CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-14954 – Ubuntu Security Notice USN-3487-1
https://notcve.org/view.php?id=CVE-2017-14954
01 Oct 2017 — The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection mechanism, via a crafted system call. La implementación waitid en kernel/exit.c en el kernel de Linux hasta la versión 4.13.4 accede a estructuras de datos rusage en casos que no debería, lo que permite a los usuarios locales obtener información sensible y omitir el mecanismo de protección ... • https://github.com/echo-devim/exploit_linux_kernel4.13 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12154 – Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register
https://notcve.org/view.php?id=CVE-2017-12154
26 Sep 2017 — The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register. La función prepare_vmcs02 en arch/x86/kvm/vmx.c en el kernel de Linux hasta la versión 4.13.3 no asegura que los controles L0 vmcs02 "CR8-load exiting" y "CR8-store exiting" ex... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=51aa68e7d57e3217192d88ce90fd5b8ef29ec94f • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1000252 – kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ
https://notcve.org/view.php?id=CVE-2017-1000252
26 Sep 2017 — The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c. El subsistema KVM en el kernel de Linux hasta la versión 4.13.3 permite que los usuarios invitados del sistema operativo provoquen una denegación de servicio (fallo de aserción y bloqueo o cierre inesperado del hipervisor) mediante un valor guest_irq fuera de límite... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36ae3c0a36b7456432fedce38ae2f7bd3e01a563 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 10%CPEs: 37EXPL: 3CVE-2017-1000253 – Linux Kernel PIE Stack Buffer Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2017-1000253
26 Sep 2017 — Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE bi... • https://www.exploit-db.com/exploits/42887 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 0CVE-2017-12153 – Ubuntu Security Notice USN-3469-2
https://notcve.org/view.php?id=CVE-2017-12153
21 Sep 2017 — A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash. Se descubrió un fallo de seguridad en la función nl80211_set_rekey_data() en net/wireless/nl80211.c en el kernel de Linux hasta la versión 4.13.3. La... • http://seclists.org/oss-sec/2017/q3/437 • CWE-476: NULL Pointer Dereference •
CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12168
https://notcve.org/view.php?id=CVE-2017-12168
20 Sep 2017 — The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11 allows privileged KVM guest OS users to cause a denial of service (assertion failure and host OS crash) by accessing the Performance Monitors Cycle Count Register (PMCCNTR). La función access_pmu_evcntr en arch/arm64/kvm/sys_regs.c en el kernel Linux en versiones anteriores a la 4.8.11 permite que los usuarios KVM invitados del sistema operativo provoquen una denegación de servicio (fallo de aserción y cierre inesp... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9e3f7a29694049edd728e2400ab57ad7553e5aa9 • CWE-617: Reachable Assertion •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14340 – kernel: xfs: unprivileged user kernel oops
https://notcve.org/view.php?id=CVE-2017-14340
15 Sep 2017 — The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory. La macro XFS_IS_REALTIME_INODE en fs/xfs/xfs_linux.h en el kernel de Linux en versiones anteriores a la 4.13.2 no verifica que un sistema de archivos tenga un dispositivo realtime, lo que permite que usuarios loc... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b31ff3cdf540110da4572e3e29bd172087af65cc • CWE-391: Unchecked Error Condition CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2017-14489 – Linux Kernel < 4.14.rc3 - Local Denial of Service
https://notcve.org/view.php?id=CVE-2017-14489
15 Sep 2017 — The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation. La función iscsi_if_rx en drivers/scsi/scsi_transport_iscsi.c en el kernel de Linux hasta la versión 4.13.2 permite que usuarios locales provoquen una denegación de servicio (pánico) aprovechando que se realiza una validación de longitud incorrecta. Anthony Perard discovered that the Xen virtual block driver did ... • https://packetstorm.news/files/id/144476 • CWE-20: Improper Input Validation •
CVSS: 8.0EPSS: 16%CPEs: 43EXPL: 7CVE-2017-1000251 – Linux Kernel < 4.13.1 - BlueTooth Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2017-1000251
12 Sep 2017 — The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space. La pila Bluetooth nativa en el Kernel Linux (BlueZ), comenzando por la versión 2.6.32 del kernel de Linux y hasta, e incluyendo, la versión 4.13.1, es vulnerable a un desbordamiento de pila durante el procesado de las respuestas... • https://packetstorm.news/files/id/144307 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14156 – Ubuntu Security Notice USN-3469-2
https://notcve.org/view.php?id=CVE-2017-14156
05 Sep 2017 — The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the Linux kernel through 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading locations associated with padding bytes. La función atyfb_ioctl en drivers/video/fbdev/aty/atyfb_base.c en las versiones de Linux kernel hasta la 4.12.10 no inicializa una estructura de datos específica. Esto permite a los usuarios locales obtener información sensible de ... • http://www.debian.org/security/2017/dsa-3981 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •