 eb 47 e8 ed c1 66 ff <48> 8b 85 60 01 00 0 48 8d 95 60 01 00 00 48 89 ef 48 2d 60 01 00 RSP: 0000:ffffc90000bcfd00 EFLAGS: 00010286 RAX: 0000000000000000 RBX: ffff88800edad000 RCX: 0000000000000 RDX: 0000000000000001 RSI: ffffc90000bcfc30 RDI: 00000000ffffffff RBP: fffffffffffffea0 R08: 00000000000000000 R09: 00000000000000000 R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800edad050 R13: ffff8880065f8f88 R14: 00000000000000000 R15: ffff8880066c6680 FS: 00000000000000(0000) GS:ffff8880f3300000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: CR3: 00000000e998c006 CR4: 00000000003706e0 Seguimiento de llamadas: xennet_remove+0x13d/0x300 [xen_netfront] xenbus_dev_remove+0x6d/0xf0 __device_release_driver+0x17a/0x240 device_release_driver+0x24/ 0x30 bus_remove_device+0xd8/0x140 dispositivo_del+0x18b/0x410? _raw_spin_unlock+0x16/0x30? klist_iter_exit+0x14/0x20? xenbus_dev_request_and_reply+0x80/0x80 dispositivo_unregister+0x13/0x60 xenbus_dev_changed+0x18e/0x1f0 xenwatch_thread+0xc0/0x1a0 ? do_wait_intr_irq+0xa0/0xa0 kthread+0x16b/0x190 ? set_kthread_struct+0x40/0x40 ret_from_fork+0x22/0x30 Solucione este problema llamando a xennet_destroy_queues() desde xennet_uninit(), cuando real_num_tx_queues todav\u00eda est\u00e9 disponible. Esto garantiza que las colas se destruyan cuando real_num_tx_queues se establece en 0, independientemente de c\u00f3mo se llam\u00f3 a unregister_netdev(). Reportado originalmente en https://github.com/QubesOS/qubes-issues/issues/7257"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/198cdc287769c717dafff5887c6125cb7a373bf3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/47e2f166ed9fe17f24561d6315be2228f6a90209",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/a1753d5c29a6fb9a8966dcf04cb4f3b71e303ae8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/a63eb1e4a2e1a191a90217871e67fba42fd39255",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/b40c912624775a21da32d1105e158db5f6d0554a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/dcf4ff7a48e7598e6b10126cc02177abb8ae4f3f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.19.226",
"versionEndExcluding": "4.19.233",
"matchCriteriaId": "844F8286-579D-45F3-91F9-B0963A45C46A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4.174",
"versionEndExcluding": "5.4.183",
"matchCriteriaId": "50DC6A9D-EDB7-4237-9253-6A36CB2A79E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10.94",
"versionEndExcluding": "5.10.104",
"matchCriteriaId": "07144469-6081-4ABC-AD38-F23A8D9B3E86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.17",
"versionEndExcluding": "5.15.27",
"matchCriteriaId": "A3C6A607-7094-4C3C-B703-C6B5A1F87670"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16.3",
"versionEndExcluding": "5.16.13",
"matchCriteriaId": "CA1CE57C-E9AE-4BFC-8E39-AECD1A63C9A0"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/198cdc287769c717dafff5887c6125cb7a373bf3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/47e2f166ed9fe17f24561d6315be2228f6a90209",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a1753d5c29a6fb9a8966dcf04cb4f3b71e303ae8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a63eb1e4a2e1a191a90217871e67fba42fd39255",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b40c912624775a21da32d1105e158db5f6d0554a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/dcf4ff7a48e7598e6b10126cc02177abb8ae4f3f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

136
CVE-2022/CVE-2022-489xx/CVE-2022-48916.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48916",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:05.797",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:11:36.230",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,133 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iommu/vt-d: se corrige el doble list_add al habilitar VMD en modo escalable Al habilitar VMD e IOMMU en modo escalable, se muestra el siguiente registro de kernel/rastreo de llamadas de p\u00e1nico del kernel en la plataforma Eagle Stream (CPU Sapphire Rapids) durante el arranque: pci 0000:59:00.5: Agregar al grupo iommu 42... vmd 0000:59:00.5: Puente de host PCI al bus 10000:80 pci 10000:80:01.0: [8086:352a] tipo 01 clase 0x060400 pci 10000:80:01.0: reg 0x10: [mem 0x00000000-0x0001ffff 64bit] pci 10000:80:01.0: habilitaci\u00f3n de etiquetas extendidas pci 10000:80:01.0: PME# compatible desde D0 D3hot D3cold pci 10 000:80: 01.0: DMAR: La configuraci\u00f3n de RID2PASID fall\u00f3 pci 10000:80:01.0: No se pudo agregar al grupo iommu 42: -16 pci 10000:80:03.0: [8086:352b] tipo 01 clase 0x060400 pci 10000:80:03.0: reg 0x10: [mem 0x00000000-0x0001ffff 64 bits] pci 10000:80:03.0: habilitaci\u00f3n de etiquetas extendidas pci 10000:80:03.0: PME# admitido desde D0 D3hot D3cold ------------[ cortar aqu\u00ed ]--- --------- \u00a1ERROR del kernel en lib/list_debug.c:29! c\u00f3digo de operaci\u00f3n no v\u00e1lido: 0000 [#1] PREEMPT SMP NOPTI CPU: 0 PID: 7 Comm: kworker/0:1 Not tainted 5.17.0-rc3+ #7 Nombre del hardware: Lenovo ThinkSystem SR650V3/SB27A86647, BIOS ESE101Y-1.00 01/13/ Cola de trabajo 2022: eventos work_for_cpu_fn RIP: 0010:__list_add_valid.cold+0x26/0x3f C\u00f3digo: 9a 4a ab ff 4c 89 c1 48 c7 c7 40 0c d9 9e e8 b9 b1 fe ff 0f 0b 48 89 f2 4c 89 c1 48 fe 48 c7 c7 f0 0c d9 9e e8 a2 b1 fe ff <0f> 0b 48 89 d1 4c 89 c6 4c 89 ca 48 c7 c7 98 0c d9 9e e8 8b b1 fe RSP: 0000:ff5ad434865b3a40 EFLAGS: 00010246 RAX: 00000000058 RBX: ff4d61160b74b880 RCX: ff4d61255e1fffa8 RDX: 0000000000000000 RSI: 00000000fffeffff RDI: ffffffff9fd34f20 RBP: ff4d611d8e245c00 R08: 0000000000000000 R09: 888 R10: ff5ad434865b3880 R11: ff4d61257fdc6fe8 R12: ff4d61160b74b8a0 R13: ff4d61160b74b8a0 R14: ff4d611d8e245c10 R15: ff4d611d8001ba70 0000000000000000(0000) GS:ff4d611d5ea00000(0000) knlGS :0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ff4d611fa1401000 CR3: 0000000aa0210001 CR4: 0000000000771ef0 DR0: 000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400 PKRU: 55555554 Llamar Seguimiento: intel_pasid_alloc_table+0x9c/0x1d0 dmar_insert_one_dev_info+0x423/0x540? device_to_iommu+0x12d/0x2f0 intel_iommu_attach_device+0x116/0x290 __iommu_attach_device+0x1a/0x90 iommu_group_add_device+0x190/0x2c0 __iommu_probe_device+0x13e/0x250 iommu_probe_device+0 x24/0x150 iommu_bus_notifier+0x69/0x90 blocking_notifier_call_chain+0x5a/0x80 device_add+0x3db/0x7b0 ? arch_memremap_can_ram_remap+0x19/0x50? memremap+0x75/0x140 pci_device_add+0x193/0x1d0 pci_scan_single_device+0xb9/0xf0 pci_scan_slot+0x4c/0x110 pci_scan_child_bus_extend+0x3a/0x290 vmd_enable_domain.constprop.0+0x63e/0x 820 vmd_probe+0x163/0x190 local_pci_probe+0x42/0x80 work_for_cpu_fn+0x13/0x20 proceso_one_work +0x1e2/0x3b0 hilo_trabajador+0x1c4/0x3a0 ? hilo_rescate+0x370/0x370 kthread+0xc7/0xf0 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x1f/0x30 m\u00f3dulos vinculados en: --- [end rastre 0xffffffff80000000-0xffffffffbffffff) ---[ fin del p\u00e1nico del kernel - no se sincroniza: excepci\u00f3n grave ]--- La siguiente salida 'lspci' muestra que los dispositivos '10000:80:*' son subdispositivos del dispositivo VMD 0000:59:00.5: $ lspci ... 0000:59:00.5 Controlador de bus RAID: Dispositivo de administraci\u00f3n de volumen Intel Corporation Controlador RAID NVMe (rev. 20) ... 10000:80:01.0 Puente PCI: Dispositivo Intel Corporation 352a (rev. 03) 10000:80:03.0 Puente PCI : Dispositivo Intel Corporation 352b (rev 03) 10000:80:05.0 Puente PCI: Dispositivo Intel Corporation 352c (rev 03) 10000:80:07.0 Puente PCI: Dispositivo Intel Corporation 352d (rev 03) 10000:81:00.0 Memoria no vol\u00e1til controlador: Intel Corporation NVMe Datacenter SSD [3DNAND, Beta Rock Controller] 10000:82:00 ---truncado---"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/2aaa085bd012a83be7104356301828585a2253ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/b00833768e170a31af09268f7ab96aecfcca9623",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/d5ad4214d9c6c6e465c192789020a091282dfee7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12.19",
"versionEndExcluding": "5.13",
"matchCriteriaId": "8C2A0F7A-34D9-4DE2-893B-3C8AB10FFB6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13.4",
"versionEndExcluding": "5.14",
"matchCriteriaId": "B6D2AA29-7EC0-4F37-94E7-CF564CCEF770"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.14",
"versionEndExcluding": "5.15.27",
"matchCriteriaId": "6EB0EE01-99B7-49FA-874A-693CEAAE69D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.13",
"matchCriteriaId": "B871B667-EDC0-435D-909E-E918D8D90995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*",
"matchCriteriaId": "BED18363-5ABC-4639-8BBA-68E771E5BB3F"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/2aaa085bd012a83be7104356301828585a2253ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b00833768e170a31af09268f7ab96aecfcca9623",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/d5ad4214d9c6c6e465c192789020a091282dfee7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

180
CVE-2022/CVE-2022-489xx/CVE-2022-48917.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48917",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:05.853",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:07:29.723",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,39 +15,159 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: ops: Shift valores probados en snd_soc_put_volsw() por +min Mientras que los valores $val/$val2 pasados desde el espacio de usuario son siempre >= 0 enteros, los l\u00edmites del control pueden ser n\u00fameros enteros con signo y $min puede ser distinto de cero y menor que cero. Para validar correctamente $val/$val2 contra platform_max, primero agregue el desplazamiento $min a val."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/050b1821f27c5d4fd5a298f6e62c3d3c9335e622",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/0b2ecc9163472128e7f30b517bee92dcd27ffc34",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/6951a5888165a38bb7c39a2d18f5668b2f1241c7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/69f42e41256d5a234d3ae0d35fa66dc6d8171846",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/70712d5afbbea898d5f51fa02e315fe0a4835043",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/7e0e4bc93811cf600508ff36f07abea7b40643ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9bdd10d57a8807dba0003af0325191f3cec0f11c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f3537f1b2bfd3b1df15723df49fc26eccd5112fe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.9.300",
"versionEndExcluding": "4.9.305",
"matchCriteriaId": "7078F5FD-8C44-4848-8434-373F11E2437F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.14.265",
"versionEndExcluding": "4.14.270",
"matchCriteriaId": "EE350A5A-C35A-4391-8BF5-BD86BA58F692"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.19.228",
"versionEndExcluding": "4.19.233",
"matchCriteriaId": "CAD48EEC-226F-4CEE-B62A-4C2E080C07DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4.178",
"versionEndExcluding": "5.4.183",
"matchCriteriaId": "BFA7B940-F1DA-4FFA-B8CF-2207C6B13588"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10.99",
"versionEndExcluding": "5.10.104",
"matchCriteriaId": "EB68B618-D9A9-4D08-825F-95066EBB07B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.22",
"versionEndExcluding": "5.15.27",
"matchCriteriaId": "9274DE9A-1466-4660-ABE0-FCE84DFE75E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16.8",
"versionEndExcluding": "5.16.13",
"matchCriteriaId": "EDE53E28-A078-4F10-B3B9-EE8482DCFEC7"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/050b1821f27c5d4fd5a298f6e62c3d3c9335e622",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/0b2ecc9163472128e7f30b517bee92dcd27ffc34",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/6951a5888165a38bb7c39a2d18f5668b2f1241c7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/69f42e41256d5a234d3ae0d35fa66dc6d8171846",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/70712d5afbbea898d5f51fa02e315fe0a4835043",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/7e0e4bc93811cf600508ff36f07abea7b40643ed",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9bdd10d57a8807dba0003af0325191f3cec0f11c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/f3537f1b2bfd3b1df15723df49fc26eccd5112fe",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

111
CVE-2022/CVE-2022-489xx/CVE-2022-48920.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48920",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:06.080",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:04:26.640",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,108 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: btrfs: elimina la advertencia en el commit de transacci\u00f3n cuando se usa fluoncommit Cuando se usa la opci\u00f3n de montaje fluoncommit, durante casi cada commit de transacci\u00f3n activamos una advertencia de __writeback_inodes_sb_nr(): $ cat fs/fs -writeback.c: (...) vac\u00edo est\u00e1tico __writeback_inodes_sb_nr(struct super_block *sb, ... { (...) WARN_ON(!rwsem_is_locked(&sb->s_umount)); (...) } (... ) La traza producida en dmesg se parece a la siguiente: [947.473890] ADVERTENCIA: CPU: 5 PID: 930 en fs/fs-writeback.c:2610 __writeback_inodes_sb_nr+0x7e/0xb3 [947.481623] M\u00f3dulos vinculados en: nfsd nls_cp437 cifs asn1_decoder s_arc4 fscache cifs_md4 ipmi_ssif [947.489571] CPU: 5 PID: 930 Comm: btrfs-transacti No contaminado 95.16.3-srb-asrock-00001-g36437ad63879 #186 [947.497969] RIP: __writeback_inodes_sb_nr +0x7e/0xb3 [947.502097] C\u00f3digo: 24 10 4c 89 44 24 18 c6 (...) [947.519760] RSP: 0018:ffffc90000777e10 EFLAGS: 00010246 [947.523818] RAX: 0000000000000000 RBX: 0000000000963300 X: 0000000000000000 [947.529765] RDX: 0000000000000000 RSI: 000000000000fa51 RDI: ffffc90000777e50 [947.535740] RBP : ffff888101628a90 R08: ffff888100955800 R09: ffff888100956000 [947.541701] R10: 00000000000000002 R11: 0000000000000001 R12: ffff88810096 3488 [947.547645] R13: ffff888100963000 R14: ffff888112fb7200 R15: ffff888100963460 [947.553621] FS: 0000000000000000(0000) GS:ffff88841fd40 000(0000) knlGS:0000000000000000 [947.560537] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [947.565122] CR2: 0000000008be50c4 CR3: 000000000220c000 CR4: 00000000001006e 0 [947.571072] Seguimiento de llamadas: [947.572354] [947.573266] btrfs_commit_transaction+0x1f1/0x998 [947.576785] ? start_transaction+0x3ab/0x44e [947.579867] ? Schedule_timeout+0x8a/0xdd [947.582716] transacci\u00f3n_kthread+0xe9/0x156 [947.585721] ? btrfs_cleanup_transaction.isra.0+0x407/0x407 [947.590104] kthread+0x131/0x139 [947.592168] ? set_kthread_struct+0x32/0x32 [947.595174] ret_from_fork+0x22/0x30 [947.597561] [947.598553] ---[ end trace 644721052755541c ]--- Esto se debe a que comenzamos a usar writeback_inodes_sb() para vaciar delalloc cuando cometer una transacci\u00f3n (cuando se usa -o fluoncommit), para evitar interbloqueos con las operaciones de congelaci\u00f3n del sistema de archivos. Este cambio se realiz\u00f3 mediante el commit ce8ea7cc6eb313 (\"btrfs: no llame a btrfs_start_delalloc_roots en flowoncommit\"). Despu\u00e9s de ese cambio, comenzamos a producir esa advertencia y, de vez en cuando, un usuario informa esto ya que la advertencia ocurre con demasiada frecuencia, env\u00eda spam a dmesg/syslog y el usuario no est\u00e1 seguro de si esto refleja alg\u00fan problema que pueda comprometer la confiabilidad del sistema de archivos. No podemos simplemente bloquear el sem\u00e1foro sb->s_umount antes de llamar a writeback_inodes_sb(), porque eso al menos bloquear\u00eda el sistema de archivos, ya que en fs/super.c:freeze_super() se llama a sync_filesystem() mientras mantenemos ese sem\u00e1foro en modo de escritura, y eso puede desencadenar un commit de transacci\u00f3n, lo que resulta en un punto muerto. Tambi\u00e9n desencadenar\u00eda el mismo tipo de punto muerto en la ruta de desmontaje. Posiblemente, tambi\u00e9n podr\u00eda introducir algunas otras dependencias de bloqueo que lockdep informar\u00eda. Para solucionar este problema, llame a try_to_writeback_inodes_sb() en lugar de writeback_inodes_sb(), porque intentar\u00e1 leer el bloqueo sb->s_umount y luego solo llamar\u00e1 a writeback_inodes_sb() si pudo bloquearlo. Esto est\u00e1 bien porque los casos en los que no puede leer el bloqueo sb->s_umount son durante un desmontaje del sistema de archivos o durante una congelaci\u00f3n del sistema de archivos; en esos casos, sb->s_umount est\u00e1 bloqueado contra escritura y se llama a sync_filesystem(), que llama a writeback_inodes_sb() . En otras palabras, en todos los casos en los que no podemos adoptar un bloqueo de lectura en sb->s_umount, la reescritura ya se est\u00e1 activando en otro lugar. ---truncado---"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/850a77c999b81dd2724efd2684068d6f90db8c16",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/a0f0cf8341e34e5d2265bfd3a7ad68342da1e2aa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/e4d044dbffcd570351f21c747fc77ff90aed7f2e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.27",
"matchCriteriaId": "A48510A0-1C49-4D24-BB6E-AC9B5F1C4DFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.13",
"matchCriteriaId": "B871B667-EDC0-435D-909E-E918D8D90995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/850a77c999b81dd2724efd2684068d6f90db8c16",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/a0f0cf8341e34e5d2265bfd3a7ad68342da1e2aa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e4d044dbffcd570351f21c747fc77ff90aed7f2e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

