Opensuse Leap vulnerabilities

CVE-2020-0432 [HIGH] CWE-190 CVE-2020-0432: In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-143560807

CVE-2020-0431 [MEDIUM] CWE-787 CVE-2020-0431: In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-144161459

CVE-2019-20919 [MEDIUM] CWE-476 CVE-2019-20919: An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requir An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.

CVE-2020-0427 [MEDIUM] CWE-125 CVE-2020-0427: In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This co In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-140550171

CVE-2020-25040 [HIGH] CVE-2020-25040: Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build operations, a different vulnerability than CVE-2020-25039.

CVE-2020-14386 [HIGH] CWE-250 CVE-2020-14386: A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

CVE-2020-14393 [HIGH] CWE-121 CVE-2020-14393: A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.

CVE-2020-25039 [HIGH] CWE-668 CVE-2020-25039: Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fak Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution.

CVE-2020-14392 [MEDIUM] CWE-822 CVE-2020-14392: An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability.

CVE-2020-8927 [MEDIUM] CWE-130 CVE-2020-8927: A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recomm

CVE-2020-25284 [MEDIUM] CWE-863 CVE-2020-25284: The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.

CVE-2020-6097 [HIGH] CWE-617 CVE-2020-6097: An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0. An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability.

CVE-2020-25219 [HIGH] CWE-674 CVE-2020-25219: url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger unc url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.

CVE-2020-25212 [HIGH] CWE-367 CVE-2020-25212: A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local att A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452.

CVE-2020-14342 [HIGH] CWE-77 CVE-2020-14342: It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, wh It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo rules, could use this flaw to escalate their privileges.

CVE-2019-20916 [HIGH] CWE-22 CVE-2019-20916: The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in _internal/download.py.

CVE-2020-24659 [HIGH] CWE-476 CVE-2020-24659: An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake f

CVE-2020-24977 [MEDIUM] CWE-125 CVE-2020-24977: GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesIntern GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.

CVE-2020-15811 [MEDIUM] CWE-697 CVE-2020-15811: An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the browser cache and any downstream caches with content

CVE-2020-24553 [MEDIUM] CWE-79 CVE-2020-24553: Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI h Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.