Auto-Update: 2024-10-25T20:00:18.737714+00:00

CVE-2021/CVE-2021-331xx/CVE-2021-33145.json

@@ -2,7 +2,7 @@
   "id": "CVE-2021-33145",
   "sourceIdentifier": "[email protected]",
   "published": "2024-02-23T21:15:09.410",
-  "lastModified": "2024-07-03T01:36:45.387",
+  "lastModified": "2024-10-25T19:35:00.780",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
@@ -49,16 +49,6 @@
           "value": "CWE-248"
         }
       ]
-    },
-    {
-      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
-      "type": "Secondary",
-      "description": [
-        {
-          "lang": "en",
-          "value": "CWE-248"
-        }
-      ]
     }
   ],
   "references": [

CVE-2022/CVE-2022-303xx/CVE-2022-30355.json

@@ -2,7 +2,7 @@
   "id": "CVE-2022-30355",
   "sourceIdentifier": "[email protected]",
   "published": "2024-10-25T16:15:08.733",
-  "lastModified": "2024-10-25T16:15:08.733",
+  "lastModified": "2024-10-25T19:35:01.173",
   "vulnStatus": "Received",
   "cveTags": [],
   "descriptions": [
@@ -11,7 +11,42 @@
       "value": "OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request to /profile/updateProfile via the userId and email parameters. Authentication is required."
     }
   ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-276"
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://cve.offsecguy.com/ovaledge/vulnerabilities/account-takeover#cve-2022-30355",

CVE-2022/CVE-2022-489xx/CVE-2022-48975.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-48975",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-10-21T20:15:09.597",
-  "lastModified": "2024-10-23T15:13:25.583",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2024-10-25T18:48:57.490",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -15,19 +15,129 @@
       "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: gpiolib: reparar p\u00e9rdida de memoria en gpiochip_setup_dev() Aqu\u00ed hay un informe de seguimiento sobre la p\u00e9rdida de memoria detectada en gpiochip_setup_dev(): objeto sin referencia 0xffff88810b406400 (tama\u00f1o 512): comm \"python3\", pid 1682, jiffies 4295346908 (edad 24.090s) seguimiento: kmalloc_trace device_add device_private_init en drivers/base/core.c:3361 (en l\u00ednea por) device_add en drivers/base/core.c:3411 cdev_device_add gpiolib_cdev_register gpiochip_setup_dev gpiochip_add_data_with_key gcdev_register() y gcdev_unregister() llamar\u00edan device_add() y device_del() (sin importar si CONFIG_GPIO_CDEV est\u00e1 habilitado o no) para registrar/anular el registro del dispositivo. Sin embargo, si device_add() tiene \u00e9xito, alg\u00fan recurso (como la estructura device_private asignada por device_private_init()) no es liberado por device_del(). Por lo tanto, despu\u00e9s de que device_add() tenga \u00e9xito por gcdev_register(), necesita llamar a put_device() para liberar el recurso en la ruta del controlador de error. Aqu\u00ed avanzamos el registro de la funci\u00f3n de liberaci\u00f3n y dejamos que libere cada pieza de recurso por put_device() en lugar de kfree(). Mientras lo hacemos, solucionamos otro problema sutil, es decir, cuando gc->ngpio es igual a 0, todav\u00eda llamamos a kcalloc() y, en caso de un error adicional, a kfree() en el puntero ZERO_PTR, que no es NULL. No es un error en s\u00ed, sino m\u00e1s bien un desperdicio de recursos y una expectativa potencialmente err\u00f3nea sobre el contenido de la variable gdev->descs."
     }
   ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "[email protected]",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "[email protected]",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-401"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "4.6",
+              "versionEndExcluding": "5.15.83",
+              "matchCriteriaId": "DF176C32-811C-421C-964D-E3513DD1789F"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "5.16",
+              "versionEndExcluding": "6.0.13",
+              "matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
+              "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
+              "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
+              "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
+              "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
+              "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
+              "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
+              "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*",
+              "matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://git.kernel.org/stable/c/371363716398ed718e389bea8c5e9843a79dde4e",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
+      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
+      "tags": [
+        "Patch"
+      ]
     },
     {
       "url": "https://git.kernel.org/stable/c/6daaa84b621485fe28c401be18debf92ae8ef04a",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
+      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
+      "tags": [
+        "Patch"
+      ]
     },
     {
       "url": "https://git.kernel.org/stable/c/ec851b23084b3a0af8bf0f5e51d33a8d678bdc49",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
+      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
+      "tags": [
+        "Patch"
+      ]
     }
   ]
 }

CVE-2022/CVE-2022-489xx/CVE-2022-48976.json

@@ -2,8 +2,8 @@
   "id": "CVE-2022-48976",
   "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   "published": "2024-10-21T20:15:09.680",
-  "lastModified": "2024-10-23T15:13:25.583",
-  "vulnStatus": "Awaiting Analysis",
+  "lastModified": "2024-10-25T18:47:40.823",
+  "vulnStatus": "Analyzed",
   "cveTags": [],
   "descriptions": [
     {
@@ -15,15 +15,115 @@
       "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: flowtable_offload: correcci\u00f3n al usar __this_cpu_add en preemptible flow_offload_queue_work() se puede llamar en workqueue sin bh deshabilitado, como el seguimiento de llamadas que mostr\u00f3 en mi prueba act_ct, llamar a NF_FLOW_TABLE_STAT_INC() all\u00ed causar\u00eda un seguimiento de llamadas: ERROR: usar __this_cpu_add() en preemptible [00000000] c\u00f3digo: kworker/u4:0/138560 el llamador es flow_offload_queue_work+0xec/0x1b0 [nf_flow_table] Workqueue: act_ct_workqueue tcf_ct_flow_table_cleanup_work [act_ct] Seguimiento de llamadas:  dump_stack_lvl+0x33/0x46 check_preemption_disabled+0xc3/0xf0 Este parche lo corrige al usar NF_FLOW_TABLE_STAT_INC_ATOMIC() en lugar de flow_offload_queue_work(). Tenga en cuenta que para la rama FLOW_CLS_REPLACE en flow_offload_queue_work(), es posible que no se la llame en una ruta preemptible, pero es bueno usar NF_FLOW_TABLE_STAT_INC_ATOMIC() para todos los casos en flow_offload_queue_work()."
     }
   ],
-  "metrics": {},
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "[email protected]",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
+          "attackVector": "LOCAL",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "NONE",
+          "availabilityImpact": "HIGH",
+          "baseScore": 5.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.8,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "[email protected]",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "NVD-CWE-noinfo"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
+              "versionStartIncluding": "5.15.157",
+              "versionEndExcluding": "6.0.13",
+              "matchCriteriaId": "3FC10E8F-D0FF-45C4-A8F5-7ABB6F91A19E"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*",
+              "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*",
+              "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
+              "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
+              "matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
+              "matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc6:*:*:*:*:*:*",
+              "matchCriteriaId": "B77A9280-37E6-49AD-B559-5B23A3B1DC3D"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc7:*:*:*:*:*:*",
+              "matchCriteriaId": "DE5298B3-04B4-4F3E-B186-01A58B5C75A6"
+            },
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc8:*:*:*:*:*:*",
+              "matchCriteriaId": "E9D7C49C-53E7-4B23-9AFE-DAC5A18B153A"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "url": "https://git.kernel.org/stable/c/a220a11fda012fba506b35929672374c2723ae6d",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
+      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
+      "tags": [
+        "Patch"
+      ]
     },
     {
       "url": "https://git.kernel.org/stable/c/a81047154e7ce4eb8769d5d21adcbc9693542a79",
-      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
+      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
+      "tags": [
+        "Patch"
+      ]
     }
   ]
 }