Page 210 of 3412 results (0.017 seconds)

CVSS: 5.1EPSS: 0%CPEs: 10EXPL: 0

02 May 2016 — Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5 allow local users to cause a denial of service (disk corruption) by writing to a page that is associated with a different user's file after unsynchronized hole punching and page-fault handling. Múltiples condiciones de carrera en la implementación del sistema de archivos ext4 en el kernel de Linux en versiones anteriores a 4.5 permite a usuarios locales provocar una denegación de servicio (corrupción de disco) escr... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ea3d7209ca01da209cda6f0dea8be9cc4b7a933b • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

02 May 2016 — fs/namespace.c in the Linux kernel before 4.0.2 does not properly support mount connectivity, which allows local users to read arbitrary files by leveraging user-namespace root access for deletion of a file or directory. fs/namespace.c en el kernel de Linux en versiones anteriores a 4.0.2 no soporta correctamente conectividad de montaje, lo que permite a usuarios locales leer archivos arbitrarios aprovechando acceso root al espacio de nombres de usuario para eliminar un archivo o directorio. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e0c9c0afd2fc958ffa34b697972721d81df8a56f • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

02 May 2016 — The redirect_target function in net/ipv4/netfilter/ipt_REDIRECT.c in the Linux kernel before 2.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending packets to an interface that has a 0.0.0.0 IP address, a related issue to CVE-2015-8787. La función redirect_target en net/ipv4/netfilter/ipt_REDIRECT.c en el kernel de Linux en versiones anteriores a 2.6.0 permite a atacantes remotos to provocar una denegación de servicio (referencia a puntero NULL y OOPS) envi... • http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

02 May 2016 — The xsave/xrstor implementation in arch/x86/include/asm/xsave.h in the Linux kernel before 3.19.2 creates certain .altinstr_replacement pointers and consequently does not provide any protection against instruction faulting, which allows local users to cause a denial of service (panic) by triggering a fault, as demonstrated by an unaligned memory operand or a non-canonical address memory operand. La implementación de xsave/xrstor en arch/x86/include/asm/xsave.h en el kernel de Linux en versiones anteriores a... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=06c8173eb92bbfc03a0fe8bb64315857d0badd06 • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

02 May 2016 — The collect_mounts function in fs/namespace.c in the Linux kernel before 4.0.5 does not properly consider that it may execute after a path has been unmounted, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call. La función collect_mounts en fs/namespace.c en el kernel de Linux en versiones anteriores a 4.0.5 no considera correctamente que se pueda ejecutar después de que una ruta sea desmontada, lo que permite a ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cd4a40174b71acd021877341684d8bb1dc8ea4ae •

CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0

02 May 2016 — fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted network traffic. fs/nfs/nfs4proc.c en el cliente NFS en el kernel de Linux en versiones anteriores a 4.2.2 no inicializa memoria correctamente para operaciones de recuperación de migración, lo que permite a servidores NFS remotos provocar una denegación de servi... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=18e3b739fdc826481c6a1335ce0c5b19b3d415da • CWE-665: Improper Initialization •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

02 May 2016 — The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a crafted USB device, related to the ext4_fill_super function. La implementación de ext4 en el kernel de Linux en versiones anteriores a 2.6.34 no rastrea correctamente la inicalización de determinadas estructuras de datos, lo que permite a atacantes físicamente próxim... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=744692dc059845b2a3022119871846e74d4f6e11 • CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

02 May 2016 — The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data. La función atl2_probe en drivers/net/ethernet/atheros/atlx/atl2.c en el kernel de Linux hasta la versión 4.5.2 activa incorrectamente scatter/gather I/O, lo que permite a atacantes remotos obtener información sensible de la memoria del kernel leyendo datos de paque... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f43bfaeddc79effbf3d0fcb53ca477cca66f3db8 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.9EPSS: 0%CPEs: 13EXPL: 0

02 May 2016 — The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface. La función ims_pcu_parse_cdc_data en drivers/input/misc/ims-pcu.c en el kernel de Linux en versiones anteriores a 4.5.1 permite a atacantes físicamente próximos provocar una denegación de servicio (caída de sistema) a través de un dispositivo USB sin interfaz para un... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ad220c96692eda76b2e3fd7279f3dcd1d8a8ff •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

27 Apr 2016 — The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application. La función tm_reclaim_thread en arch/powerpc/kernel/process.c en el Kernel de Linux en versiones anteriores a 4.4.1 sobre plataformas powerpc no asegura que exista el modo TM suspend antes de ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142 • CWE-284: Improper Access Control CWE-772: Missing Release of Resource after Effective Lifetime •