130
CVE-2022/CVE-2022-489xx/CVE-2022-48921.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48921",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:08.197",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T12:58:50.660",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,125 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: sched/fair: Solucionar falla en reweight_entity Syzbot encontr\u00f3 un GPF en reweight_entity. Esto se ha dividido en dos para el commit 4ef0c5c6b5ba (\"kernel/sched: Fix sched_fork() accede a un sched_task_group no v\u00e1lido\") Hay una ejecuci\u00f3n entre sched_post_fork() y setpriority(PRIO_PGRP) dentro de un grupo de subprocesos que provoca un null-ptr-deref en reweight_entity () en el SFC. El escenario es que el proceso principal genera una cantidad de subprocesos nuevos, que luego llaman a setpriority(PRIO_PGRP, 0, -20), esperan y salen. Para cada uno de los nuevos subprocesos, se invoca copy_process(), lo que agrega la nueva task_struct y llama a sched_post_fork() para ello. En el escenario anterior existe la posibilidad de que se llame a setpriority(PRIO_PGRP) y set_one_prio() para un subproceso en el grupo que acaba de crear copy_process(), y para el cual sched_post_fork() a\u00fan no se ha ejecutado. Esto desencadenar\u00e1 una desreferencia del puntero nulo en reweight_entity(), ya que intentar\u00e1 acceder al puntero de la cola de ejecuci\u00f3n, que no se ha configurado. Antes del cambio mencionado, el puntero cfs_rq para la tarea se configur\u00f3 en sched_fork(), que se llama mucho antes en copy_process(), antes de que la nueva tarea se agregue al thread_group. Ahora se hace en sched_post_fork(), que se llama despu\u00e9s de eso. Para solucionar el problema, elimine el par\u00e1metro update_load de la funci\u00f3n update_load param() y llame a reweight_task() solo si el indicador de tarea no tiene establecido el indicador TASK_NEW."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/13765de8148f71fa795e0a6607de37c49ea5915a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/589a954daab5e18399860b6c8ffaeaf79844eb20",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/8f317cd888059c59e2fa924bf4b0957cfa53f78e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/e0bcd6b5779352aed88f2e538a82a39f1a7715bb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10.80",
"versionEndExcluding": "5.10.137",
"matchCriteriaId": "82480749-56E0-4A46-85BF-C3C44B1F8706"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.14.19",
"versionEndExcluding": "5.15",
"matchCriteriaId": "CC24A46F-AAF0-46A3-9255-D235078D50BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.3",
"versionEndExcluding": "5.15.27",
"matchCriteriaId": "61C603D7-C7CD-4505-AF1B-EBFDD4D152AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.13",
"matchCriteriaId": "B871B667-EDC0-435D-909E-E918D8D90995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/13765de8148f71fa795e0a6607de37c49ea5915a",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/589a954daab5e18399860b6c8ffaeaf79844eb20",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8f317cd888059c59e2fa924bf4b0957cfa53f78e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e0bcd6b5779352aed88f2e538a82a39f1a7715bb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

133
CVE-2022/CVE-2022-489xx/CVE-2022-48922.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48922",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:08.267",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T12:52:54.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,23 +15,128 @@
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: riscv: corrige los errores causados por el rastreador de latencia irqsoff trace_hardirqs_{on,off}() requiere que la persona que llama configure el puntero del marco correctamente. Esto se debe a que estas dos funciones utilizan la macro 'CALLER_ADDR1' (tambi\u00e9n conocida como __builtin_return_address(1)) para adquirir informaci\u00f3n de la persona que llama. Si $fp se usa para otro prop\u00f3sito, el c\u00f3digo generado en esta macro (como se muestra a continuaci\u00f3n) podr\u00eda provocar una falla de acceso a la memoria. 0xffffffff8011510e <+80>: ld a1,-16(s0) 0xffffffff80115112 <+84>: ld s2,-8(a1) # <-- error de paginaci\u00f3n aqu\u00ed El mensaje de ups durante el arranque si se compila con el rastreador 'irqoff' habilitado: [ 0.039615][T0] No se puede manejar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 00000000000000f8 [0.041925][T0] Ups [#1] [0.042063][T0] M\u00f3dulos vinculados en: [0.042864][T0] CPU: 0 PID: 0 Comm : swapper/0 No contaminado 5.17.0-rc1-00233-g9a20c48d1ed2 #29 [ 0.043568][ T0] Nombre de hardware: riscv-virtio,qemu (DT) [ 0.044343][ T0] epc : trace_hardirqs_on+0x56/0xe2 [ 0.044601] [T0] ra: restaurar_all+0x12/0x6e [0.044721][T0] epc: ffffffff80126a5c ra: ffffffff80003b94 sp: ffffffff81403db0 [0.044801][T0] gp: ffffffff8163acd8 tp: ffffffff81414880 t0: 0000000000000020 [0.044882][T0] t1: 0098968000000000 t2 : 0000000000000000 s0 : ffffffff81403de0 [ 0.044967][ T0] s1 : 0000000000000000 a0 : 0000000000000001 a1 : 0000000000000100 [ 0.045046][ T0] a2: 0000000000000000 a3: 0000000000000000 a4: 0000000000000000 [0.045124][T0] a5: 00000000000000000 a6: 0000000000000000 a7: 000000 0054494d45 [ 0.045210][ T0] s2 : ffffffff80003b94 s3 : ffffffff81a8f1b0 s4 : ffffffff80e27b50 [ 0.045289][ T0] s5 : ffffffff81414880 s6 : ffffffff8160fa00 s7 : 00800120e8 [ 0.045389][ T0] s8 : 0000000080013100 s9 : 000000000000007f s10: 00000000000000000 [ 0.045474][ T0 ] s11: 0000000000000000 t3: 7ffffffffffffff t4: 0000000000000000 [0.045548][T0] t5: 0000000000000000 t6: ffffffff814aa368 [0.045620][T0] 0000000200000100 badaddr: 00000000000000f8 causa: 000000000000000d [ 0.046402][ T0] [] restaurar_todo+ 0x12/0x6e Esto porque el $fp(aka. $s0) el registro no se utiliza como puntero de marco en el c\u00f3digo de entrada del ensamblado. resume_kernel: reg_l s0, task_ti_preempt_count (tp) bnez s0, restaure_all reg_l s0, task_ti_flags (tp) andi s0, s0, _tif_need_resched beqz s0, restaure_all call preempt_schedul S_ { on,off}() para que puedan ser llamados de forma segura mediante un c\u00f3digo de entrada de bajo nivel."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/1851b9a467065b18ec2cba156eea345206df1c8f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/22e2100b1b07d6f5acc71cc1acb53f680c677d77",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/9e2dbc31e367d08ee299a0d8aeb498cb2e12a1c3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://git.kernel.org/stable/c/b5e180490db4af8c0f80c4b65ee482d333d0e8ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.9",
"versionEndExcluding": "5.10.103",
"matchCriteriaId": "7144C576-97DF-4D5F-B88F-F55AF9826BF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.26",
"matchCriteriaId": "9AB342AE-A62E-4947-A6EA-511453062B2B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.12",
"matchCriteriaId": "C76BAB21-7F23-4AD8-A25F-CA7B262A2698"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/1851b9a467065b18ec2cba156eea345206df1c8f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/22e2100b1b07d6f5acc71cc1acb53f680c677d77",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9e2dbc31e367d08ee299a0d8aeb498cb2e12a1c3",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/b5e180490db4af8c0f80c4b65ee482d333d0e8ee",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

116
CVE-2022/CVE-2022-489xx/CVE-2022-48923.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48923",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-22T02:15:08.377",
"lastModified": "2024-08-22T12:48:02.790",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T12:50:02.173",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -15,19 +15,113 @@
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: btrfs: evita copiar un segmento lzo comprimido demasiado grande. La longitud comprimida puede corromperse y ser mucho mayor que la memoria que hemos asignado para el b\u00fafer. Esto har\u00e1 que memcpy en copy_compressed_segment escriba fuera de la memoria asignada. Esto principalmente da como resultado una llamada al sistema de lectura bloqueada, pero a veces, cuando se usa el env\u00edo btrfs, se puede obtener el kernel #GP: falla de protecci\u00f3n general, probablemente para la direcci\u00f3n no can\u00f3nica 0x841551d5c1000: 0000 [#1] Kernel PREEMPT SMP NOPTI: CPU: 17 PID: 264 Comm: kworker /u256:7 Contaminado: P OE 5.17.0-rc2-1 #12 kernel: Workqueue: btrfs-endio btrfs_work_helper [btrfs] kernel: RIP: 0010:lzo_decompress_bio (./include/linux/fortify-string.h:225 fs /btrfs/lzo.c:322 fs/btrfs/lzo.c:394) C\u00f3digo btrfs que comienza con la instrucci\u00f3n err\u00f3nea ========================== ================== 0:* 48 8b 06 mov (%rsi),%rax <-- instrucci\u00f3n de captura 3: 48 8d 79 08 lea 0x8(%rcx), %rdi 7: 48 83 e7 f8 y $0xffffffffffffffff8,%rdi b: 48 89 01 mov %rax,(%rcx) e: 44 89 f0 mov %r14d,%eax 11: 48 8b 54 06 f8 mov -0x8(% rsi,%rax,1),%rdx kernel: RSP: 0018:ffffb110812efd50 EFLAGS: 00010212 kernel: RAX: 0000000000001000 RBX: 000000009ca264c8 RCX: ffff98996e6d8ff8 kernel: RDX: 0000000064 RSI: 000841551d5c1000 RDI: ffffffff9500435d kernel: RBP: ffff989a3be856c0 R08: 0000000000000000 R09: 0000000000000000 kernel: R10: 0000000000000000 R11: 0000000000001000 R12: ffff98996e6d8000 kernel: R13: 0000000000000008 R14: 00000000000 01000 R15: 000841551d5c1000 kernel: FS: 0000000000000000(0000) GS:ffff98a09d640000(0000) knlGS:00000000000000000 kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 kernel: CR2: 00001e9f984d9ea8 CR3: 000000014971a000 CR4: 00000000003506e0 kernel: Seguimiento de llamadas: kernel: kernel: end_compressed_bio_read (fs/btrfs/compression.c: 104 fs/btrfs/compression.c:1363 fs /btrfs/compression.c:323) kernel btrfs: end_workqueue_fn (fs/btrfs/disk-io.c:1923) kernel btrfs: btrfs_work_helper (fs/btrfs/async-thread.c:326) kernel btrfs: Process_one_work (./ arch/x86/include/asm/jump_label.h:27 ./include/linux/jump_label.h:212 ./include/trace/events/workqueue.h:108 kernel/workqueue.c:2312) kernel: trabajador_thread (. /include/linux/list.h:292 kernel/workqueue.c:2455) kernel:? Process_one_work (kernel/workqueue.c:2397) kernel: kthread (kernel/kthread.c:377) kernel:? kthread_complete_and_exit (kernel/kthread.c:332) kernel: ret_from_fork (arch/x86/entry/entry_64.S:301) kernel: "
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://git.kernel.org/stable/c/741b23a970a79d5d3a1db2d64fa2c7b375a4febb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://git.kernel.org/stable/c/8df508b7a44cd8110c726057cd28e8f8116885eb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://git.kernel.org/stable/c/e326bd06cdde46df952361456232022298281d16",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.26",
"matchCriteriaId": "0988E2F0-011E-46E9-BFAE-17673706CBBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.12",
"matchCriteriaId": "C76BAB21-7F23-4AD8-A25F-CA7B262A2698"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/741b23a970a79d5d3a1db2d64fa2c7b375a4febb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/8df508b7a44cd8110c726057cd28e8f8116885eb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e326bd06cdde46df952361456232022298281d16",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}

