CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6136 – kernel: Race condition vulnerability in execve argv arguments
https://notcve.org/view.php?id=CVE-2016-6136
04 Jul 2016 — Race condition in the audit_log_single_execve_arg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerability. Condición de carrera en la función audit_log_single_execve_arg en kernel/auditsc.c en el kernel de Linux hasta la versión 4.7 permite a usuarios locales eludir restricciones de set de caracteres intencionados o interrumpir la auditoria de... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=43761473c254b45883a64441dd0bc85a42f3645c • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6156 – Ubuntu Security Notice USN-3084-2
https://notcve.org/view.php?id=CVE-2016-6156
04 Jul 2016 — Race condition in the ec_device_ioctl_xcmd function in drivers/platform/chrome/cros_ec_dev.c in the Linux kernel before 4.7 allows local users to cause a denial of service (out-of-bounds array access) by changing a certain size value, aka a "double fetch" vulnerability. Condición de carrera en la función ec_device_ioctl_xcmd en drivers/platform/chrome/cros_ec_dev.c en el kernel de Linux en versiones anteriores a 4.7 permite a usuarios locales provocar una denegación de servicio (acceso al array fuera de ran... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096cdc6f52225835ff503f987a0d68ef770bb78e • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2016-6130 – Ubuntu Security Notice USN-3099-1
https://notcve.org/view.php?id=CVE-2016-6130
01 Jul 2016 — Race condition in the sclp_ctl_ioctl_sccb function in drivers/s390/char/sclp_ctl.c in the Linux kernel before 4.6 allows local users to obtain sensitive information from kernel memory by changing a certain length value, aka a "double fetch" vulnerability. Condición de carrera en la función sclp_ctl_ioctl_sccb en drivers/s390/char/sclp_ctl.c en el kernel de Linux en versiones anteriores a 4.6 permite a usuarios locales obtener información sensible de la memoria del kernel cambiando un valor de longitud deter... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=532c34b5fbf1687df63b3fcd5b2846312ac943c6 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1237 – Ubuntu Security Notice USN-3070-1
https://notcve.org/view.php?id=CVE-2016-1237
28 Jun 2016 — nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, and nfs4acl.c. nfsd en el kernel de Linux hasta la versión 4.6.3 permite a usuarios locales eludir las restricciones destinadas al permiso de archivo ajustando una POSIX ACL relacionada con nfs2acl.c, nfs3acl.c y nfs4acl.c. A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=999653786df6954a31044528ac3f7a5dadca08f4 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-3070 – kernel: Null pointer dereference in trace_writeback_dirty_page()
https://notcve.org/view.php?id=CVE-2016-3070
28 Jun 2016 — The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by triggering a certain page move. La implementación trace_writeback_dirty_page en include/trace/events/writeback.h en el kernel de Linux en versiones anteriores a 4.4 interactúa incorrectamente con mm/migrate.c, lo que... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=42cb14b110a5698ccf26ce59c4441722605a3743 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5243 – Ubuntu Security Notice USN-3049-1
https://notcve.org/view.php?id=CVE-2016-5243
27 Jun 2016 — The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message. La función tipc_nl_compat_link_dump en net/tipc/netlink_compat.c en el kernel de Linux hasta la versión 4.6.3 no copia adecuadamente una cierta cadena, lo que permite a usuarios locales obtener información sensible de la memoria de pila del kernel leyendo un... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5d2be1422e02ccd697ccfcd45c85b4a26e6178e2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2016-5244 – Ubuntu Security Notice USN-3071-2
https://notcve.org/view.php?id=CVE-2016-5244
27 Jun 2016 — The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message. La función rds_inc_info_copy en net/rds/recv.c en el kernel de Linux hasta la versión 4.6.3 no inicializa un cierto miembro de estructura, lo que permite a atacantes remotos obtener información sensible de la memoria de pila del kernel leyendo un mensaje RDS. Kangjie... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2016-4470 – kernel: Uninitialized variable in request_key handling causes kernel crash in error handling path
https://notcve.org/view.php?id=CVE-2016-4470
27 Jun 2016 — The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command. La función key_reject_and_link en security/keys/key.c en el kernel de Linux hasta la versión 4.6.3 no asegura que cierta estructura de datos esté inicializada, lo que permite a usuarios locales provocar una denegación de servicio (caí... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a • CWE-253: Incorrect Check of Function Return Value •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2016-5829 – kernel: Heap buffer overflow in hiddev driver
https://notcve.org/view.php?id=CVE-2016-5829
27 Jun 2016 — Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call. Múltiples desbordamientos de buffer basado en memoria dinámica en la función hiddev_ioctl_usage en drivers/hid/usbhid/hiddev.c en el kernel de Linux hasta la versión 4.6.3 permiten a usuarios locales provocar una denegaci... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93a2001bdfd5376c3dc2158653034c20392d15c5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3713
https://notcve.org/view.php?id=CVE-2016-3713
27 Jun 2016 — The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash), via a crafted ioctl call. La función msr_mtrr_valid en arch/x86/kvm/mtrr.c en el kernel de Linux en versiones anteriores a 4.6.1 sostiene MSR 0x2f8, lo que permite a usuarios invitados del sistema operativo leer o escribir en la estruc... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9842df62004f366b9fed2423e24df10542ee0dc5 • CWE-284: Improper Access Control •