The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2020-27823 | A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | MEDIUM | Jan 20, 2021 | 10.19.45.16 (Wind River Linux LTS 19) |
| CVE-2020-27824 | A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability. | MEDIUM | Jan 20, 2021 | 10.19.45.16 (Wind River Linux LTS 19) |
| CVE-2020-27843 | A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, causing an out-of-bounds read. The highest threat from this vulnerability is system availability. | HIGH | Jan 8, 2021 | 10.19.45.15 (Wind River Linux LTS 19) |
| CVE-2023-5366 | A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses. | -- | Oct 6, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-4233 | A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. | -- | Apr 18, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-4234 | A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_submit_report(). | -- | Apr 18, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2021-20305 | A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability. | HIGH | Apr 5, 2021 | 10.19.45.17 (Wind River Linux LTS 19) |
| CVE-2020-25668 | A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. | MEDIUM | Nov 12, 2020 | 10.19.45.15 (Wind River Linux LTS 19) |
| CVE-2022-4883 | A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH environment variable. | -- | Jan 18, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2022-44617 | A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library. | -- | Jan 18, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2022-46285 | A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library. | -- | Jan 18, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2021-3541 | A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service. | MEDIUM | May 14, 2021 | 10.19.45.18 (Wind River Linux LTS 19) |
| CVE-2021-3631 | A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs\' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity. | LOW | Jul 2, 2021 | 10.19.45.19 (Wind River Linux LTS 19) |
| CVE-2020-35521 | A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service. | MEDIUM | Mar 12, 2021 | 10.19.45.17 (Wind River Linux LTS 19) |
| CVE-2023-3618 | A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service. | -- | Jul 12, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2022-2520 | A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input. | -- | Aug 31, 2022 | 10.19.45.27 (Wind River Linux LTS 19) |
| CVE-2020-14352 | A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on the targeted system via path traversal. This flaw could potentially result in system compromise via the overwriting of critical system files. The highest threat from this flaw is to users that make use of untrusted third-party repositories. | HIGH | Aug 30, 2020 | 10.19.45.12 (Wind River Linux LTS 19) |
| CVE-2021-3445 | A flaw was found in libdnf\'s signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability is to confidentiality, integrity, as well as system availability. | MEDIUM | Mar 22, 2021 | 10.19.45.17 (Wind River Linux LTS 19) |
| CVE-2022-1158 | A flaw was found in KVM. When updating a guest\'s page table entry, vm_pgoff was improperly used as the offset to get the page\'s pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition. | -- | Apr 10, 2022 | 10.19.45.24 (Wind River Linux LTS 19) |
| CVE-2023-1513 | A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak. | -- | Mar 24, 2023 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2020-10713 | A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | MEDIUM | Jul 31, 2020 | 10.19.45.17 (Wind River Linux LTS 19) |
| CVE-2020-27749 | A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | HIGH | Mar 3, 2021 | 10.19.45.17 (Wind River Linux LTS 19) |
| CVE-2020-25632 | A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | HIGH | Mar 3, 2021 | 10.19.45.17 (Wind River Linux LTS 19) |
| CVE-2021-20225 | A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | HIGH | Mar 3, 2021 | 10.19.45.17 (Wind River Linux LTS 19) |
| CVE-2020-27779 | A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub\'s memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | MEDIUM | Mar 3, 2021 | 10.19.45.17 (Wind River Linux LTS 19) |
| CVE-2021-20233 | A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | HIGH | Mar 3, 2021 | 10.19.45.17 (Wind River Linux LTS 19) |
| CVE-2020-25647 | A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | HIGH | Mar 3, 2021 | 10.19.45.17 (Wind River Linux LTS 19) |
| CVE-2020-14372 | A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability. | MEDIUM | Mar 3, 2021 | 10.19.45.17 (Wind River Linux LTS 19) |
| CVE-2021-20232 | A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences. | HIGH | Mar 12, 2021 | 10.19.45.17 (Wind River Linux LTS 19) |
| CVE-2021-3999 | A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system. | -- | Jan 13, 2022 | 10.19.45.22 (Wind River Linux LTS 19) |
