CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2018-16658 – kernel: Information leak in cdrom_ioctl_drive_status
https://notcve.org/view.php?id=CVE-2018-16658
07 Sep 2018 — An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940. Se ha descubierto un problema en el kernel de Linux hasta antes de la versión 4.18.6. Una fuga de información en cdrom_ioctl_drive_status en drivers/cdrom/cdrom.c podría ser empleada por atacantes locales para leer m... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f3fafc9c2f0ece10832c25f7ffcb07c97a32ad4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-6555
https://notcve.org/view.php?id=CVE-2018-6555
04 Sep 2018 — The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket. La función irda_setsockopt en net/irda/af_irda.c y siguientes en drivers/staging/irda/net/af_irda.c en el kernel de Linux en versiones anteriores a la 4.17 permite que usuarios locales provoquen una denegación de servicio (... • http://www.securityfocus.com/bid/105304 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-6554
https://notcve.org/view.php?id=CVE-2018-6554
04 Sep 2018 — Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket. Fuga de memoria en la función irda_bind en net/irda/af_irda.c y siguientes en drivers/staging/irda/net/af_irda.c en el kernel de Linux en versiones anteriores a la 4.17 permite que usuarios locales provoquen una denegación de servicio (consumo de memoria) enlaza... • http://www.securityfocus.com/bid/105302 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2018-16276
https://notcve.org/view.php?id=CVE-2018-16276
31 Aug 2018 — An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges. Se descubrió un problema en yurex_read en drivers/usb/misc/yurex.c en el kernel de Linux hasta la versión 4.17.7. Los atacantes locales pueden emplear lecturas/escrituras de acceso de usuario con una comprobación incorrecta de límites en el controlad... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f1e255d60ae66a9f672ff9a207ee6cd8e33d2679 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-14619 – kernel: crash (possible privesc) in kernel crypto api.
https://notcve.org/view.php?id=CVE-2018-14619
30 Aug 2018 — A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each af_alg_ctx was freed instead of when the aead_tfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user being able to crash the system or possibly escalate privileges. Se ha encontrado un error en el subsistema crypto del kernel de Linux en versiones anteriores a kernel-4.15-rc4. Se dejó "null skcipher" cuando se liber... • http://www.securityfocus.com/bid/105200 • CWE-20: Improper Input Validation CWE-416: Use After Free •
CVSS: 5.6EPSS: 0%CPEs: 7EXPL: 0CVE-2018-15594 – kernel: Mishandling of indirect calls weakens Spectre mitigation for paravirtual guests
https://notcve.org/view.php?id=CVE-2018-15594
20 Aug 2018 — arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests. arch/x86/kernel/paravirt.c en el kernel de Linux en versiones anteriores a la 4.18.1 maneja incorrectamente algunas llamadas indirectas, lo que hace que sea más fácil para los atacantes realizar ataques Spectre-v2 contra guests paravirtuales. It was found that paravirt_patch_call/jump() functions in the arch/x86/kernel/p... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5800dc5c19f34e6e03b5adab1282535cb102fafd • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2018-15572
https://notcve.org/view.php?id=CVE-2018-15572
20 Aug 2018 — The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks. La función spectre_v2_select_mitigation en arch/x86/kernel/cpu/bugs.c en el kernel de Linux en versiones anteriores a la 4.18.1 no siempre completa RSB en un cambio de contexto, lo que hace que sea más fácil para los atacantes realizar ataques spectreRSB espacio de usuar... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdf82a7856b32d905c39afc85e34364491e46346 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-15471
https://notcve.org/view.php?id=CVE-2018-15471
17 Aug 2018 — An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. The Linux netback driver allows frontends to control mapping of requests to request queues. When processing a request to set or change this mapping, some input validation (e.g., for an integer overflow) was missing or flawed, leading to OOB access in hash handling. A malicious or buggy frontend may cause the (usually privileged) backend to... • http://xenbits.xen.org/xsa/advisory-270.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 10%CPEs: 152EXPL: 0CVE-2018-5391 – The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets
https://notcve.org/view.php?id=CVE-2018-5391
14 Aug 2018 — The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. El kernel de Linux en versio... • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-7754
https://notcve.org/view.php?id=CVE-2018-7754
10 Aug 2018 — The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file. La función aoedisk_debugfs_show en drivers/block/aoe/aoeblk.c en el kernel de Linux hasta la versión 4.16.4rc4 permite que usuarios locales obtengan información sensible de direcciones mediante la lectura de líneas "ffree: " en un archivo debugfs. • https://elixir.bootlin.com/linux/v4.16-rc4/source/drivers/block/aoe/aoeblk.c#L421 • CWE-532: Insertion of Sensitive Information into Log File •