CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 1CVE-2016-6516
https://notcve.org/view.php?id=CVE-2016-6516
06 Aug 2016 — Race condition in the ioctl_file_dedupe_range function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (heap-based buffer overflow) or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability. Condición de carrera en la función ioctl_file_dedupe_range en fs/ioctl.c en el kernel de Linux hasta la versión 4.7 permite a usuarios locales provocar una denegación de servicio (desbordamiento de búfer basado en memoria dinámica) o p... • https://github.com/wpengfei/CVE-2016-6516-exploit • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5412 – Kernel: powerpc: kvm: Infinite loop via H_CEDE hypercall when running under hypervisor-mode
https://notcve.org/view.php?id=CVE-2016-5412
06 Aug 2016 — arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction. arch/powerpc/kvm/book3s_hv_rmhandlers.S en el kernel de Linux hasta la versión 4.7 en plataformas PowerPC, cuando se encuentra habilitada CONFIG_KVM_BOOK3S_64_HV, permite a usuarios invitados del SO provocar una denegación d... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93d17397e4e2182fdaad503e2f9da46202c0f1c3 • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2016-6198 – kernel: vfs: missing detection of hardlinks in vfs_rename() on overlayfs
https://notcve.org/view.php?id=CVE-2016-6198
06 Aug 2016 — The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service (system crash) via a rename system call, related to fs/namei.c and fs/open.c. La capa del sistema de archivos en el kernel de Linux en versiones anteriores a 4.5.5 procede con operaciones de cambio de nombre después de que un archivo OverlayFS es cambiado de nombre a un self-hardlink, lo que permite a usuarios ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d5ca871e72f2bb172ec9323497f01cd5091ec7 • CWE-284: Improper Access Control CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-9892
https://notcve.org/view.php?id=CVE-2014-9892
06 Aug 2016 — The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28770164 and Qualcomm internal bug CR568717. La función snd_compr_tstamp en sound/core/compress_offload.c en el kernel de Linux hasta la versión 4.7, como se usa en Android en versio... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-9900 – Ubuntu Security Notice USN-3371-1
https://notcve.org/view.php?id=CVE-2014-9900
06 Aug 2016 — The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug 28803952 and Qualcomm internal bug CR570754. La función ethtool_get_wol en net/core/ethtool.c en el kernel de Linux hasta la versión 4.7, como se usa en Android en versiones anteriores a 2016-08-05 en di... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-8944 – Ubuntu Security Notice USN-3360-1
https://notcve.org/view.php?id=CVE-2015-8944
06 Aug 2016 — The ioresources_init function in kernel/resource.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices, uses weak permissions for /proc/iomem, which allows local users to obtain sensitive information by reading this file, aka Android internal bug 28814213 and Qualcomm internal bug CR786116. NOTE: the permissions may be intentional in most non-Android contexts. La función ioresources_init en kernel/resource.c en el kernel de Linux hasta la versión 4.7, como s... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2014-9888
https://notcve.org/view.php?id=CVE-2014-9888
06 Aug 2016 — arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 and Qualcomm internal bug CR642735. arch/arm/mm/dma-mapping.c en el kernel de Linux en versiones anteriores 3.13 en las plataformas ARM, como se utiliza en Android en versiones anteriores a 2016-08-05 en dispositiv... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ea1ec713f04bdfac343c9702b21cd3a7c711826 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6480 – kernel: scsi: aacraid: double fetch in ioctl_send_fib()
https://notcve.org/view.php?id=CVE-2016-6480
01 Aug 2016 — Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fetch" vulnerability. Condición de carrera en la función ioctl_send_fib en drivers/scsi/aacraid/commctrl.c en el kernel de Linux hasta la versión 4.7 permite a usuarios locales provocar una denegación de servicio (acceso fuera de rango o caída de sistema) cambiand... • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 1CVE-2016-2067
https://notcve.org/view.php?id=CVE-2016-2067
11 Jul 2016 — drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, mishandles the KGSL_MEMFLAGS_GPUREADONLY flag, which allows attackers to gain privileges by leveraging accidental read-write mappings, aka Qualcomm internal bug CR988993. drivers/gpu/msm/kgsl.c en el controlador de gráficos MSM (también conocido como controlador GPU) para el kernel de Linux 3.x, tal como se utiliza... • https://github.com/hhj4ck/CVE-2016-2067 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-2068
https://notcve.org/view.php?id=CVE-2016-2068
11 Jul 2016 — The MSM QDSP6 audio driver (aka sound driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (integer overflow, and buffer overflow or buffer over-read) via a crafted application that performs a (1) AUDIO_EFFECTS_WRITE or (2) AUDIO_EFFECTS_READ operation, aka Qualcomm internal bug CR1006609. El controlador de audio MSM QDSP6 (también conocido como controlador de ... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-190: Integer Overflow or Wraparound •