CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14340 – kernel: xfs: unprivileged user kernel oops
https://notcve.org/view.php?id=CVE-2017-14340
15 Sep 2017 — The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory. La macro XFS_IS_REALTIME_INODE en fs/xfs/xfs_linux.h en el kernel de Linux en versiones anteriores a la 4.13.2 no verifica que un sistema de archivos tenga un dispositivo realtime, lo que permite que usuarios loc... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b31ff3cdf540110da4572e3e29bd172087af65cc • CWE-391: Unchecked Error Condition CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2017-14489 – Linux Kernel < 4.14.rc3 - Local Denial of Service
https://notcve.org/view.php?id=CVE-2017-14489
15 Sep 2017 — The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation. La función iscsi_if_rx en drivers/scsi/scsi_transport_iscsi.c en el kernel de Linux hasta la versión 4.13.2 permite que usuarios locales provoquen una denegación de servicio (pánico) aprovechando que se realiza una validación de longitud incorrecta. Anthony Perard discovered that the Xen virtual block driver did ... • https://packetstorm.news/files/id/144476 • CWE-20: Improper Input Validation •
CVSS: 8.0EPSS: 16%CPEs: 43EXPL: 7CVE-2017-1000251 – Linux Kernel < 4.13.1 - BlueTooth Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2017-1000251
12 Sep 2017 — The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space. La pila Bluetooth nativa en el Kernel Linux (BlueZ), comenzando por la versión 2.6.32 del kernel de Linux y hasta, e incluyendo, la versión 4.13.1, es vulnerable a un desbordamiento de pila durante el procesado de las respuestas... • https://packetstorm.news/files/id/144307 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14156 – Ubuntu Security Notice USN-3469-2
https://notcve.org/view.php?id=CVE-2017-14156
05 Sep 2017 — The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the Linux kernel through 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading locations associated with padding bytes. La función atyfb_ioctl en drivers/video/fbdev/aty/atyfb_base.c en las versiones de Linux kernel hasta la 4.12.10 no inicializa una estructura de datos específica. Esto permite a los usuarios locales obtener información sensible de ... • http://www.debian.org/security/2017/dsa-3981 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14140 – kernel: Missing permission check in move_pages system call
https://notcve.org/view.php?id=CVE-2017-14140
05 Sep 2017 — The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR. La llamada al sistema move_pages en mm/migrate.c en versiones anteriores a la 4.12.9 del kernel Linux no verifica correctamente el id de usuario del proceso objetivo. Esto permite que un atacante local aprenda la distribución de la memoria de un ejecutable setuid a pesar de la ASLR. The mo... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=197e7e521384a23b9e585178f3f11c9fa08274b9 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14106 – kernel: Divide-by-zero in __tcp_select_window
https://notcve.org/view.php?id=CVE-2017-14106
01 Sep 2017 — The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path. La función tcp_disconnect en net/ipv4/tcp.c en el kernel de Linux en versiones anteriores a la 4.12 permite que usuarios locales provoquen una denegación de servicio allows local users to cause a denial of service (error __tcp_select_window de división por ce... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=499350a5a6e7512d9ed369ed63a4244b6536f4f8 • CWE-369: Divide By Zero •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14051 – Ubuntu Security Notice USN-3469-2
https://notcve.org/view.php?id=CVE-2017-14051
31 Aug 2017 — An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access. Un desbordamiento de enteros en la función qla2x00_sysfs_write_optrom_ctl en drivers/scsi/qla2xxx/qla_attr.c en el kernel de Linux hasta la versión 4.12.10 permite que los usuarios locales provoquen una denegación de servicio (corrupción de memoria y fallo de si... • http://www.securityfocus.com/bid/100571 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13695 – Ubuntu Security Notice USN-3696-2
https://notcve.org/view.php?id=CVE-2017-13695
25 Aug 2017 — The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table. La función acpi_ns_evaluate() en drivers/acpi/acpica/nseval.c en el kernel Linux en su versión 4.12.9 no vacía la caché operativa y provoca un volcado de pila de kernel, lo que... • http://www.securityfocus.com/bid/100497 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13694
https://notcve.org/view.php?id=CVE-2017-13694
25 Aug 2017 — The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and node_ext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table. La función acpi_ps_complete_final_op() en drivers/acpi/acpica/psobject.c en el kernel Linux en su versión 4.12.9 no vacía las cachés node y node_ext y pro... • http://www.securityfocus.com/bid/100500 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13693
https://notcve.org/view.php?id=CVE-2017-13693
25 Aug 2017 — The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table. La función acpi_ds_create_operands() en drivers/acpi/acpica/dsutils.c en el kernel Linux en su versión 4.12.9 no vacía la caché operand y provoca un volcado de pila de ... • http://www.securityfocus.com/bid/100502 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •