CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9419 – kernel: partial ASLR bypass through TLS base addresses leak
https://notcve.org/view.php?id=CVE-2014-9419
26 Dec 2014 — The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address. La función The __switch_to en arch/x86/kernel/process_64.c en el Kernel de Linux a través de 3.18.1 no asegura que los descriptores Thread Local Storage (TLS) se carguen antes de... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f647d7c155f069c1a068030255c300663516420e • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 434EXPL: 0CVE-2014-8133 – kernel: x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS
https://notcve.org/view.php?id=CVE-2014-8133
17 Dec 2014 — arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a set_thread_area system call and later reads a 16-bit value. arch/x86/kernel/tls.c en la implementación Thread Local Storage (TLS) en el kernel de Linux hasta 3.18.1 permite a usuarios locales evadir el mecanismo de ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=41bdc78544b8a93a9c6814b8bbbfef966272abbe • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.4EPSS: 0%CPEs: 13EXPL: 5CVE-2014-9322 – Linux Kernel - 'BadIRET' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2014-9322
16 Dec 2014 — arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space. arch/x86/kernel/entry_64.S en el kernel de Linux anterior a 3.17.5 no maneja correctamente los fallos asociados con el registro de segmento Stack Segment (SS), lo que permite a usuarios locales ganar privilegios mediante... • https://packetstorm.news/files/id/130593 • CWE-269: Improper Privilege Management CWE-841: Improper Enforcement of Behavioral Workflow •
CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 1CVE-2014-8134 – kernel: x86: espfix not working for 32-bit KVM paravirt guests
https://notcve.org/view.php?id=CVE-2014-8134
12 Dec 2014 — The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value. La función paravirt_ops_setup en arch/x86/kernel/kvm.c en el kernel de Linux hasta 3.18 utiliza una configuración paravirt_enabled indebida para los kernels KVM invitados, lo que facilita a usuarios invitados del sistema op... • http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html •
CVSS: 4.9EPSS: 0%CPEs: 204EXPL: 0CVE-2014-7842 – kernel: kvm: reporting emulation failures to userspace
https://notcve.org/view.php?id=CVE-2014-7842
30 Nov 2014 — Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service (guest OS crash) via a crafted application that performs an MMIO transaction or a PIO transaction to trigger a guest userspace emulation error report, a similar issue to CVE-2010-5313. Condición de carrera en arch/x86/kvm/x86.c en el kernel de Linux anterior a 3.17.4 permite a usuarios del sistema operativo invitado causar una denegación de servicio (caída del sistema operativo invitado)... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a2b9e6c1a35afcc0973acb72e591c714e78885ff • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.1EPSS: 0%CPEs: 204EXPL: 1CVE-2014-8989 – Ubuntu Security Notice USN-2515-1
https://notcve.org/view.php?id=CVE-2014-8989
30 Nov 2014 — The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a "negative groups" issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c. El kernel de Linux hasta 3.17.4 no restringe debidamente la colocación de afilia... • http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-7843 – Ubuntu Security Notice USN-2465-1
https://notcve.org/view.php?id=CVE-2014-7843
30 Nov 2014 — The __clear_user function in arch/arm64/lib/clear_user.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. La función __clear_user en arch/arm64/lib/clear_user.S en el kernel de Linux anterior a 3.17.4 en la plataforma ARM64 permite a usuarios locales causar una denegación de servicio (caída del sistema) mediante la lectura de un byte más allá del límite de página /dev/zero. A null poin... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=97fc15436b36ee3956efad83e22a557991f7d19d • CWE-17: DEPRECATED: Code •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2010-5313 – kernel: kvm: reporting emulation failures to userspace
https://notcve.org/view.php?id=CVE-2010-5313
30 Nov 2014 — Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service (L1 guest OS crash) via a crafted instruction that triggers an L2 emulation failure report, a similar issue to CVE-2014-7842. Condición de carrera en arch/x86/kvm/x86.c en el kernel de Linux anterior a 2.6.38 permite a usuarios del sistema operativo L2 invitado causar una denegación de servicio (caída del sistema operativo L1 invitado) a través de una instrucción manipulada que provoc... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fc3a9157d3148ab91039c75423da8ef97be3e105 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 56%CPEs: 204EXPL: 1CVE-2014-7841 – kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet
https://notcve.org/view.php?id=CVE-2014-7841
30 Nov 2014 — The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk. La función sctp_process_param en net/sctp/sm_make_chunk.c en la implementación SCTP en el kernel de Linux anterior a 3.17.4, cuando ASCONF está utilizado, permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e40607cbe270a9e8360907cb1e62ddf0736e4864 • CWE-399: Resource Management Errors CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 204EXPL: 0CVE-2014-9090 – Ubuntu Security Notice USN-2441-1
https://notcve.org/view.php?id=CVE-2014-9090
30 Nov 2014 — The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the linux-clock-tests test suite. La función do_double_fault en arch/x86/kernel/traps.c en el kernel de Linux hasta 3.17.4 no maneja debidamente los fallos asociados con el registro de segmentos Stack Segm... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f442be2fb22be02cafa606f1769fa1e6f894441 • CWE-17: DEPRECATED: Code •