34
CVE-2023/CVE-2023-369xx/CVE-2023-36947.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36947",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-16T05:15:49.740",
"lastModified": "2023-10-19T11:10:15.513",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T13:35:13.497",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-369xx/CVE-2023-36950.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36950",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-16T06:15:10.253",
"lastModified": "2023-10-19T11:10:37.533",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T13:35:15.180",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-459xx/CVE-2023-45984.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45984",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-16T18:15:16.510",
"lastModified": "2023-10-19T13:05:29.860",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T13:35:15.987",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-510xx/CVE-2023-51014.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51014",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-22T19:15:09.403",
"lastModified": "2023-12-27T21:10:13.203",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T13:35:17.787",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-510xx/CVE-2023-51025.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51025",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-22T18:15:07.860",
"lastModified": "2023-12-27T21:10:57.747",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T13:35:20.590",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

24
CVE-2023/CVE-2023-52xx/CVE-2023-5203.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5203",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-12-26T19:15:07.770",
"lastModified": "2024-01-02T20:43:49.667",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T13:35:21.440",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},

34
CVE-2023/CVE-2023-61xx/CVE-2023-6155.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6155",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-12-26T19:15:08.307",
"lastModified": "2024-01-02T20:16:59.773",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T13:35:21.663",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-287"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [

8
CVE-2024/CVE-2024-203xx/CVE-2024-20304.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20304",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-11T17:15:11.853",
"lastModified": "2024-09-11T17:15:11.853",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device.\r\n\r\nThis vulnerability exists because the Mtrace2 code does not properly handle packet memory. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to exhaust the incoming UDP packet memory. The affected device would not be able to process higher-level UDP-based protocols packets, possibly causing a denial of service (DoS) condition.\r\nNote: This vulnerability can be exploited using IPv4 or IPv6."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n multicast traceroute versi\u00f3n 2 (Mtrace2) del software Cisco IOS XR podr\u00eda permitir que un atacante remoto no autenticado agote la memoria de paquetes UDP de un dispositivo afectado. Esta vulnerabilidad existe porque el c\u00f3digo Mtrace2 no maneja correctamente la memoria de paquetes. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes manipulados a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante agote la memoria de paquetes UDP entrantes. El dispositivo afectado no podr\u00eda procesar paquetes de protocolos basados en UDP de nivel superior, lo que posiblemente provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Nota: Esta vulnerabilidad se puede aprovechar utilizando IPv4 o IPv6."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20317.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20317",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-11T17:15:12.043",
"lastModified": "2024-09-11T17:15:12.043",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System (NCS) platforms could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dropped, resulting in a denial of service (DoS) condition.\r\n\r\nThis vulnerability is due to incorrect classification of certain types of Ethernet frames that are received on an interface. An attacker could exploit this vulnerability by sending specific types of Ethernet frames to or through the affected device. A successful exploit could allow the attacker to cause control plane protocol relationships to fail, resulting in a DoS condition. For more information, see the section of this advisory.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el manejo de tramas Ethernet espec\u00edficas por parte del software Cisco IOS XR para varias plataformas Cisco Network Convergence System (NCS) podr\u00eda permitir que un atacante adyacente no autenticado provoque que se descarten paquetes de prioridad cr\u00edtica, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a la clasificaci\u00f3n incorrecta de ciertos tipos de tramas Ethernet que se reciben en una interfaz. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tipos espec\u00edficos de tramas Ethernet al dispositivo afectado o a trav\u00e9s de \u00e9l. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque que las relaciones de protocolo del plano de control fallen, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio. Para obtener m\u00e1s informaci\u00f3n, consulte la secci\u00f3n de este aviso. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20343.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20343",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-11T17:15:12.223",
"lastModified": "2024-09-11T17:15:12.223",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device.\r\n\r\nThis vulnerability is due to incorrect validation of the arguments that are passed to a specific CLI command. An attacker could exploit this vulnerability by logging in to an affected device with low-privileged credentials and using the affected command. A successful exploit could allow the attacker access files in read-only mode on the Linux file system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del software Cisco IOS XR podr\u00eda permitir que un atacante local autenticado lea cualquier archivo en el sistema de archivos del sistema operativo Linux subyacente. El atacante debe tener credenciales v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de los argumentos que se pasan a un comando CLI espec\u00edfico. Un atacante podr\u00eda aprovechar esta vulnerabilidad iniciando sesi\u00f3n en un dispositivo afectado con credenciales con pocos privilegios y utilizando el comando afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante acceda a archivos en modo de solo lectura en el sistema de archivos Linux."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20381.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20381",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-11T17:15:12.403",
"lastModified": "2024-09-11T17:15:12.403",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management interfaces of Cisco Crosswork Network Services Orchestrator (NSO), Cisco Optical Site Manager, and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the configuration of an affected application or device.\r\n\r\nThis vulnerability is due to improper authorization checks on the API. An attacker with privileges sufficient to access the affected application or device could exploit this vulnerability by sending malicious requests to the JSON-RPC API. A successful exploit could allow the attacker to make unauthorized modifications to the configuration of the affected application or device, including creating new user accounts or elevating their own privileges on an affected system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n API JSON-RPC en ConfD que utilizan las interfaces de administraci\u00f3n basadas en web de Cisco Crosswork Network Services Orchestrator (NSO), Cisco Optical Site Manager y Cisco RV340 Dual WAN Gigabit VPN Routers podr\u00eda permitir que un atacante remoto autenticado modifique la configuraci\u00f3n de una aplicaci\u00f3n o dispositivo afectado. Esta vulnerabilidad se debe a comprobaciones de autorizaci\u00f3n incorrectas en la API. Un atacante con privilegios suficientes para acceder a la aplicaci\u00f3n o dispositivo afectado podr\u00eda explotar esta vulnerabilidad enviando solicitudes maliciosas a la API JSON-RPC. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante realizar modificaciones no autorizadas a la configuraci\u00f3n de la aplicaci\u00f3n o dispositivo afectado, incluida la creaci\u00f3n de nuevas cuentas de usuario o la elevaci\u00f3n de sus propios privilegios en un sistema afectado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20390.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20390",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-11T17:15:12.613",
"lastModified": "2024-09-11T17:15:12.613",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on XML TCP listen port 38751.\r\n\r\nThis vulnerability is due to a lack of proper error validation of ingress XML packets. An attacker could exploit this vulnerability by sending a sustained, crafted stream of XML traffic to a targeted device. A successful exploit could allow the attacker to cause XML TCP port 38751 to become unreachable while the attack traffic persists."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n Dedicated XML Agent del software Cisco IOS XR podr\u00eda permitir que un atacante remoto no autenticado provoque una denegaci\u00f3n de servicio (DoS) en el puerto de escucha XML TCP 38751. Esta vulnerabilidad se debe a la falta de una validaci\u00f3n de errores adecuada de los paquetes XML de entrada. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un flujo continuo y elaborado de tr\u00e1fico XML a un dispositivo de destino. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que el puerto XML TCP 38751 se vuelva inaccesible mientras persista el tr\u00e1fico de ataque."
}
],
"metrics": {

8
CVE-2024/CVE-2024-203xx/CVE-2024-20398.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20398",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-11T17:15:12.860",
"lastModified": "2024-09-11T17:15:12.860",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI del software Cisco IOS XR podr\u00eda permitir que un atacante local autenticado obtenga acceso de lectura y escritura al sistema de archivos en el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos de usuario que se pasan a comandos CLI espec\u00edficos. Un atacante con una cuenta con pocos privilegios podr\u00eda aprovechar esta vulnerabilidad mediante el uso de comandos manipulados en el indicador. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante elevar los privilegios a superusuario."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20406.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20406",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-11T17:15:13.040",
"lastModified": "2024-09-11T17:15:13.040",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending specific IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the IS-IS process on all affected devices that are participating in the Flexible Algorithm to crash and restart, resulting in a DoS condition.\r\nNote: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and must have formed an adjacency. This vulnerability affects segment routing for IS-IS over IPv4 and IPv6 control planes as well as devices that are configured as level 1, level 2, or multi-level routing IS-IS type."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de enrutamiento de segmentos para el protocolo de sistema intermedio a sistema intermedio (IS-IS) del software Cisco IOS XR podr\u00eda permitir que un atacante adyacente no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente de los paquetes IS-IS de entrada. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes IS-IS espec\u00edficos a un dispositivo afectado despu\u00e9s de formar una adyacencia. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque que el proceso IS-IS en todos los dispositivos afectados que participan en el algoritmo flexible se bloquee y se reinicie, lo que da como resultado una condici\u00f3n de DoS. Nota: El protocolo IS-IS es un protocolo de enrutamiento. Para aprovechar esta vulnerabilidad, un atacante debe estar adyacente a la capa 2 del dispositivo afectado y debe haber formado una adyacencia. Esta vulnerabilidad afecta al enrutamiento de segmentos para IS-IS sobre planos de control IPv4 e IPv6, as\u00ed como a dispositivos que est\u00e1n configurados como tipo IS-IS de enrutamiento de nivel 1, nivel 2 o multinivel."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20483.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20483",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-11T17:15:13.213",
"lastModified": "2024-09-11T17:15:13.213",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker container on hardware that is supported by Cisco IOS XR Software, could allow an authenticated, remote attacker with Administrator-level privileges on the PON Manager or direct access to the PON Manager MongoDB instance to perform command injection attacks on the PON Controller container and execute arbitrary commands as root.\r\n\r\nThese vulnerabilities are due to insufficient validation of arguments that are passed to specific configuration commands. An attacker could exploit these vulnerabilities by including crafted input as the argument of an affected configuration command. A successful exploit could allow the attacker to execute arbitrary commands as root on the PON controller."
},
{
"lang": "es",
"value": "Varias vulnerabilidades en el software Cisco Routed PON Controller, que se ejecuta como un contenedor Docker en hardware compatible con el software Cisco IOS XR, podr\u00edan permitir que un atacante remoto autenticado con privilegios de nivel de administrador en el administrador de PON o acceso directo a la instancia MongoDB del administrador de PON realice ataques de inyecci\u00f3n de comandos en el contenedor del controlador de PON y ejecute comandos arbitrarios como superusuario. Estas vulnerabilidades se deben a una validaci\u00f3n insuficiente de los argumentos que se pasan a comandos de configuraci\u00f3n espec\u00edficos. Un atacante podr\u00eda aprovechar estas vulnerabilidades al incluir una entrada manipulada como argumento de un comando de configuraci\u00f3n afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios como superusuario en el controlador de PON."
}
],
"metrics": {

8
CVE-2024/CVE-2024-204xx/CVE-2024-20489.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-20489",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-09-11T17:15:13.393",
"lastModified": "2024-09-11T17:15:13.393",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials.\r\n\r\nThis vulnerability is due to improper storage of the unencrypted database credentials on the device that is running Cisco IOS XR Software. An attacker could exploit this vulnerability by accessing the configuration files on an affected system. A successful exploit could allow the attacker to view MongoDB credentials."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00e9todo de almacenamiento del archivo de configuraci\u00f3n del controlador PON podr\u00eda permitir que un atacante local autenticado con privilegios bajos obtenga las credenciales de MongoDB. Esta vulnerabilidad se debe al almacenamiento inadecuado de las credenciales de la base de datos sin cifrar en el dispositivo que ejecuta el software Cisco IOS XR. Un atacante podr\u00eda aprovechar esta vulnerabilidad accediendo a los archivos de configuraci\u00f3n en un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ver las credenciales de MongoDB."
}
],
"metrics": {

8
CVE-2024/CVE-2024-20xx/CVE-2024-2010.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-2010",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-09-12T09:15:05.210",
"lastModified": "2024-09-12T09:15:05.210",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in TE Informatics V5 allows Reflected XSS.This issue affects V5: before 6.2."
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de etiquetas HTML relacionadas con scripts en una p\u00e1gina web (XSS b\u00e1sico) en TE Informatics V5 permite XSS reflejado. Este problema afecta a V5: anteriores a 6.2."
}
],
"metrics": {

56
CVE-2024/CVE-2024-273xx/CVE-2024-27320.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-27320",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:11.987",
"lastModified": "2024-09-12T13:15:11.987",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its classification tasks handle provided CSV files. If a victim user creates a classification task using a maliciously crafted CSV file containing Python code, the code will be passed to an eval function which executes it."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-95"
}
]
}
],
"references": [
{
"url": "https://hiddenlayer.com/sai-security-advisory/2024-09-autolabel/",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
}
]
}

56
CVE-2024/CVE-2024-273xx/CVE-2024-27321.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-27321",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:12.267",
"lastModified": "2024-09-12T13:15:12.267",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its multilabel classification tasks handle provided CSV files. If a user creates a multilabel classification task using a maliciously crafted CSV file containing Python code, the code will be passed to an eval function which executes it."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-95"
}
]
}
],
"references": [
{
"url": "https://hiddenlayer.com/sai-security-advisory/2024-09-autolabel/",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
}
]
}

8
CVE-2024/CVE-2024-289xx/CVE-2024-28981.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-28981",
"sourceIdentifier": "security.vulnerabilities@hitachivantara.com",
"published": "2024-09-12T00:15:02.127",
"lastModified": "2024-09-12T00:15:02.127",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.8, including 8.3.x, discloses database passwords when searching metadata injectable fields."
},
{
"lang": "es",
"value": "Las versiones de Hitachi Vantara Pentaho Data Integration & Analytics anteriores a 10.1.0.0 y 9.3.0.8, incluida 8.3.x, revelan contrase\u00f1as de bases de datos al buscar campos inyectables de metadatos."
}
],
"metrics": {

8
CVE-2024/CVE-2024-298xx/CVE-2024-29847.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-29847",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-09-12T02:15:02.077",
"lastModified": "2024-09-12T02:15:02.077",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution."
},
{
"lang": "es",
"value": "La deserializaci\u00f3n de datos no confiables en el portal del agente de Ivanti EPM antes de 2022 SU6 o la actualizaci\u00f3n de septiembre de 2024 permite que un atacante remoto no autenticado logre la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {

8
CVE-2024/CVE-2024-31xx/CVE-2024-3163.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-3163",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-09-12T06:15:23.607",
"lastModified": "2024-09-12T06:15:23.607",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack"
},
{
"lang": "es",
"value": "El complemento Easy Property Listings de WordPress anterior a la versi\u00f3n 3.5.4 no tiene verificaci\u00f3n CSRF al eliminar contactos en masa, lo que podr\u00eda permitir a los atacantes hacer que un administrador que haya iniciado sesi\u00f3n los elimine mediante un ataque CSRF."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-328xx/CVE-2024-32840.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-32840",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-09-12T02:15:02.257",
"lastModified": "2024-09-12T02:15:02.257",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution."
},
{
"lang": "es",
"value": "Una inyecci\u00f3n SQL no especificada en Ivanti EPM antes de 2022 SU6 o la actualizaci\u00f3n de septiembre de 2024 permite que un atacante autenticado remoto con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {

8
CVE-2024/CVE-2024-328xx/CVE-2024-32842.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-32842",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-09-12T02:15:02.417",
"lastModified": "2024-09-12T02:15:02.417",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution."
},
{
"lang": "es",
"value": "Una inyecci\u00f3n SQL no especificada en Ivanti EPM antes de 2022 SU6 o la actualizaci\u00f3n de septiembre de 2024 permite que un atacante autenticado remoto con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {

8
CVE-2024/CVE-2024-328xx/CVE-2024-32843.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-32843",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-09-12T02:15:02.567",
"lastModified": "2024-09-12T02:15:02.567",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution."
},
{
"lang": "es",
"value": "Una inyecci\u00f3n SQL no especificada en Ivanti EPM antes de 2022 SU6 o la actualizaci\u00f3n de septiembre de 2024 permite que un atacante autenticado remoto con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {

8
CVE-2024/CVE-2024-328xx/CVE-2024-32845.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-32845",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-09-12T02:15:02.730",
"lastModified": "2024-09-12T02:15:02.730",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution."
},
{
"lang": "es",
"value": "Una inyecci\u00f3n SQL no especificada en Ivanti EPM antes de 2022 SU6 o la actualizaci\u00f3n de septiembre de 2024 permite que un atacante autenticado remoto con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {

8
CVE-2024/CVE-2024-328xx/CVE-2024-32846.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-32846",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-09-12T02:15:02.883",
"lastModified": "2024-09-12T02:15:02.883",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution."
},
{
"lang": "es",
"value": "Una inyecci\u00f3n SQL no especificada en Ivanti EPM antes de 2022 SU6 o la actualizaci\u00f3n de septiembre de 2024 permite que un atacante autenticado remoto con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {

8
CVE-2024/CVE-2024-328xx/CVE-2024-32848.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-32848",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-09-12T02:15:03.043",
"lastModified": "2024-09-12T02:15:03.043",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution."
},
{
"lang": "es",
"value": "Una inyecci\u00f3n SQL no especificada en Ivanti EPM antes de 2022 SU6 o la actualizaci\u00f3n de septiembre de 2024 permite que un atacante autenticado remoto con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {

78
CVE-2024/CVE-2024-33xx/CVE-2024-3305.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-3305",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-09-12T13:15:12.540",
"lastModified": "2024-09-12T13:15:12.540",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Utarit Information SoliClub allows Retrieve Embedded Sensitive Data.This issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "iletisim@usom.gov.tr",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "LOW",
"subsequentSystemIntegrity": "LOW",
"subsequentSystemAvailability": "LOW",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-1457",
"source": "iletisim@usom.gov.tr"
}
]
}

78
CVE-2024/CVE-2024-33xx/CVE-2024-3306.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2024-3306",
"sourceIdentifier": "iletisim@usom.gov.tr",
"published": "2024-09-12T13:15:12.767",
"lastModified": "2024-09-12T13:15:12.767",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "iletisim@usom.gov.tr",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "LOW",
"subsequentSystemIntegrity": "LOW",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
}
]
},
"weaknesses": [
{
"source": "iletisim@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-1457",
"source": "iletisim@usom.gov.tr"
}
]
}

8
CVE-2024/CVE-2024-347xx/CVE-2024-34779.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-34779",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-09-12T02:15:03.207",
"lastModified": "2024-09-12T02:15:03.207",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution."
},
{
"lang": "es",
"value": "Una inyecci\u00f3n SQL no especificada en Ivanti EPM antes de 2022 SU6 o la actualizaci\u00f3n de septiembre de 2024 permite que un atacante autenticado remoto con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {

8
CVE-2024/CVE-2024-347xx/CVE-2024-34783.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-34783",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-09-12T02:15:03.380",
"lastModified": "2024-09-12T02:15:03.380",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution."
},
{
"lang": "es",
"value": "Una inyecci\u00f3n SQL no especificada en Ivanti EPM antes de 2022 SU6 o la actualizaci\u00f3n de septiembre de 2024 permite que un atacante autenticado remoto con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {

