CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2014-9888
https://notcve.org/view.php?id=CVE-2014-9888
06 Aug 2016 — arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 and Qualcomm internal bug CR642735. arch/arm/mm/dma-mapping.c en el kernel de Linux en versiones anteriores 3.13 en las plataformas ARM, como se utiliza en Android en versiones anteriores a 2016-08-05 en dispositiv... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ea1ec713f04bdfac343c9702b21cd3a7c711826 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6480 – kernel: scsi: aacraid: double fetch in ioctl_send_fib()
https://notcve.org/view.php?id=CVE-2016-6480
01 Aug 2016 — Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fetch" vulnerability. Condición de carrera en la función ioctl_send_fib en drivers/scsi/aacraid/commctrl.c en el kernel de Linux hasta la versión 4.7 permite a usuarios locales provocar una denegación de servicio (acceso fuera de rango o caída de sistema) cambiand... • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2014-9803
https://notcve.org/view.php?id=CVE-2014-9803
11 Jul 2016 — arch/arm64/include/asm/pgtable.h in the Linux kernel before 3.15-rc5-next-20140519, as used in Android before 2016-07-05 on Nexus 5X and 6P devices, mishandles execute-only pages, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28557020. arch/arm64/include/asm/pgtable.h en el kernel de Linux en versiones anteriores a 3.15-rc5-next-20140519, tal y como se utiliza en Android en versiones anteriores a 2016-07-05 en dispositivos Nexus 5X y 6P, no maneja correctament... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830 • CWE-19: Data Processing Errors •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6156 – Ubuntu Security Notice USN-3084-2
https://notcve.org/view.php?id=CVE-2016-6156
04 Jul 2016 — Race condition in the ec_device_ioctl_xcmd function in drivers/platform/chrome/cros_ec_dev.c in the Linux kernel before 4.7 allows local users to cause a denial of service (out-of-bounds array access) by changing a certain size value, aka a "double fetch" vulnerability. Condición de carrera en la función ec_device_ioctl_xcmd en drivers/platform/chrome/cros_ec_dev.c en el kernel de Linux en versiones anteriores a 4.7 permite a usuarios locales provocar una denegación de servicio (acceso al array fuera de ran... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096cdc6f52225835ff503f987a0d68ef770bb78e • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6136 – kernel: Race condition vulnerability in execve argv arguments
https://notcve.org/view.php?id=CVE-2016-6136
04 Jul 2016 — Race condition in the audit_log_single_execve_arg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerability. Condición de carrera en la función audit_log_single_execve_arg en kernel/auditsc.c en el kernel de Linux hasta la versión 4.7 permite a usuarios locales eludir restricciones de set de caracteres intencionados o interrumpir la auditoria de... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=43761473c254b45883a64441dd0bc85a42f3645c • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2016-6130 – Ubuntu Security Notice USN-3099-1
https://notcve.org/view.php?id=CVE-2016-6130
01 Jul 2016 — Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel before 4.6 allows local users to obtain sensitive information from kernel memory by changing a certain length value, aka a "double fetch" vulnerability. Condición de carrera en la función sclp_ctl_ioctl_sccb en drivers/s390/char/sclp_ctl.c en el kernel de Linux en versiones anteriores a 4.6 permite a usuarios locales obtener información sensible de la memoria del kernel cambiando un valor de longitud deter... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=532c34b5fbf1687df63b3fcd5b2846312ac943c6 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-3070 – kernel: Null pointer dereference in trace_writeback_dirty_page()
https://notcve.org/view.php?id=CVE-2016-3070
28 Jun 2016 — The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by triggering a certain page move. La implementación trace_writeback_dirty_page en include/trace/events/writeback.h en el kernel de Linux en versiones anteriores a 4.4 interactúa incorrectamente con mm/migrate.c, lo que... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=42cb14b110a5698ccf26ce59c4441722605a3743 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1237 – Ubuntu Security Notice USN-3070-1
https://notcve.org/view.php?id=CVE-2016-1237
28 Jun 2016 — nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, and nfs4acl.c. nfsd en el kernel de Linux hasta la versión 4.6.3 permite a usuarios locales eludir las restricciones destinadas al permiso de archivo ajustando una POSIX ACL relacionada con nfs2acl.c, nfs3acl.c y nfs4acl.c. A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=999653786df6954a31044528ac3f7a5dadca08f4 • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2016-5244 – Ubuntu Security Notice USN-3071-2
https://notcve.org/view.php?id=CVE-2016-5244
27 Jun 2016 — The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message. La función rds_inc_info_copy en net/rds/recv.c en el kernel de Linux hasta la versión 4.6.3 no inicializa un cierto miembro de estructura, lo que permite a atacantes remotos obtener información sensible de la memoria de pila del kernel leyendo un mensaje RDS. Kangjie... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2016-5829 – kernel: Heap buffer overflow in hiddev driver
https://notcve.org/view.php?id=CVE-2016-5829
27 Jun 2016 — Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call. Múltiples desbordamientos de buffer basado en memoria dinámica en la función hiddev_ioctl_usage en drivers/hid/usbhid/hiddev.c en el kernel de Linux hasta la versión 4.6.3 permiten a usuarios locales provocar una denegaci... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93a2001bdfd5376c3dc2158653034c20392d15c5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •