CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3291
https://notcve.org/view.php?id=CVE-2015-3291
23 Jul 2015 — arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform does not properly determine when nested NMI processing is occurring, which allows local users to cause a denial of service (skipped NMI) by modifying the rsp register, issuing a syscall instruction, and triggering an NMI. Vulnerabilidad en arch/x86/entry/entry_64.S en el kernel de Linux en versiones anteriores a 4.1.6 en la plataforma x86_64, no determina correctamente cuándo está ocurriendo el procesamiento anidado de NMI, lo... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=810bc075f78ff2c221536eb3008eac6a492dba2d • CWE-17: DEPRECATED: Code •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4692
https://notcve.org/view.php?id=CVE-2015-4692
23 Jul 2015 — The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call. Vulnerabilidad en la función kvm_apic_has_events en arch/x86/kvm/lapic.h en el Kernel de Linux hasta la versión 4.1.3, permite a usuarios locales causar una denegación de servicio (mediante la referencia a un puntero NULO y una caída del ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009 •
CVSS: 9.8EPSS: 41%CPEs: 14EXPL: 0CVE-2015-5364 – kernel: net: incorrect processing of checksums in UDP implementation
https://notcve.org/view.php?id=CVE-2015-5364
23 Jul 2015 — The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood. Vulnerabilidad en las funciones (1) udp_recvmsg y (2) udpv6_recvmsg en el kernel de Linux en versiones anteriores a 4.0.6, no considera adecuadamente ceder un procesador, lo que permite a atacantes remotos causar una denegación de servicio (colgado del sis... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=beb39db59d14990e401e235faf66a6b9b31240b0 • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 39%CPEs: 2EXPL: 0CVE-2015-5366 – kernel: net: incorrect processing of checksums in UDP implementation
https://notcve.org/view.php?id=CVE-2015-5366
23 Jul 2015 — The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364. Vulnerabilidad en las funciones (1) udp_recvmsg y (2) udpv6_recvmsg en el kernel de Linux en versiones anteriores a 4.0.6, proporcionan valores de retorno -EAGAIN inapropiados, lo que permite a ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=beb39db59d14990e401e235faf66a6b9b31240b0 • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4700 – kernel: Crafted BPF filters may crash kernel during JIT optimisation
https://notcve.org/view.php?id=CVE-2015-4700
07 Jul 2015 — The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler. Vulnerabilidad en la función bpf_int_jit_compile en arch/x86/net/bpf_jit_comp.c en el kernel de Linux en versiones anteriores a 4.0.6, permite a usuarios locales causar una denegación de servicio (caída del sistema) mediante la cre... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3f7352bf21f8fd7ba3e2fcef9488756f188e12be • CWE-17: DEPRECATED: Code CWE-665: Improper Initialization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1573 – kernel: panic while flushing nftables rules that reference deleted chains.
https://notcve.org/view.php?id=CVE-2015-1573
23 Jun 2015 — The nft_flush_table function in net/netfilter/nf_tables_api.c in the Linux kernel before 3.18.5 mishandles the interaction between cross-chain jumps and ruleset flushes, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability. La función nft_flush_table en net/netfilter/nf_tables_api.c en el kernel de Linux en versiones anteriores a 3.18.5 no maneja adecuadamente la interacción entre saltos cross-chain y borrado de conjuntos de reglas, lo que permite a usuari... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a2f18db0c68fec96631c10cad9384c196e9008ac • CWE-19: Data Processing Errors CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 10CVE-2015-1328 – Linux Kernel (Ubuntu / Fedora / RedHat) - 'Overlayfs' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-1328
15 Jun 2015 — The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace. La implementación de overlayfs en el paquete linux (también conocido como kernel Linux) en versiones anteriores a 3.19.0-21.21 en Ubuntu hasta la versión 15.04 no compr... • https://www.exploit-db.com/exploits/40688 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-4167
https://notcve.org/view.php?id=CVE-2015-4167
10 Jun 2015 — The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem. Vulnerabilidad en la función udf_read_inode en fs/udf/inode.c en el kernel de Linux en versiones anteriores a 3.19.1, no valida determinados valores de longitud, lo que permite a usuarios locales provocar una denegación de servicio (representaci... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23b133bdc452aa441fcb9b82cbf6dd05cfd342d0 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0275 – kernel: fs: ext4: fallocate zero range page size > block size BUG()
https://notcve.org/view.php?id=CVE-2015-0275
10 Jun 2015 — The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request. La función ext4_zero_range en fs/ext4/extents.c en el kernel de Linux en versiones anteriores a 4.1 permite a usuarios locales provocar una denegación de servicio (BUG) a través de una petición de rango cero a fallocate manipulada. A flaw was found in the way the Linux kernel's ext4 file system handled the "page size > block size" ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2af21aae11972fa924374ddcf52e88347cf5a8 • CWE-17: DEPRECATED: Code •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 7CVE-2015-3636 – kernel: ping sockets: use-after-free leading to local privilege escalation
https://notcve.org/view.php?id=CVE-2015-3636
10 Jun 2015 — The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect. Vulnerabilidad en la función ping_unhash en net/ipv4/ping.c en el kernel de L... • https://github.com/fi01/CVE-2015-3636 • CWE-416: Use After Free •