8
CVE-2024/CVE-2024-347xx/CVE-2024-34785.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-34785",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-09-12T02:15:03.540",
"lastModified": "2024-09-12T02:15:03.540",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution."
},
{
"lang": "es",
"value": "Una inyecci\u00f3n SQL no especificada en Ivanti EPM antes de 2022 SU6 o la actualizaci\u00f3n de septiembre de 2024 permite que un atacante autenticado remoto con privilegios de administrador logre la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {

8
CVE-2024/CVE-2024-373xx/CVE-2024-37397.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-37397",
"sourceIdentifier": "support@hackerone.com",
"published": "2024-09-12T02:15:03.700",
"lastModified": "2024-09-12T02:15:03.700",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to leak API secrets."
},
{
"lang": "es",
"value": "Una vulnerabilidad de entidad XML externa (XXE) en el servicio web de aprovisionamiento de Ivanti EPM antes de 2022 SU6 o la actualizaci\u00f3n de septiembre de 2024 permite que un atacante remoto no autenticado filtre secretos de API."
}
],
"metrics": {

8
CVE-2024/CVE-2024-382xx/CVE-2024-38222.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-38222",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-09-12T03:15:02.983",
"lastModified": "2024-09-12T03:15:02.983",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Edge (Chromium-based) Information Disclosure Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Microsoft Edge (basado en Chromium)"
}
],
"metrics": {

12
CVE-2024/CVE-2024-385xx/CVE-2024-38577.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38577",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-19T14:15:17.787",
"lastModified": "2024-08-01T20:13:24.763",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T12:15:47.620",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -99,6 +99,10 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/17c43211d45f13d1badea3942b76bf16bcc49281",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/1a240e138071b25944ded0f5b3e357aa99fabcb7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
@ -120,6 +124,10 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/af7b560c88fb420099e29890aa682b8a3efc8784",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cc5645fddb0ce28492b15520306d092730dffa48",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

112
CVE-2024/CVE-2024-395xx/CVE-2024-39591.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39591",
"sourceIdentifier": "cna@sap.com",
"published": "2024-08-13T05:15:13.347",
"lastModified": "2024-08-13T12:58:25.437",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:29:47.207",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -51,14 +71,92 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://me.sap.com/notes/3477423",
"source": "cna@sap.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:document_builder:s4fnd_102:*:*:*:*:*:*:*",
"matchCriteriaId": "3273C74F-E5FE-47A2-B7F8-E76095A64359"
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:document_builder:s4fnd_103:*:*:*:*:*:*:*",
"matchCriteriaId": "65DD3306-BD29-4E59-A0BE-7BEFB80E83A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:document_builder:s4fnd_104:*:*:*:*:*:*:*",
"matchCriteriaId": "49820851-29AD-4467-9CC9-6938197538A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:document_builder:s4fnd_105:*:*:*:*:*:*:*",
"matchCriteriaId": "6012CA9C-F45A-44FD-84A2-960D41638458"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:document_builder:s4fnd_106:*:*:*:*:*:*:*",
"matchCriteriaId": "25337ED2-24AC-4329-89FE-2ACC8F806721"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:document_builder:s4fnd_107:*:*:*:*:*:*:*",
"matchCriteriaId": "A48BA465-1906-4E24-BCC4-43677988EE56"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:document_builder:s4fnd_108:*:*:*:*:*:*:*",
"matchCriteriaId": "7562A2A3-BBA4-4FE7-800C-1D0A9FD750D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:document_builder:sap_bs_fnd_702:*:*:*:*:*:*:*",
"matchCriteriaId": "3A14342E-3477-457C-AF13-54AFFA9DE1C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:document_builder:sap_bs_fnd_731:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FA8D4E-C6EB-4DD9-9729-0CE94FC1023D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:document_builder:sap_bs_fnd_746:*:*:*:*:*:*:*",
"matchCriteriaId": "B2ED89F2-6C57-4393-9D7C-EF02C399F514"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:document_builder:sap_bs_fnd_747:*:*:*:*:*:*:*",
"matchCriteriaId": "8D738350-C117-4248-9334-2D1540986E34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:document_builder:sap_bs_fnd_748:*:*:*:*:*:*:*",
"matchCriteriaId": "9242A4C0-3C2B-4877-A3CA-F17C2A036162"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3477423",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-417xx/CVE-2024-41730.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41730",
"sourceIdentifier": "cna@sap.com",
"published": "2024-08-13T04:15:08.050",
"lastModified": "2024-08-13T12:58:25.437",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:56:51.237",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -51,14 +71,42 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://me.sap.com/notes/3479478",
"source": "cna@sap.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:business_objects_business_intelligence_platform:enterprise_430:*:*:*:*:*:*:*",
"matchCriteriaId": "0764428E-CA9F-4BEF-90A9-E81D21398B91"
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:business_objects_business_intelligence_platform:enterprise_440:*:*:*:*:*:*:*",
"matchCriteriaId": "C464A193-F7CE-49A3-9B9D-17C1EA8E08AF"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3479478",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-417xx/CVE-2024-41733.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41733",
"sourceIdentifier": "cna@sap.com",
"published": "2024-08-13T04:15:08.987",
"lastModified": "2024-08-13T12:58:25.437",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:55:49.880",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -41,8 +61,18 @@
},
"weaknesses": [
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cna@sap.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,14 +81,42 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://me.sap.com/notes/3471450",
"source": "cna@sap.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:commerce:com_cloud_2211:*:*:*:*:*:*:*",
"matchCriteriaId": "9675EB72-CE1B-44EB-830C-5EE3760B4E8C"
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:commerce:hy_com_2205:*:*:*:*:*:*:*",
"matchCriteriaId": "1D604185-AD43-4C48-8B43-ADC9560A677E"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3471450",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

127
CVE-2024/CVE-2024-417xx/CVE-2024-41734.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41734",
"sourceIdentifier": "cna@sap.com",
"published": "2024-08-13T05:15:13.587",
"lastModified": "2024-08-13T12:58:25.437",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:28:03.450",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -51,14 +71,107 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://me.sap.com/notes/3494349",
"source": "cna@sap.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_700:*:*:*:*:*:*:*",
"matchCriteriaId": "AB7909F4-1D66-4C4F-95F3-34ACB0190DB8"
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_701:*:*:*:*:*:*:*",
"matchCriteriaId": "F8310EBA-2438-427F-80C2-BE151E35D97D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_702:*:*:*:*:*:*:*",
"matchCriteriaId": "732E155D-C866-4F0E-BC86-037B94308B7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_731:*:*:*:*:*:*:*",
"matchCriteriaId": "035EDBAC-C29B-49DB-ACEE-CA64750E7290"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_740:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD1A272-9FD0-426F-AF7D-5A8D7CF4A4BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_750:*:*:*:*:*:*:*",
"matchCriteriaId": "05BE37AE-1CC3-4A84-BC9A-B353747B9151"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_751:*:*:*:*:*:*:*",
"matchCriteriaId": "78B1673C-7EF7-4658-91EE-A5BFFDD068B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_752:*:*:*:*:*:*:*",
"matchCriteriaId": "1A69E6E2-46AD-4973-8F39-500D34D50570"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_753:*:*:*:*:*:*:*",
"matchCriteriaId": "15141B2A-8186-454F-BC4D-6BF07420C899"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_754:*:*:*:*:*:*:*",
"matchCriteriaId": "50137ED8-017E-4D0C-ADB4-8FD227301371"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_755:*:*:*:*:*:*:*",
"matchCriteriaId": "021DE052-25C3-49DF-B2AD-BF9D28B1CAD4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_756:*:*:*:*:*:*:*",
"matchCriteriaId": "FFAA63CF-0FD5-4568-A88C-82AD97A14EFF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_757:*:*:*:*:*:*:*",
"matchCriteriaId": "17767460-94A3-443D-8D60-3607D3A894D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_758:*:*:*:*:*:*:*",
"matchCriteriaId": "63B654DB-8E10-422A-94B5-42F9D4EAB10F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:sap_basis_912:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC51692-5E94-4678-99B0-4EC1D633DDF8"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3494349",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2024/CVE-2024-417xx/CVE-2024-41735.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41735",
"sourceIdentifier": "cna@sap.com",
"published": "2024-08-13T04:15:09.323",
"lastModified": "2024-08-13T12:58:25.437",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:53:32.993",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -51,14 +71,37 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://me.sap.com/notes/3483256",
"source": "cna@sap.com"
},
"nodes": [
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:commerce_backoffice:hy_com_2205:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC3D015-A14B-416E-9E67-81B59E581ACC"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3483256",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-417xx/CVE-2024-41736.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41736",
"sourceIdentifier": "cna@sap.com",
"published": "2024-08-13T04:15:09.607",
"lastModified": "2024-08-13T12:58:25.437",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:51:42.727",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -41,8 +61,18 @@
},
"weaknesses": [
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cna@sap.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -51,14 +81,42 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://me.sap.com/notes/3475427",
"source": "cna@sap.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:permit_to_work:uis4hop1_800:*:*:*:*:*:*:*",
"matchCriteriaId": "C89623C8-C8AC-47B1-8EB5-CAAFBD64FAE3"
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:permit_to_work:uis4hop1_900:*:*:*:*:*:*:*",
"matchCriteriaId": "40CB5F2B-8B3E-4266-AB66-7680174E69F5"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3475427",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

82
CVE-2024/CVE-2024-417xx/CVE-2024-41737.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-41737",
"sourceIdentifier": "cna@sap.com",
"published": "2024-08-13T04:15:10.003",
"lastModified": "2024-08-13T12:58:25.437",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:49:41.953",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -51,14 +71,62 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://me.sap.com/notes/3487537",
"source": "cna@sap.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:crm_abap_insights_management:bbpcrm_700:*:*:*:*:*:*:*",
"matchCriteriaId": "56146502-6778-454C-A517-01ED658B57D3"
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:crm_abap_insights_management:bbpcrm_701:*:*:*:*:*:*:*",
"matchCriteriaId": "6B715AC7-4B63-4EF0-A365-0AF70C353A13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:crm_abap_insights_management:bbpcrm_702:*:*:*:*:*:*:*",
"matchCriteriaId": "6563AFD1-DD7A-45FE-92B2-E658B51F2BAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:crm_abap_insights_management:bbpcrm_712:*:*:*:*:*:*:*",
"matchCriteriaId": "1F64314D-14EB-4CAE-8E23-17C32DB5B2C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:crm_abap_insights_management:bbpcrm_713:*:*:*:*:*:*:*",
"matchCriteriaId": "46B2C8CC-A497-4E96-B052-54FB241FB29A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:crm_abap_insights_management:bbpcrm_714:*:*:*:*:*:*:*",
"matchCriteriaId": "6B40DA99-17DA-4DB1-9ACB-5C9E91FCF54E"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3487537",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

20
CVE-2024/CVE-2024-422xx/CVE-2024-42246.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42246",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-07T16:15:47.297",
"lastModified": "2024-08-08T14:52:35.353",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T12:15:48.497",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -85,6 +85,14 @@
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/02ee1976edb21a96ce8e3fd4ef563f14cc16d041",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/5d8254e012996cee1a0f9cc920531cb7e4d9a011",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/626dfed5fa3bfb41e0dffd796032b555b69f9cde",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
@ -92,6 +100,14 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/934247ea65bc5eca8bdb7f8c0ddc15cef992a5d6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/bc790261218952635f846aaf90bcc0974f6f62c6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d6c686c01c5f12ff8f7264e0ddf71df6cb0d4414",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

97
CVE-2024/CVE-2024-423xx/CVE-2024-42373.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42373",
"sourceIdentifier": "cna@sap.com",
"published": "2024-08-13T05:15:13.800",
"lastModified": "2024-08-13T12:58:25.437",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:26:37.753",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -51,14 +71,77 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://me.sap.com/notes/3479293",
"source": "cna@sap.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:student_life_cycle_management:617:*:*:*:*:*:*:*",
"matchCriteriaId": "49D1564B-9F48-442C-B521-B79A982B6010"
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:student_life_cycle_management:618:*:*:*:*:*:*:*",
"matchCriteriaId": "9630E381-1579-4D71-B49D-1079A31E3A63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:student_life_cycle_management:802:*:*:*:*:*:*:*",
"matchCriteriaId": "B60BA131-5DA5-409F-806A-641A7BBB9D33"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:student_life_cycle_management:803:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE9F776-1B68-4ABA-850E-44DB58C2F616"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:student_life_cycle_management:804:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4A7443-E21B-4EAE-A4EC-E3B9A8908FBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:student_life_cycle_management:805:*:*:*:*:*:*:*",
"matchCriteriaId": "6025F055-0E0E-41A3-BE2D-95229710FB1D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:student_life_cycle_management:806:*:*:*:*:*:*:*",
"matchCriteriaId": "8C49CAC0-C207-4BC6-AE05-65645B54011C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:student_life_cycle_management:807:*:*:*:*:*:*:*",
"matchCriteriaId": "463C241E-928C-4FE8-993D-F09E6F4EEC69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:student_life_cycle_management:808:*:*:*:*:*:*:*",
"matchCriteriaId": "F34FAC4C-4E0A-4E80-8276-E7DA12EC5BF3"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3479293",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

77
CVE-2024/CVE-2024-423xx/CVE-2024-42375.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42375",
"sourceIdentifier": "cna@sap.com",
"published": "2024-08-13T04:15:10.567",
"lastModified": "2024-08-13T12:58:25.437",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:46:39.527",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -40,6 +60,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -51,14 +81,47 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://me.sap.com/notes/3433545",
"source": "cna@sap.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:business_objects_business_intelligence_platform:420:*:*:*:*:*:*:*",
"matchCriteriaId": "1F7F8064-45BC-4A01-897A-0A2893BBBEC0"
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:business_objects_business_intelligence_platform:430:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB0EFA3-8AD2-42F2-86E1-A62ECF8340E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:business_objects_business_intelligence_platform:440:*:*:*:*:*:*:*",
"matchCriteriaId": "AD397634-7D49-454E-9854-0A8212008655"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3433545",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

77
CVE-2024/CVE-2024-423xx/CVE-2024-42376.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42376",
"sourceIdentifier": "cna@sap.com",
"published": "2024-08-13T04:15:10.837",
"lastModified": "2024-08-13T12:58:25.437",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:43:27.507",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -51,14 +71,57 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://me.sap.com/notes/3474590",
"source": "cna@sap.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_702:*:*:*:*:*:*:*",
"matchCriteriaId": "5AC1EAA0-7B20-4B4C-9F7D-8F7832D91BCE"
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_731:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE56A04-ADDE-4A27-87CA-C801DFA5CD80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_746:*:*:*:*:*:*:*",
"matchCriteriaId": "36822481-BB89-421A-99D5-33854E6080B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_747:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA0ED8A-F75D-49DF-BD37-CD3273E2F8E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_748:*:*:*:*:*:*:*",
"matchCriteriaId": "6852223A-C675-4F29-92E4-90092DBDF11E"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3474590",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

77
CVE-2024/CVE-2024-423xx/CVE-2024-42377.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42377",
"sourceIdentifier": "cna@sap.com",
"published": "2024-08-13T04:15:11.290",
"lastModified": "2024-08-13T12:58:25.437",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-09-12T13:42:11.890",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -51,14 +71,57 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://me.sap.com/notes/3474590",
"source": "cna@sap.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_702:*:*:*:*:*:*:*",
"matchCriteriaId": "5AC1EAA0-7B20-4B4C-9F7D-8F7832D91BCE"
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_731:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE56A04-ADDE-4A27-87CA-C801DFA5CD80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_746:*:*:*:*:*:*:*",
"matchCriteriaId": "36822481-BB89-421A-99D5-33854E6080B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_747:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA0ED8A-F75D-49DF-BD37-CD3273E2F8E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:shared_service_framework:sap_bs_fnd_748:*:*:*:*:*:*:*",
"matchCriteriaId": "6852223A-C675-4F29-92E4-90092DBDF11E"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3474590",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2024/CVE-2024-427xx/CVE-2024-42760.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-42760",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-11T19:15:14.983",
"lastModified": "2024-09-11T19:15:14.983",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in Ellevo v.6.2.0.38160 allows a remote attacker to obtain sensitive information via the /api/mob/instrucao/conta/destinatarios component."
},
{
"lang": "es",
"value": "La vulnerabilidad de inyecci\u00f3n SQL en Ellevo v.6.2.0.38160 permite a un atacante remoto obtener informaci\u00f3n confidencial a trav\u00e9s del componente /api/mob/instrucao/conta/destinatarios."
}
],
"metrics": {},

18
CVE-2024/CVE-2024-438xx/CVE-2024-43835.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-43835",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-17T10:15:09.183",
"lastModified": "2024-09-08T08:15:12.870",
"lastModified": "2024-09-12T12:15:48.653",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -17,6 +17,10 @@
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/stable/c/19ac6f29bf64304ef04630c8ab56ecd2059d7aa1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/468a729b78895893d0e580ceea49bed8ada2a2bd",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
@ -25,6 +29,18 @@
"url": "https://git.kernel.org/stable/c/6b5325f2457521bbece29499970c0117a648c620",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/842a97b5e44f0c8a9fc356fe976e0e13ddcf7783",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cc7340f18e45886121c131227985d64ef666012f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/d3af435e8ace119e58d8e21d3d2d6a4e7c4a4baa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f5e9a22d19bb98a7e86034db85eb295e94187caa",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"

16
CVE-2024/CVE-2024-438xx/CVE-2024-43854.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43854",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-17T10:15:10.447",
"lastModified": "2024-08-22T18:12:28.620",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T12:15:49.423",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -92,6 +92,10 @@
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/129f95948a96105c1fad8e612c9097763e88ac5f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/23a19655fb56f241e592041156dfb1c6d04da644",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
@ -99,6 +103,10 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/3fd11fe4f20756b4c0847f755a64cd96f8c6a005",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/899ee2c3829c5ac14bfc7d3c4a5846c0b709b78f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
@ -106,6 +114,10 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/9f4af4cf08f9a0329ade3d938f55d2220c40d0a6",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/cf6b45ea7a8df0f61bded1dc4a8561ac6ad143d2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

16
CVE-2024/CVE-2024-438xx/CVE-2024-43892.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43892",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-26T11:15:04.157",
"lastModified": "2024-09-05T18:41:38.723",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T12:15:49.593",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -102,12 +102,24 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/56fd70f4aa8b82199dbe7e99366b1fd7a04d86fb",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/912736a0435ef40e6a4ae78197ccb5553cb80b05",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/9972605a238339b85bd16b084eed5f18414d22db",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/e6cc9ff2ac0b5df9f25eb790934c3104f6710278",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

8
CVE-2024/CVE-2024-438xx/CVE-2024-43897.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43897",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-26T11:15:04.437",
"lastModified": "2024-09-05T18:36:30.347",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T12:15:50.297",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -97,6 +97,10 @@
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/413e785a89f8bde0d4156a54b8ac2fa003c06756",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/6772c4868a8e7ad5305957cdb834ce881793acb7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

12
CVE-2024/CVE-2024-439xx/CVE-2024-43905.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-43905",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-26T11:15:04.897",
"lastModified": "2024-08-27T13:41:03.730",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-12T12:15:51.260",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -84,6 +84,14 @@
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/0fa11f9df96217c2785b040629ff1a16900fb51c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2ac9deb7e087f0b461c3559d9eaa6b9cf19d3fa8",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/2e538944996d0dd497faf8ee81f8bfcd3aca7d80",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",

8
CVE-2024/CVE-2024-445xx/CVE-2024-44541.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-44541",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-11T19:15:15.070",
"lastModified": "2024-09-11T21:35:09.840",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "evilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the \"username\" parameter in \"/?action=processlogin.\""
},
{
"lang": "es",
"value": "Las versiones v4 y anteriores de evilnapsis Inventio Lite son vulnerables a la inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro \"nombre de usuario\" en \"/?action=processlogin\"."
}
],
"metrics": {

8
CVE-2024/CVE-2024-445xx/CVE-2024-44570.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-44570",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-11T17:15:13.580",
"lastModified": "2024-09-11T21:35:10.697",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the getParams function in phpinf.php."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que RELY-PCIe v22.2.1 a v23.1.0 conten\u00eda una vulnerabilidad de inyecci\u00f3n de c\u00f3digo a trav\u00e9s de la funci\u00f3n getParams en phpinf.php."
}
],
"metrics": {

8
CVE-2024/CVE-2024-445xx/CVE-2024-44571.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-44571",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-11T17:15:13.630",
"lastModified": "2024-09-11T21:35:11.500",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService function at phpinf.php."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que RELY-PCIe v22.2.1 a v23.1.0 conten\u00eda un control de acceso incorrecto en la funci\u00f3n mService en phpinf.php."
}
],
"metrics": {

8
CVE-2024/CVE-2024-445xx/CVE-2024-44572.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-44572",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-11T17:15:13.677",
"lastModified": "2024-09-11T21:35:12.387",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_mgmt function."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que RELY-PCIe v22.2.1 a v23.1.0 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s de la funci\u00f3n sys_mgmt."
}
],
"metrics": {

8
CVE-2024/CVE-2024-445xx/CVE-2024-44573.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-44573",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-11T17:15:13.727",
"lastModified": "2024-09-11T17:15:13.727",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in the VLAN configuration of RELY-PCIe v22.2.1 to v23.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cross site scripting (XSS) almacenado en la configuraci\u00f3n de VLAN de RELY-PCIe v22.2.1 a v23.1.0 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado espec\u00edficamente."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-445xx/CVE-2024-44574.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-44574",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-11T17:15:13.770",
"lastModified": "2024-09-11T20:35:12.833",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_conf function."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que RELY-PCIe v22.2.1 a v23.1.0 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s de la funci\u00f3n sys_conf."
}
],
"metrics": {

8
CVE-2024/CVE-2024-445xx/CVE-2024-44575.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-44575",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-11T17:15:13.820",
"lastModified": "2024-09-11T17:15:13.820",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session."
},
{
"lang": "es",
"value": "RELY-PCIe v22.2.1 a v23.1.0 no establece el atributo Seguro para cookies confidenciales en sesiones HTTPS, lo que podr\u00eda provocar que el agente de usuario env\u00ede esas cookies en texto plano a trav\u00e9s de una sesi\u00f3n HTTP."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-445xx/CVE-2024-44577.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-44577",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-11T17:15:13.870",
"lastModified": "2024-09-11T20:35:13.697",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the time_date function."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que RELY-PCIe v22.2.1 a v23.1.0 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s de la funci\u00f3n time_date."
}
],
"metrics": {

10
CVE-2024/CVE-2024-449xx/CVE-2024-44974.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-44974",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-04T20:15:07.100",
"lastModified": "2024-09-08T08:15:13.053",
"lastModified": "2024-09-12T12:15:51.397",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -122,6 +122,14 @@
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/ddee5b4b6a1cc03c1e9921cf34382e094c2009f1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/f2c865e9e3ca44fc06b5f73b29a954775e4dbb38",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

12
CVE-2024/CVE-2024-450xx/CVE-2024-45009.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-45009",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-09-11T16:15:06.427",
"lastModified": "2024-09-11T16:26:11.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-09-12T12:15:52.183",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only decrement add_addr_accepted for MPJ req\n\nAdding the following warning ...\n\n WARN_ON_ONCE(msk->pm.add_addr_accepted == 0)\n\n... before decrementing the add_addr_accepted counter helped to find a\nbug when running the \"remove single subflow\" subtest from the\nmptcp_join.sh selftest.\n\nRemoving a 'subflow' endpoint will first trigger a RM_ADDR, then the\nsubflow closure. Before this patch, and upon the reception of the\nRM_ADDR, the other peer will then try to decrement this\nadd_addr_accepted. That's not correct because the attached subflows have\nnot been created upon the reception of an ADD_ADDR.\n\nA way to solve that is to decrement the counter only if the attached\nsubflow was an MP_JOIN to a remote id that was not 0, and initiated by\nthe host receiving the RM_ADDR."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: pm: solo decrementar add_addr_accepted para solicitud MPJ Agregar la siguiente advertencia ... WARN_ON_ONCE(msk->pm.add_addr_accepted == 0) ... antes de decrementar el contador add_addr_accepted ayud\u00f3 a encontrar un error al ejecutar la subprueba \"eliminar un solo subflujo\" de la autoprueba mptcp_join.sh. Eliminar un endpoint de 'subflujo' primero activar\u00e1 un RM_ADDR, luego el cierre del subflujo. Antes de este parche, y tras la recepci\u00f3n del RM_ADDR, el otro par intentar\u00e1 decrementar este add_addr_accepted. Eso no es correcto porque los subflujos adjuntos no se han creado tras la recepci\u00f3n de un ADD_ADDR. Una forma de resolver esto es disminuir el contador solo si el subflujo adjunto fue un MP_JOIN a una identificaci\u00f3n remota que no era 0, e iniciado por el host que recibi\u00f3 el RM_ADDR."
}
],
"metrics": {},
@ -21,6 +25,10 @@
"url": "https://git.kernel.org/stable/c/2060f1efab370b496c4903b840844ecaff324c3c",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/35b31f5549ede4070566b949781e83495906b43d",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
},
{
"url": "https://git.kernel.org/stable/c/85b866e4c4e63a1d7afb58f1e24273caad03d0b7",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"

8
CVE-2024/CVE-2024-456xx/CVE-2024-45624.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-45624",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-09-12T05:15:05.053",
"lastModified": "2024-09-12T05:15:05.053",
"vulnStatus": "Received",
"lastModified": "2024-09-12T12:35:54.013",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a database user accesses a query cache, table data unauthorized for the user may be retrieved."
},
{
"lang": "es",
"value": "Existe un problema de exposici\u00f3n de informaci\u00f3n confidencial debido a pol\u00edticas incompatibles en Pgpool-II. Si un usuario de la base de datos accede a un cach\u00e9 de consultas, es posible que se recuperen datos de tablas no autorizados para el usuario."
}
],
"metrics": {},

56
CVE-2024/CVE-2024-458xx/CVE-2024-45846.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45846",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:12.920",
"lastModified": "2024-09-12T13:15:12.920",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary code execution vulnerability exists in versions 23.10.3.0 up to 24.7.4.1 of the MindsDB platform, when the Weaviate integration is installed on the server. If a specially crafted \u2018SELECT WHERE\u2019 clause containing Python code is run against a database created with the Weaviate engine, the code will be passed to an eval function and executed on the server."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-95"
}
]
}
],
"references": [
{
"url": "https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb/",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
}
]
}

56
CVE-2024/CVE-2024-458xx/CVE-2024-45847.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45847",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:13.177",
"lastModified": "2024-09-12T13:15:13.177",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary code execution vulnerability exists in versions 23.11.4.2 up to 24.7.4.1 of the MindsDB platform, when one of several integrations is installed on the server. If a specially crafted \u2018UPDATE\u2019 query containing Python code is run against a database created with the specified integration engine, the code will be passed to an eval function and executed on the server."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-95"
}
]
}
],
"references": [
{
"url": "https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb/",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
}
]
}

56
CVE-2024/CVE-2024-458xx/CVE-2024-45848.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45848",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:13.437",
"lastModified": "2024-09-12T13:15:13.437",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of the MindsDB platform, when the ChromaDB integration is installed on the server. If a specially crafted \u2018INSERT\u2019 query containing Python code is run against a database created with the ChromaDB engine, the code will be passed to an eval function and executed on the server."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-95"
}
]
}
],
"references": [
{
"url": "https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb/",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
}
]
}

56
CVE-2024/CVE-2024-458xx/CVE-2024-45849.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45849",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:13.700",
"lastModified": "2024-09-12T13:15:13.700",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an \u2018INSERT\u2019 query can be used for list creation. If such a query is specially crafted to contain Python code and is run against the database, the code will be passed to an eval function and executed on the server."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-95"
}
]
}
],
"references": [
{
"url": "https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb/",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
}
]
}

56
CVE-2024/CVE-2024-458xx/CVE-2024-45850.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45850",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:13.933",
"lastModified": "2024-09-12T13:15:13.933",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an \u2018INSERT\u2019 query can be used for site column creation. If such a query is specially crafted to contain Python code and is run against the database, the code will be passed to an eval function and executed on the server."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-95"
}
]
}
],
"references": [
{
"url": "https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb/",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
}
]
}

56
CVE-2024/CVE-2024-458xx/CVE-2024-45851.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45851",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:14.170",
"lastModified": "2024-09-12T13:15:14.170",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an \u2018INSERT\u2019 query can be used for list item creation. If such a query is specially crafted to contain Python code and is run against the database, the code will be passed to an eval function and executed on the server."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-95"
}
]
}
],
"references": [
{
"url": "https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb/",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
}
]
}

56
CVE-2024/CVE-2024-458xx/CVE-2024-45852.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-45852",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-09-12T13:15:14.403",
"lastModified": "2024-09-12T13:15:14.403",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB platform, enabling a maliciously uploaded model to run arbitrary code on the server when interacted with."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://hiddenlayer.com/sai-security-advisory/2024-09-mindsdb/",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
}
]
}

Some files were not shown because too many files have changed in this diff Show More