Open mend-for-github-com[bot] opened 1 year ago
mend-for-github-com[bot]
commented
11 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-for-github-com[bot]
commented
11 months ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Vulnerabilities
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2022-32745
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (2)
/release/src/router/samba-3.5.8/source4/dsdb/samdb/ldb_modules/samldb.c
/release/src/router/samba-3.5.8/source4/dsdb/samdb/ldb_modules/samldb.c
### Vulnerability DetailsA flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.
Publish Date: 2022-08-25
URL: CVE-2022-32745
### CVSS 3 Score Details (8.1)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.samba.org/samba/security/CVE-2022-32745.html
Release Date: 2022-06-10
Fix Resolution: samba-4.14.14,samba-4.15.9,samba-4.16.4
CVE-2022-3565
### Vulnerable Libraries - asuswrt-merlin380.70, asuswrt-merlin380.70
### Vulnerability DetailsA vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088.
Publish Date: 2022-10-17
URL: CVE-2022-3565
### CVSS 3 Score Details (7.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.linuxkernelcves.com/cves/CVE-2022-3565
Release Date: 2022-10-17
Fix Resolution: v4.9.331,v4.14.296,v4.19.262,v5.4.220,v5.10.150,v5.15.75,v6.0.3
CVE-2018-9516
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/hid/hid-debug.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/hid/hid-debug.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/hid/hid-debug.c
### Vulnerability DetailsIn hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-71361580.
Publish Date: 2018-11-06
URL: CVE-2018-9516
### CVSS 3 Score Details (7.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://source.android.com/security/bulletin/pixel/2018-09-01
Release Date: 2018-11-06
Fix Resolution: v4.18-rc5
CVE-2017-2619
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (2)
/release/src/router/samba-3.5.8/source4/torture/smb2/dir.c
/release/src/router/samba-3.5.8/source4/torture/smb2/dir.c
### Vulnerability DetailsSamba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
Publish Date: 2018-03-12
URL: CVE-2017-2619
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugs.alpinelinux.org//issues/7049
Release Date: 2018-03-12
Fix Resolution: 4.4.12,4.5.7,4.6.1
CVE-2022-32743
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
### Vulnerability DetailsSamba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
Publish Date: 2022-09-01
URL: CVE-2022-32743
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here.
CVE-2020-25720
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
### Vulnerability DetailsIn Samba, a user with sufficient privileges to create a computer account, such as a user granted CreateChild permissions for computer objects, may potentially set arbitrary values on security-sensitive attributes of specific objects stored in Active Directory (AD).
Publish Date: 2020-09-17
URL: CVE-2020-25720
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://security-tracker.debian.org/tracker/CVE-2020-25720
Release Date: 2020-09-17
Fix Resolution: ldb-2.7.0, tevent-0.14.0, samba-4.18.0, talloc-2.4.0, tdb-1.4.8
CVE-2020-10704
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (2)
/release/src/router/samba-3.5.8/source4/libcli/ldap/ldap_client.c
/release/src/router/samba-3.5.8/source4/libcli/ldap/ldap_client.c
### Vulnerability DetailsA flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.
Publish Date: 2020-05-06
URL: CVE-2020-10704
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12704
Release Date: 2020-05-06
Fix Resolution: 2020.2
CVE-2022-45142
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
### Vulnerability DetailsThe fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted.
Publish Date: 2023-03-06
URL: CVE-2022-45142
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here.
CVE-2013-2890
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/hid/hid-sony.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/hid/hid-sony.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/hid/hid-sony.c
### Vulnerability Detailsdrivers/hid/hid-sony.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SONY is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.
Publish Date: 2013-09-16
URL: CVE-2013-2890
### CVSS 3 Score Details (7.4)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2890
Release Date: 2013-09-16
Fix Resolution: v3.12-rc2
CVE-2014-3181
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/hid/hid-magicmouse.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/hid/hid-magicmouse.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/hid/hid-magicmouse.c
### Vulnerability DetailsMultiple stack-based buffer overflows in the magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with an event.
Publish Date: 2014-09-28
URL: CVE-2014-3181
### CVSS 3 Score Details (7.4)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3181
Release Date: 2014-09-28
Fix Resolution: v3.17-rc3
CVE-2016-2113
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (2)
/release/src/router/samba-3.5.8/source4/libcli/ldap/ldap_client.c
/release/src/router/samba-3.5.8/source4/libcli/ldap/ldap_client.c
### Vulnerability DetailsSamba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof LDAPS and HTTPS servers and obtain sensitive information via a crafted certificate.
Publish Date: 2016-04-25
URL: CVE-2016-2113
### CVSS 3 Score Details (7.4)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugs.alpinelinux.org//issues/5494
Release Date: 2016-04-25
Fix Resolution: 4.2.11,4.3.8,4.4.2
CVE-2019-12098
### Vulnerable Libraries - asuswrt-merlin380.70, asuswrt-merlin380.70
### Vulnerability DetailsIn the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.
Publish Date: 2019-05-15
URL: CVE-2019-12098
### CVSS 3 Score Details (7.4)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://gitlab.alpinelinux.org/alpine/aports/issues/10551
Release Date: 2019-05-15
Fix Resolution: 7.6.0
CVE-2014-3215
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/include/linux/security.h
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/include/linux/security.h
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/include/linux/security.h
### Vulnerability Detailsseunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.
Publish Date: 2014-05-08
URL: CVE-2014-3215
### CVSS 3 Score Details (7.4)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2014-3215
Release Date: 2014-05-08
Fix Resolution: kernel-doc - 2.6.32-504.16.2;kernel-abi-whitelists - 2.6.32-504.16.2;perf - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-debuginfo - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-debug-devel - 2.6.32-504.16.2,2.6.32-504.16.2;libcap-ng-devel - 0.7.5-4,0.7.5-4,0.7.5-4,0.7.5-4;perf-debuginfo - 2.6.32-504.16.2,2.6.32-504.16.2;libcap-ng-python - 0.7.5-4,0.7.5-4;libcap-ng - 0.7.5-4,0.7.5-4,0.7.5-4,0.7.5-4,0.7.5-4;kernel-debug-debuginfo - 2.6.32-504.16.2,2.6.32-504.16.2;libcap-ng-utils - 0.7.5-4,0.7.5-4;kernel-debug - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-devel - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-firmware - 2.6.32-504.16.2;kernel - 2.6.32-504.16.2,2.6.32-504.16.2,2.6.32-504.16.2,2.6.32-504.16.2;libcap-ng-debuginfo - 0.7.5-4,0.7.5-4;python-perf - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-debuginfo-common-i686 - 2.6.32-504.16.2;python-perf-debuginfo - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-headers - 2.6.32-504.16.2,2.6.32-504.16.2;kernel-debuginfo-common-x86_64 - 2.6.32-504.16.2
CVE-2022-37967
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (2)
/release/src/router/samba-3.5.8/source4/torture/rpc/remote_pac.c
/release/src/router/samba-3.5.8/source4/torture/rpc/remote_pac.c
### Vulnerability DetailsWindows Kerberos Elevation of Privilege Vulnerability
Publish Date: 2022-11-09
URL: CVE-2022-37967
### CVSS 3 Score Details (7.2)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: High - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Release Date: 2022-11-09
Fix Resolution: samba-4.17.4
CVE-2017-7533
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/include/linux/fsnotify.h
### Vulnerability DetailsRace condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.
Publish Date: 2017-08-05
URL: CVE-2017-7533
### CVSS 3 Score Details (7.0)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-7533
Release Date: 2017-08-05
Fix Resolution: kernel-headers - 3.10.0-327.61.3;kernel-rt-trace-devel - 3.10.0-693.2.1.rt56.620;kernel-rt-debug-kvm - 3.10.0-693.2.1.rt56.620;kernel-bootwrapper - 3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2;perf - 3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-514.32.2;kernel-debuginfo - 3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2;kernel-debug-devel - 3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2;kernel-tools-libs - 3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1;perf-debuginfo - 3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1;kernel-debug-debuginfo - 3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2;kernel-debug - 3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3;kernel-devel - 3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1;kernel - 3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-514.32.2,3.10.0-327.61.3;kernel-rt-debug-devel - 3.10.0-693.2.1.rt56.620;python-perf - 3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-327.61.3;kernel-rt-debug - 3.10.0-693.2.1.rt56.620;kernel-rt-devel - 3.10.0-693.2.1.rt56.620;kernel-tools - 3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-327.61.3;kernel-rt-trace-kvm - 3.10.0-693.2.1.rt56.620;kernel-tools-libs-devel - 3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-327.61.3,3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2;kernel-tools-debuginfo - 3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-327.61.3;kernel-rt-kvm - 3.10.0-693.2.1.rt56.620;python-perf-debuginfo - 3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3;kernel-headers - 3.10.0-693.1.1,3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-327.61.3,3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-514.32.2;kernel-rt-trace - 3.10.0-693.2.1.rt56.620;kernel-debuginfo-common-x86_64 - 3.10.0-693.1.1,3.10.0-514.32.2,3.10.0-327.61.3;kernel-rt - 3.10.0-693.2.1.rt56.620,3.10.0-693.2.1.rt56.620;kernel-doc - 3.10.0-514.32.2,3.10.0-693.1.1,3.10.0-327.61.3;kernel-abi-whitelists - 3.10.0-693.1.1,3.10.0-327.61.3,3.10.0-514.32.2
CVE-2022-21499
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/include/linux/security.h
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/include/linux/security.h
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/include/linux/security.h
### Vulnerability DetailsKGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
Publish Date: 2022-06-09
URL: CVE-2022-21499
### CVSS 3 Score Details (6.7)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: High - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.linuxkernelcves.com/cves/CVE-2022-21499
Release Date: 2022-06-09
Fix Resolution: v5.4.197,v5.10.119,v5.15.42,v5.17.10,v5.18.1,v5.19-rc1
CVE-2020-0431
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (3)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/hid/hid-input.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/hid/hid-input.c
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/hid/hid-input.c
### Vulnerability DetailsIn kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-144161459
Publish Date: 2020-09-17
URL: CVE-2020-0431
### CVSS 3 Score Details (6.7)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: High - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.linuxkernelcves.com/cves/CVE-2020-0431
Release Date: 2020-09-17
Fix Resolution: v3.16.83,4.4.210,v4.9.210,v4.14.165,v4.19.96,v5.4.12
CVE-2017-7273
### Vulnerable Library - asuswrt-merlin380.70Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
Library home page: https://github.com/RMerl/asuswrt-merlin.git
Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5
Found in base branch: master
### Vulnerable Source Files (1)
/release/src-rt-7.14.114.x/src/linux/linux-2.6.36/drivers/hid/hid-cypress.c
### Vulnerability DetailsThe cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.
Publish Date: 2017-03-27
URL: CVE-2017-7273
### CVSS 3 Score Details (6.6)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Physical - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-7273
Release Date: 2017-03-27
Fix Resolution: 4.9.4
CVE-2021-3670
### Vulnerable Libraries - asuswrt-merlin380.70, asuswrt-merlin380.70
### Vulnerability DetailsMaxQueryDuration not honoured in Samba AD DC LDAP
Publish Date: 2022-08-23
URL: CVE-2021-3670
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugzilla.samba.org/show_bug.cgi?id=14694
Release Date: 2021-07-30
Fix Resolution: samba-4.14.11,samba-4.15.3
CVE-2016-2111
### Vulnerable Libraries - asuswrt-merlin380.70, asuswrt-merlin380.70, asuswrt-merlin380.70, asuswrt-merlin380.70, asuswrt-merlin380.70, asuswrt-merlin380.70, asuswrt-merlin380.70
### Vulnerability DetailsThe NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, a related issue to CVE-2015-0005.
Publish Date: 2016-04-25
URL: CVE-2016-2111
### CVSS 3 Score Details (6.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugs.alpinelinux.org//issues/5494
Release Date: 2016-04-25
Fix Resolution: 4.2.11,4.3.8,4.4.2
CVE-2016-2110
### Vulnerable Libraries - asuswrt-merlin380.70, asuswrt-merlin380.70, asuswrt-merlin380.70, asuswrt-merlin380.70, asuswrt-merlin380.70, asuswrt-merlin380.70
### Vulnerability DetailsThe NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as demonstrated by clearing the NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN option to disrupt LDAP security.
Publish Date: 2016-04-25
URL: CVE-2016-2110
### CVSS 3 Score Details (5.9)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugs.alpinelinux.org//issues/5494
Release Date: 2016-04-25
Fix Resolution: 4.2.11,4.3.8,4.4.2
CVE-2016-2112
### Vulnerable Libraries - asuswrt-merlin380.70, asuswrt-merlin380.70, asuswrt-merlin380.70, asuswrt-merlin380.70
### Vulnerability DetailsThe bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying the client-server data stream.
Publish Date: 2016-04-25
URL: CVE-2016-2112
### CVSS 3 Score Details (5.9)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
Release Date: 2016-04-25
Fix Resolution: 4.2.11,4.3.8,4.4.2