CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-7613 – kernel: Unauthorized access to IPC objects with SysV shm
https://notcve.org/view.php?id=CVE-2015-7613
06 Oct 2015 — Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. Condición de carrera en la implementación del objeto IPC en el kernel de Linux hasta la versión 4.2.3 permite a usuarios locales obtener privilegios desencadenando una llamada a ipc_addid que conduce a comparaciones de uid y gid contra datos no inicializado... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9a532277938798b53178d5a66af6e2915cb27cf • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5156 – kernel: buffer overflow with fraglist larger than MAX_SKB_FRAGS + 2 in virtio-net
https://notcve.org/view.php?id=CVE-2015-5156
23 Sep 2015 — The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets. La función virtnet_probe en drivers/net/virtio_net.c en el kernel de Linux en versiones anteriores a 4.2 intenta dar soporte a la funcionalidad FRAGLIST sin asignación adecuada de memoria, lo que permite a usua... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=48900cb6af4282fa0fb6ff4d72a81aa3dadb5c39 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-2925 – Kernel: vfs: Do not allow escaping from bind mounts
https://notcve.org/view.php?id=CVE-2015-2925
23 Sep 2015 — The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack." La función prepend_path en fs/dcache.c en el kernel Linux en versiones anteriores a 4.2.4 no maneja adecuadamente el cambio de nombre de las acciones dentro de un enlace de montaje, lo que permite a usuarios locales eludir un mecanismo d... • https://github.com/Kagami/docker_cve-2015-2925 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-254: 7PK - Security Features •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6252 – Ubuntu Security Notice USN-2751-1
https://notcve.org/view.php?id=CVE-2015-6252
23 Sep 2015 — The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service (memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers permanent file-descriptor allocation. La función vhost_dev_ioctl en drivers/vhost/vhost.c en el kernel de Linux en versiones anteriores a 4.1.5 permite a usuarios locales provocar una denegación de servicio (consumo de memoria) a través de una llamada VHOST_SET_LOG_FD ioctl que desencadena la asignación de ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2015-6937 – Ubuntu Security Notice USN-2774-1
https://notcve.org/view.php?id=CVE-2015-6937
23 Sep 2015 — The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. La función __rds_conn_create en net/rds/connection.c en el kernel de Linux hasta la versión 4.2.3 permite a usuarios locales provocar una denegación de servicio (referencia a puntero NULL y caída del sistema) o posiblemente tener otro impacto... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=74e98eb085889b0d2d4908f59f6e00026063014f •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6526 – kernel: perf on ppc64 can loop forever getting userlevel stacktraces
https://notcve.org/view.php?id=CVE-2015-6526
31 Aug 2015 — The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c in the Linux kernel before 4.0.2 on ppc64 platforms allows local users to cause a denial of service (infinite loop) via a deep 64-bit userspace backtrace. Vulnerabilidad en la función perf_callchain_user_64 en arch/powerpc/perf/callchain.c en el kernel de Linux en versiones anteriores a 4.0.2 sobre plataformas ppc64, permite a usuarios locales causar una denegación de servicio (bucle infinito) a través de una traza inversa profunda en el e... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a5cbce421a283e6aea3c4007f141735bf9da8c3 • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3212 – kernel: SCTP race condition allows list corruption and panic from userlevel
https://notcve.org/view.php?id=CVE-2015-3212
07 Aug 2015 — Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2 allows local users to cause a denial of service (list corruption and panic) via a rapid series of system calls related to sockets, as demonstrated by setsockopt calls. Vulnerabilidad de condición de carrera en net/stcp/socket.c en el kernel de Linux en versiones anteriores a 4.1.2, permite a usuarios locales causar una denegación de servicio (lista corrupta y pánico) a través de una serie de llamadas al sistema relacionadas con sockets, se... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2d45a02d0166caf2627fe91897c6ffc3b19514c4 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-667: Improper Locking •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5697 – Ubuntu Security Notice USN-2751-1
https://notcve.org/view.php?id=CVE-2015-5697
07 Aug 2015 — The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call. Vulnerabilidad en la función get_bitmap en drivers/md/md.c en el kernel de Linux en versiones anteriores a 4.1.6, no inicializa una cierta estructura de datos de mapa de bits, lo que permite a usuarios locales obtener información sensible de la memoria del kernel a tr... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b6878d9e03043695dbf3fa1caa6dfc09db225b16 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2015-5706 – Debian Security Advisory 3329-1
https://notcve.org/view.php?id=CVE-2015-5706
07 Aug 2015 — Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via O_TMPFILE filesystem operations that leverage a duplicate cleanup operation. Vulnerabilidad de uso después de liberación de memoria en la función path_openat en fs/namei.c en el kernel de Linux 3.x y 4.x en versiones anteriores a 4.0.4, permite a usuarios locales causar una denegación de servicio o po... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f15133df088ecadd141ea1907f2c96df67c729f0 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2015-5707 – Ubuntu Security Notice USN-2759-1
https://notcve.org/view.php?id=CVE-2015-5707
07 Aug 2015 — Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. Desbordamiento de entero en la función sg_start_req en drivers/scsi/sg.c en el kernel de Linux 2.6.x hasta la versión 4.x en versiones anteriores a 4.1 permite a usuarios locales provocar una denegación de servicio o posiblemente tener otro impacto no especi... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=451a2886b6bf90e2fb378f7c46c655450fb96e81 • CWE-190: Integer Overflow or Wraparound •