PT-2022-36134 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.80 Description: A potential security issue exists due to inconsistent minimal MTU enforcement in macvlan. The actual impact and attack plausibility have not yet been proven. It was introduced in version...

virt-v2v security, bug fix, and enhancement update

2.0.7-6.0.1 - Replaced bugzilla.oracle.com references Orabug: 34202300 - replaced upstream references Orabug:34089586 1:2.0.7-6 - Install qemu-ga package during conversion resolves: rhbz2028764 1:2.0.7-5 - Remove LVM2 devices file during conversion resolves: rhbz2112801 - Add support for Zstandar...

kernel: tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd

In the Linux kernel, the following vulnerability has been resolved: tcp: fix tcpmtupprobesuccess vs wrong sndcwnd syzbot got a new report 1 finally pointing to a very old bug, added in initial support for MTU probing. tcpmtuprobe has checks about starting an MTU probe if tcpsndcwndtp = 11. But...

GO-2022-1098 Denial of service in message decoding in github.com/btcsuite/btcd

Erroneous message decoding can cause denial of service. Improper checking of maximum witness size during node message decoding prevented nodes in Lightning Labs lnd before 0.15.2-beta to sync...

expat: Integer overflow in storeRawNames()

An integer overflow was found in expat. The issue occurs in storeRawNames by abusing the mbuffer expansion logic to allow allocations very close to INTMAX and out-of-bounds heap writes. This flaw can cause a denial of service or potentially arbitrary code execution...

Filling all auction slots to win the auction

Lines of code Vulnerability details Vulnerability details Description The number of bids for one auction is limited to 1000. It means that someone may make all 1000 bids and thus invalidate all other bids. Therefore, a malicious user can win the auction with the minimum possible bid. It may seem...

PT-2022-28261 · Ckb · Ckb

Name of the Vulnerable Software and Affected Versions: ckb version 0.101.2 Description: The issue arises when the max cycles is insufficient, causing ScriptError::ExceededMaximumCycles to be raised directly instead of suspending as expected. This occurs randomly due to the random execution order ...

UBUNTU-CVE-2022-42314

Xenstore: guests can let run xenstored out of memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service...

Xenstore: Guests can crash xenstored

ISSUE DESCRIPTION Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. Entering the error path can be controlled by the...

PT-2022-7331 · Xen +1 · Xenstore +1

Name of the Vulnerable Software and Affected Versions: Xenstore affected versions not specified Description: The issue is related to uncontrolled resource allocation in the Xenstore storage of the Xen hypervisor. Exploitation can lead to a denial of service DoS of xenstored. Malicious guests can...

PT-2022-7321 · Xenstore +1 · Xenstore +1

Name of the Vulnerable Software and Affected Versions: Xenstore affected versions not specified Description: The issue is related to the uncontrolled allocation of resources in Xenstore, which can lead to a Denial of Service DoS of xenstored. Malicious guests can cause xenstored to allocate large...

Arbitrary user can prevent withdrawals on any users through liquidation

Lines of code Vulnerability details Impact The function liquidate is a public function that handles the repayment of debt and provides a reward for users who call this function. Any user can be liquidated if they have debt outstanding. A user incurs debt if they borrow from the market, based on a...

DEBIAN-CVE-2022-3616

Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to Donika Mirdita and Haya Shulman - Fraunhofer...

UBUNTU-CVE-2022-3616

Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to Donika Mirdita and Haya Shulman - Fraunhofer...

CVE-2022-3616 OctoRPKI crash when maximum iterations number is reached

Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to Donika Mirdita and Haya Shulman - Fraunhofer...

PT-2022-23238 · Octorpki +1 · Octorpki +1

Name of the Vulnerable Software and Affected Versions: OctoRPKI versions prior to 1.4.4 Description: Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter, causing the program to crash and preventing it from finishing the validation, resulting ...

expat: Integer overflow in storeRawNames()

An integer overflow was found in expat. The issue occurs in storeRawNames by abusing the mbuffer expansion logic to allow allocations very close to INTMAX and out-of-bounds heap writes. This flaw can cause a denial of service or potentially arbitrary code execution...

The requestRandomSeed() function can be manipulated

Lines of code Vulnerability details Impact The task of the requestRandomSeed function works in ArtGobblers.sol for Request a new random seed from ChainlinkV1. There is a working rule: Can only be called every 24 hours at the earliest To make the requestRandomSeed function run every 24 hours; The...

PT-2022-7366 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a possible overflow in the amu fie setup function. The cpufreq get hw max freq function returns the maximum frequency in kHz as an unsigned int, while the freq...

Attacker can force AuctionCrowdfunds to bid their entire contribution up to maxBid

Lines of code Vulnerability details Description AuctionCrowdfund's bid allows any user to compete on an auction on the party's behalf. The code in bid forbids placing a bid if party is already winning the auction: if market.getCurrentHighestBidderauctionId == addressthis revert...