CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9717
https://notcve.org/view.php?id=CVE-2014-9717
02 May 2016 — fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is unset, which allows local users to bypass intended access restrictions and navigate to filesystem locations beneath a mount by calling umount2 within a user namespace. fs/namespace.c en el kernel de Linux en versiones anteriores a 4.0.2 procesa llamadas de sistema MNT_DETACH umount2 sin verificar que el indicador MNT_LOCKED no está establecido, lo que permite a usuarios loc... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce07d891a0891d3c0d0c2d73d577490486b809e1 • CWE-284: Improper Access Control •
CVSS: 5.1EPSS: 0%CPEs: 10EXPL: 0CVE-2015-8839 – kernel: ext4 filesystem page fault race condition with fallocate call.
https://notcve.org/view.php?id=CVE-2015-8839
02 May 2016 — Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5 allow local users to cause a denial of service (disk corruption) by writing to a page that is associated with a different user's file after unsynchronized hole punching and page-fault handling. Múltiples condiciones de carrera en la implementación del sistema de archivos ext4 en el kernel de Linux en versiones anteriores a 4.5 permite a usuarios locales provocar una denegación de servicio (corrupción de disco) escr... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ea3d7209ca01da209cda6f0dea8be9cc4b7a933b • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4178
https://notcve.org/view.php?id=CVE-2015-4178
02 May 2016 — The fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call, related to fs/fs_pin.c and include/linux/fs_pin.h. La implementación de fs_pin en el kernel de Linux en versiones anteriores a 4.0.5 no asegura la consistencia interna de una determinada estructura de datos de lista, lo que permi... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=820f9f147dcce2602eefd9b575bbbd9ea14f0953 •
CVSS: 4.9EPSS: 0%CPEs: 9EXPL: 0CVE-2016-2187 – Ubuntu Security Notice USN-3002-1
https://notcve.org/view.php?id=CVE-2016-2187
02 May 2016 — The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor. La función gtco_probe en drivers/input/tablet/gtco.c en el kernel de Linux hasta la versión 4.5.2 permite a atacantes físicamente próximos provocar una denegación de servicio (referencia a puntero NULL y caída de sistema) a través de un valor de disposit... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=162f98dea487206d9ab79fc12ed64700667a894d •
CVSS: 4.9EPSS: 0%CPEs: 13EXPL: 0CVE-2016-3689 – Ubuntu Security Notice USN-2970-1
https://notcve.org/view.php?id=CVE-2016-3689
02 May 2016 — The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface. La función ims_pcu_parse_cdc_data en drivers/input/misc/ims-pcu.c en el kernel de Linux en versiones anteriores a 4.5.1 permite a atacantes físicamente próximos provocar una denegación de servicio (caída de sistema) a través de un dispositivo USB sin interfaz para un... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ad220c96692eda76b2e3fd7279f3dcd1d8a8ff •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8324 – kernel: Null pointer dereference when mounting ext4
https://notcve.org/view.php?id=CVE-2015-8324
02 May 2016 — The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a crafted USB device, related to the ext4_fill_super function. La implementación de ext4 en el kernel de Linux en versiones anteriores a 2.6.34 no rastrea correctamente la inicalización de determinadas estructuras de datos, lo que permite a atacantes físicamente próxim... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=744692dc059845b2a3022119871846e74d4f6e11 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2016-2117 – kernel: Kernel memory leakage to ethernet frames due to buffer overflow in ethernet drivers
https://notcve.org/view.php?id=CVE-2016-2117
02 May 2016 — The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data. La función atl2_probe en drivers/net/ethernet/atheros/atlx/atl2.c en el kernel de Linux hasta la versión 4.5.2 activa incorrectamente scatter/gather I/O, lo que permite a atacantes remotos obtener información sensible de la memoria del kernel leyendo datos de paque... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f43bfaeddc79effbf3d0fcb53ca477cca66f3db8 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2016-2143 – kernel: Fork of large process causes memory corruption
https://notcve.org/view.php?id=CVE-2016-2143
27 Apr 2016 — The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h. La implementación fork en el kernel de Linux en versiones anteriores a 4.5 en la plataforma s390 no maneja correctamente el caso de los cuatro niveles de la tabla de pági... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3446c13b268af86391d06611327006b059b8bab1 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2015-8845 – kernel: incorrect restoration of machine specific registers from userspace
https://notcve.org/view.php?id=CVE-2015-8845
27 Apr 2016 — The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application. La función tm_reclaim_thread en arch/powerpc/kernel/process.c en el Kernel de Linux en versiones anteriores a 4.4.1 sobre plataformas powerpc no asegura que exista el modo TM suspend antes de ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142 • CWE-284: Improper Access Control CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2015-1339
https://notcve.org/view.php?id=CVE-2015-1339
27 Apr 2016 — Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times. Fuga de memoria en la función cuse_channel_release en fs/fuse/cuse.c en el kernel de Linux en versiones anteriores a 4.4 permite a usuarios locales provocar una denegación de servicio (consumo de memoria) o posiblemente tener otro impacto no especificado abriendo /dev/c... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c • CWE-399: Resource Management Errors •