CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8658 – Ubuntu Security Notice USN-3161-4
https://notcve.org/view.php?id=CVE-2016-8658
16 Oct 2016 — Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket. Desbordamiento de búfer basado en pila en la función brcmf_cfg80211_start_ap en drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c en el kernel de Linux en versione... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ded89912156b1a47d940a0c954c43afbabd0c42c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7042 – kernel: Stack corruption while reading /proc/keys when gcc stack protector is enabled
https://notcve.org/view.php?id=CVE-2016-7042
16 Oct 2016 — The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file. La función proc_keys_show en security/keys/proc.c en el kernel de Linux hasta la versión 4.8.2, cuando el protector de pila GNU Compiler Collection (gcc) está habilitado, utiliza u... • http://rhn.redhat.com/errata/RHSA-2017-0817.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7097 – kernel: Setting a POSIX ACL via setxattr doesn't clear the setgid bit
https://notcve.org/view.php?id=CVE-2016-7097
16 Oct 2016 — The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. La implementación del sistema de archivos en el kernel de Linux hasta la versión 4.8.2 preserva el bit setgid durante una llamada setxattr, lo que permite a usuarios locales obtener privilegios de grupo aprovechando la existencia de un programa setgid con res... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073931017b49d9458aa351605b43a7e34598caef • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8660
https://notcve.org/view.php?id=CVE-2016-8660
16 Oct 2016 — The XFS subsystem in the Linux kernel through 4.8.2 allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the trinity program, related to a "page lock order bug in the XFS seek hole/data implementation." El subsistema XFS en el kernel de Linux hasta la versión 4.8.2 permite a usuarios locales provocar una denegación de servicio (fallo fdatasync y cuelgue del sistema) usando el grupo de llamada al sistema vfs en el programa trinity, relacionado ... • http://www.openwall.com/lists/oss-security/2016/10/13/8 • CWE-19: Data Processing Errors •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2015-8956 – kernel: NULL dereference in RFCOMM bind callback
https://notcve.org/view.php?id=CVE-2015-8956
10 Oct 2016 — The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket. La función rfcomm_sock_bind en net/bluetooth/rfcomm/sock.c en el kernel de Linux en versiones anteriores a 4.2 permite a usuarios locales obtener información sensible o provocar una denegación de servicio (referencia a puntero NULL) a través ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=951b6a0717db97ce420547222647bcc40bf1eacd • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8950
https://notcve.org/view.php?id=CVE-2015-8950
10 Oct 2016 — arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call. arch/arm64/mm/dma-mapping.c en el kernel de Linux en versiones anteriores a 4.0.3, como es usado en el subsistema ION en Android y otros productos, no inicializa ciertas estructuras de datos, lo que permite a usuarios locales obtener info... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0CVE-2015-8955 – Ubuntu Security Notice USN-3360-1
https://notcve.org/view.php?id=CVE-2015-8955
10 Oct 2016 — arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW PMUs. arch/arm64/kernel/perf_event.c en el kernel de Linux en versiones anteriores a 4.1 en plataformas arm64 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (puntero de referencia no valido) a través de vectores relaci... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8fff105e13041e49b82f92eef034f363a6b1c071 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 3CVE-2016-6828 – Linux Kernel - TCP Related Read Use-After-Free
https://notcve.org/view.php?id=CVE-2016-6828
06 Sep 2016 — The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option. La función tcp_check_send_head en include/net/tcp.h en el kernel de Linux en versiones anteriores a 4.7.5 no mantiene adecuadamente cierto estado SACK tras una copia de datos fallida, lo que permite a usuarios lo... • https://packetstorm.news/files/id/139642 • CWE-416: Use After Free •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5400 – Ubuntu Security Notice USN-3070-1
https://notcve.org/view.php?id=CVE-2016-5400
06 Aug 2016 — Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumption) via a crafted USB device that emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV devices and performs many connect and disconnect operations. Pérdida de memoria en la función airspy_probe en drivers/media/usb/airspy/airspy.c en el controlador USB airspy en el kernel de Linux en versiones anteriores a 4.7 permite ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa93d1fee85c890a34f2510a310e55ee76a27848 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-6197 – kernel: overlayfs: missing upper dentry verification before unlink and rename
https://notcve.org/view.php?id=CVE-2016-6197
06 Aug 2016 — fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink. fs/overlayfs/dir.c en la implementación del sistema de archivos OverlayFS en el kernel de Linux en versiones anteriores a 4.6 no verifica adecuadamente la dentry superior antes de proced... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185 • CWE-20: Improper Input Validation CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •