CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2014-3601 – kernel: kvm: invalid parameter passing in kvm_iommu_map_pages()
https://notcve.org/view.php?id=CVE-2014-3601
01 Sep 2014 — The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to (1) cause a denial of service (host OS memory corruption) or possibly have unspecified other impact by triggering a large gfn value or (2) cause a denial of service (host OS memory consumption) by triggering a small gfn value that leads to permanently pinned pages. La función kvm_iommu_map_pages en virt/kvm/iommu.c ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7 • CWE-189: Numeric Errors •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 1CVE-2014-5471 – kernel: isofs: unbound recursion when processing relocated directories
https://notcve.org/view.php?id=CVE-2014-5471
01 Sep 2014 — Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry. Vulnerabilidad de consumo de pila en la función parse_rock_ridge_inode_internal en fs/isofs/rock.c en el kernel de Linux hasta 3.16.1 permite a usuarios locales causar una denegació... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=410dd3cf4c9b36f27ed4542ee18b1af5e68645a4 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 4CVE-2014-5207 – Linux Kernel < 3.16.1 - 'Remount FUSE' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2014-5207
18 Aug 2014 — fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows local users to gain privileges, interfere with backups and auditing on systems that had atime enabled, or cause a denial of service (excessive filesystem updating) on systems that had atime disabled via a "mount -o remount" command within a user namespace. fs/namespace.c en el kernel de Linux hasta 3.16.1 no res... • https://packetstorm.news/files/id/128595 • CWE-269: Improper Privilege Management •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 1CVE-2014-5045 – kernel: vfs: refcount issues during unmount on symlink
https://notcve.org/view.php?id=CVE-2014-5045
01 Aug 2014 — The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount system call in conjunction with a symlink, which allows local users to cause a denial of service (memory consumption or use-after-free) or possibly have unspecified other impact via the umount program. La función mountpoint_last en fs/namei.c en el kernel de Linux anterior a 3.15.8 no mantiene debidamente cierta cuenta de referencias durante inte... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=295dc39d941dc2ae53d5c170365af4c9d5c16212 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2014-3534 – kernel: s390: ptrace: insufficient sanitization when setting psw mask
https://notcve.org/view.php?id=CVE-2014-3534
30 Jul 2014 — arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a crafted application that makes a ptrace system call. arch/s390/kernel/ptrace.c en el kernel de Linux anterior a 3.15.8 en el plataforma s390 no restringe debidamente las operaciones de control de la restricción de... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dab6cf55f81a6e16b8147aed9a843e1691dcd318 • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2014-4652 – Kernel: ALSA: control: protect user controls against races & memory disclosure
https://notcve.org/view.php?id=CVE-2014-4652
03 Jul 2014 — Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access. Condición de carrera en la funcionalidad del manejador de tlv en la función snd_ctl_elem_user_tlv en sound/core/control.c en la implementación del control ALSA en el kernel de Linux anterior a 3.15.2 permite a usuarios loc... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=07f4d9d74a04aa7c72c5dae0ef97565f28f17b92 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2014-4655 – Kernel: ALSA: control: use-after-free in replacing user controls
https://notcve.org/view.php?id=CVE-2014-4655
03 Jul 2014 — The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls. La función snd_ctl_elem_add en sound/core/control.c en la implementación del control ALSA en el kernel de Linux anterior a 3.15.2 no gestiona ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=82262a46627bebb0febcc26664746c25cef08563 • CWE-190: Integer Overflow or Wraparound CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2014-4653 – Kernel: ALSA: control: do not access controls outside of protected regions
https://notcve.org/view.php?id=CVE-2014-4653
03 Jul 2014 — sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access. sound/core/control.c de la implementación del control de ALSA en el kernel de Linux anterior a 3.15.2 no asegura la posesión de un bloqueo de lectura/escritura, lo que permite a usuarios locales provocar una d... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fd9f26e4eca5d08a27d12c0933fceef76ed9663d • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2014-4654 – Kernel: ALSA: control: use-after-free in replacing user controls
https://notcve.org/view.php?id=CVE-2014-4654
03 Jul 2014 — The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allows local users to remove kernel controls and cause a denial of service (use-after-free and system crash) by leveraging /dev/snd/controlCX access for an ioctl call. La función snd_ctl_elem_add en sound/core/control.c de la implementación del control ALSA en el kernel de Linux anterior a 3.15.2 no comprueba ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=82262a46627bebb0febcc26664746c25cef08563 • CWE-416: Use After Free •
CVSS: 5.3EPSS: 1%CPEs: 1EXPL: 0CVE-2014-4611 – Ubuntu Security Notice USN-2287-1
https://notcve.org/view.php?id=CVE-2014-4611
03 Jul 2014 — Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715. Desbordamiento ... • http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html • CWE-20: Improper Input Validation •