CVE-2022-34918 : LINUX KERNEL UP TO 5.18.9 USER NAMESPACE NF_TABLES_API.C NFT_SET_ELEM_INIT TYPE CONFUSION

Description

An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.

References

https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e6bc1f6cabcd30aba0b11219d8e01b952eacbb6

https://lore.kernel.org/netfilter-devel/cd9428b6-7ffb-dd22-d949-d86f4869f452@randorisec.fr/T/#u

https://www.openwall.com/lists/oss-security/2022/07/02/3

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-37397 : YUGABYTEDB 2.6.1 LDAP AUTHENTICATION CONFIG

CVE-2022-37397 : YUGABYTEDB 2.6.1 LDAP AUTHENTICATION CONFIG

Description An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft’s Active Directory. When

CVE-2022-28750 : ZOOM ON-PREMISE MEETING CONNECTOR ZONE CONTROLLER PRIOR 4.8.20220419.112 STUN ERROR CODE STACK-BASED OVERFLOW

CVE-2022-28750 : ZOOM ON-PREMISE MEETING CONNECTOR ZONE CONTROLLER PRIOR 4.8.20220419.112 STUN ERROR CODE STACK-BASED OVERFLOW

Description Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can

CVE-2022-2756 : KAREADITA KAVITA UP TO 0.5.4.0 SERVER-SIDE REQUEST FORGERY

CVE-2022-2756 : KAREADITA KAVITA UP TO 0.5.4.0 SERVER-SIDE REQUEST FORGERY

Description Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1. References https://huntr.dev/bounties/95e7c181-9d80-4428-aebf-687ac55a9216 https://github.com/kareadita/kavita/commit/9c31f7e7c81b919923cb2e3857439ec0d16243e4 For More Information MITRE