CVSS: 8.3EPSS: 0%CPEs: 20EXPL: 0CVE-2018-14633 – kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target
https://notcve.org/view.php?id=CVE-2018-14633
25 Sep 2018 — A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system... • http://www.securityfocus.com/bid/105388 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-16597 – kernel: overlayfs file truncation without permissions
https://notcve.org/view.php?id=CVE-2018-16597
21 Sep 2018 — An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem. Se ha descubierto un problema en el kernel de Linux en versiones anteriores a la 4.8. La comprobación de acceso incorrecta de montajes de overlayfs podría ser empleada por los atacantes locales para modificar o truncar archivos en el sistema de archivos subyacente An issue was discovered in the Linux kernel where an i... • http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00033.html • CWE-862: Missing Authorization CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10853 – kernel: kvm: guest userspace to guest kernel write
https://notcve.org/view.php?id=CVE-2018-10853
11 Sep 2018 — A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest. Se ha encontrado un error en la forma en la que el hipervisor KVM del kernel de Linux en versiones anteriores a la 4.18 emulaba instrucciones como sgdt/sidt/fxsave/fxrstor. No comprobó el nivel d... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2018-16658 – kernel: Information leak in cdrom_ioctl_drive_status
https://notcve.org/view.php?id=CVE-2018-16658
07 Sep 2018 — An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940. Se ha descubierto un problema en el kernel de Linux hasta antes de la versión 4.18.6. Una fuga de información en cdrom_ioctl_drive_status en drivers/cdrom/cdrom.c podría ser empleada por atacantes locales para leer m... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f3fafc9c2f0ece10832c25f7ffcb07c97a32ad4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-6555
https://notcve.org/view.php?id=CVE-2018-6555
04 Sep 2018 — The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket. La función irda_setsockopt en net/irda/af_irda.c y siguientes en drivers/staging/irda/net/af_irda.c en el kernel de Linux en versiones anteriores a la 4.17 permite que usuarios locales provoquen una denegación de servicio (... • http://www.securityfocus.com/bid/105304 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-6554
https://notcve.org/view.php?id=CVE-2018-6554
04 Sep 2018 — Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket. Fuga de memoria en la función irda_bind en net/irda/af_irda.c y siguientes en drivers/staging/irda/net/af_irda.c en el kernel de Linux en versiones anteriores a la 4.17 permite que usuarios locales provoquen una denegación de servicio (consumo de memoria) enlaza... • http://www.securityfocus.com/bid/105302 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2018-16276
https://notcve.org/view.php?id=CVE-2018-16276
31 Aug 2018 — An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges. Se descubrió un problema en yurex_read en drivers/usb/misc/yurex.c en el kernel de Linux hasta la versión 4.17.7. Los atacantes locales pueden emplear lecturas/escrituras de acceso de usuario con una comprobación incorrecta de límites en el controlad... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f1e255d60ae66a9f672ff9a207ee6cd8e33d2679 • CWE-787: Out-of-bounds Write •
CVSS: 5.6EPSS: 0%CPEs: 7EXPL: 0CVE-2018-15594 – kernel: Mishandling of indirect calls weakens Spectre mitigation for paravirtual guests
https://notcve.org/view.php?id=CVE-2018-15594
20 Aug 2018 — arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests. arch/x86/kernel/paravirt.c en el kernel de Linux en versiones anteriores a la 4.18.1 maneja incorrectamente algunas llamadas indirectas, lo que hace que sea más fácil para los atacantes realizar ataques Spectre-v2 contra guests paravirtuales. It was found that paravirt_patch_call/jump() functions in the arch/x86/kernel/p... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5800dc5c19f34e6e03b5adab1282535cb102fafd • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2018-15572
https://notcve.org/view.php?id=CVE-2018-15572
20 Aug 2018 — The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks. La función spectre_v2_select_mitigation en arch/x86/kernel/cpu/bugs.c en el kernel de Linux en versiones anteriores a la 4.18.1 no siempre completa RSB en un cambio de contexto, lo que hace que sea más fácil para los atacantes realizar ataques spectreRSB espacio de usuar... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdf82a7856b32d905c39afc85e34364491e46346 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-7754
https://notcve.org/view.php?id=CVE-2018-7754
10 Aug 2018 — The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file. La función aoedisk_debugfs_show en drivers/block/aoe/aoeblk.c en el kernel de Linux hasta la versión 4.16.4rc4 permite que usuarios locales obtengan información sensible de direcciones mediante la lectura de líneas "ffree: " en un archivo debugfs. • https://elixir.bootlin.com/linux/v4.16-rc4/source/drivers/block/aoe/aoeblk.c#L421 • CWE-532: Insertion of Sensitive Information into Log File •