| CVE-2023-32643 | A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665. | -- | Jun 6, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-32665 | A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service. | -- | Jun 6, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-32611 | A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service. | -- | Jun 6, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-29499 | A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service. | -- | Jun 6, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-32636 | A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499. | -- | Jun 6, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2021-3800 | A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition. | -- | Aug 23, 2022 | 10.19.45.26 (Wind River Linux LTS 19) |
| CVE-2022-41861 | A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash. | -- | Dec 8, 2022 | 10.19.45.28 (Wind River Linux LTS 19) |
| CVE-2020-14375 | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | MEDIUM | Oct 8, 2020 | 10.19.45.13 (Wind River Linux LTS 19) |
| CVE-2020-14376 | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying iv_data from the VM guest memory into host memory can lead to a large buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | HIGH | Oct 8, 2020 | 10.19.45.13 (Wind River Linux LTS 19) |
| CVE-2020-14374 | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | HIGH | Oct 8, 2020 | 10.19.45.13 (Wind River Linux LTS 19) |
| CVE-2020-14377 | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A complete lack of validation of attacker-controlled parameters can lead to a buffer over read. The results of the over read are then written back to the guest virtual machine memory. This vulnerability can be used by an attacker in a virtual machine to read significant amounts of host memory. The highest threat from this vulnerability is to data confidentiality and system availability. | LOW | Oct 7, 2020 | 10.19.45.13 (Wind River Linux LTS 19) |
| CVE-2021-3448 | A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity. | MEDIUM | Mar 18, 2021 | 10.19.45.17 (Wind River Linux LTS 19) |
| CVE-2020-25686 | A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the Birthday Attacks section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. | MEDIUM | Jan 20, 2021 | 10.19.45.16 (Wind River Linux LTS 19) |
| CVE-2020-25684 | A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially reducing the number of attempts an attacker on the network would have to perform to forge a reply and get it accepted by dnsmasq. This issue contrasts with RFC5452, which specifies a query\'s attributes that all must be used to match a reply. This flaw allows an attacker to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25685 or CVE-2020-25686, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. | MEDIUM | Jan 20, 2021 | 10.19.45.16 (Wind River Linux LTS 19) |
| CVE-2020-25685 | A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to find several different domains all having the same hash, substantially reducing the number of attempts they would have to perform to forge a reply and get it accepted by dnsmasq. This is in contrast with RFC5452, which specifies that the query name is one of the attributes of a query that must be used to match a reply. This flaw could be abused to perform a DNS Cache Poisoning attack. If chained with CVE-2020-25684 the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. | MEDIUM | Jan 20, 2021 | 10.19.45.16 (Wind River Linux LTS 19) |
| CVE-2020-25681 | A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to cause a buffer overflow with arbitrary data in a heap memory segment, possibly executing code on the machine. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | HIGH | Jan 20, 2021 | 10.19.45.16 (Wind River Linux LTS 19) |
| CVE-2020-25687 | A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | HIGH | Jan 20, 2021 | 10.19.45.16 (Wind River Linux LTS 19) |
| CVE-2020-25683 | A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | HIGH | Jan 20, 2021 | 10.19.45.16 (Wind River Linux LTS 19) |
| CVE-2020-25682 | A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an overflow with arbitrary data in a heap-allocated memory, possibly executing code on the machine. The flaw is in the rfc1035.c:extract_name() function, which writes data to the memory pointed by name assuming MAXDNAME*2 bytes are available in the buffer. However, in some code execution paths, it is possible extract_name() gets passed an offset from the base buffer, thus reducing, in practice, the number of available bytes that can be written in the buffer. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | HIGH | Jan 20, 2021 | 10.19.45.16 (Wind River Linux LTS 19) |
| CVE-2020-25678 | A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible. | MEDIUM | Jan 8, 2021 | 10.19.45.16 (Wind River Linux LTS 19) |
