libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation. — CVE-2022-27781

Zusammenfassung

Sicherheitshinweis CVE-2022-27781. libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate… Hersteller: Microsoft. Quelle: MSRC. Risiko: high. CVSS 7.5. Details in…

Was tun?

Allgemeine, vorsichtige Schritte (bitte prüfe die offizielle Quelle für Details):

• Priorisiere sofort Patches oder Mitigations (hohes akutes Risiko).
• Identifiziere betroffene Produktversionen und prüfe, ob du betroffen bist.
• Spiele Hersteller-Updates/Patches ein oder setze empfohlene Mitigations um.
• Lies das offizielle Advisory für betroffene Versionen und konkrete Schritte.

Offizielles Advisory

Zur offiziellen Quelle

Mehr dazu

• A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request. CVE-2022-23712
• A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially CVE-2022-1943
• A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file. CVE-2021-40633
• A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system. CVE-2022-1998
• A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`. CVE-2022-27778
• An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. CVE-2022-27775
• An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers. CVE-2022-32981
• AV1 Video Extension Remote Code Execution Vulnerability CVE-2022-30167
• AV1 Video Extension Remote Code Execution Vulnerability CVE-2022-30193
• Azure RTOS GUIX Studio Information Disclosure Vulnerability CVE-2022-30180
• Azure RTOS GUIX Studio Remote Code Execution Vulnerability CVE-2022-30177
• Azure RTOS GUIX Studio Remote Code Execution Vulnerability CVE-2022-30178