CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2018-13096
https://notcve.org/view.php?id=CVE-2018-13096
03 Jul 2018 — An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image. Se ha descubierto un problema en fs/f2fs/super.c en el kernel de Linux hasta la versión 4.14. Puede ocurrir una denegación de servicio (acceso a memoria fuera de límites y BUG) cuando se encuentra un tamaño de mapa de bits anormal cuando se monta una imagen f2fs manipulada • http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00033.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-13100
https://notcve.org/view.php?id=CVE-2018-13100
03 Jul 2018 — An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3, which does not properly validate secs_per_zone in a corrupted f2fs image, as demonstrated by a divide-by-zero error. Se ha descubierto un problema en fs/f2fs/super.c en el kernel de Linux hasta la versión 4.17.3, que no valida correctamente secs_per_zone en una imagen f2f corrupta, tal y como queda demostrado con un error de división entre cero. • http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00033.html • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-13095 – kernel: NULL pointer dereference in fs/xfs/libxfs/xfs_inode_buf.c
https://notcve.org/view.php?id=CVE-2018-13095
03 Jul 2018 — An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork. Se ha descubierto un problema en fs/xfs/libxfs/xfs_inode_buf.c en el kernel de Linux hasta la versión 4.17.3. Puede ocurrir una denegación de servicio (corrupción de memoria y BUG) para una imagen xfs corrupta después de encontrarse ... • https://access.redhat.com/errata/RHSA-2019:1350 • CWE-476: NULL Pointer Dereference CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2018-12896
https://notcve.org/view.php?id=CVE-2018-12896
02 Jul 2018 — An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer ove... • https://bugzilla.kernel.org/show_bug.cgi?id=200189 • CWE-190: Integer Overflow or Wraparound •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2018-13053 – kernel: Integer overflow in the alarm_timer_nsleep function
https://notcve.org/view.php?id=CVE-2018-13053
02 Jul 2018 — The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. La función alarm_timer_nsleep en kernel/time/alarmtimer.c en el kernel de Linux hasta la versión 4.17.3 tiene un desbordamiento de enteros a través de un tiempo de espera relativo grande porque no se utiliza ktime_add_safe. A flaw was found in the alarm_timer_nsleep() function in kernel/time/alarmtimer.c in the Linux kernel. T... • http://www.securityfocus.com/bid/104671 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 2CVE-2018-12904 – KVM (Nested Virtualization) - L1 Guest Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-12904
27 Jun 2018 — In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL. En arch/x86/kvm/vmx.c en el kernel de Linux en versiones anteriores a la 4.17.2, cuando se emplea la virtualización anidada, los atacantes locales podrían hacer que los invitados L1 KVM realizasen un VMEXIT, permitiendo escalados de privilegios y ataques de den... • https://www.exploit-db.com/exploits/44944 •
CVSS: 6.3EPSS: 0%CPEs: 5EXPL: 0CVE-2018-1000204 – kernel: Infoleak caused by incorrect handling of the SG_IO ioctl
https://notcve.org/view.php?id=CVE-2018-1000204
26 Jun 2018 — Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c2f92824 already. The problem has limited scope, as users don't usually have permissions to access SCSI devices. On the other hand, e.g. the Nero user manual suggests doing `chmod o+r+w /de... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-12633
https://notcve.org/view.php?id=CVE-2018-12633
22 Jun 2018 — An issue was discovered in the Linux kernel through 4.17.2. vbg_misc_device_ioctl() in drivers/virt/vboxguest/vboxguest_linux.c reads the same user data twice with copy_from_user. The header part of the user data is double-fetched, and a malicious user thread can tamper with the critical variables (hdr.size_in and hdr.size_out) in the header between the two fetches because of a race condition, leading to severe kernel errors, such as buffer over-accesses. This bug can cause a local denial of service and inf... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bd23a7269834dc7c1f93e83535d16ebc44b75eba • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10723
https://notcve.org/view.php?id=CVE-2016-10723
21 Jun 2018 — An issue was discovered in the Linux kernel through 4.17.2. Since the page allocator does not yield CPU resources to the owner of the oom_lock mutex, a local unprivileged user can trivially lock up the system forever by wasting CPU resources from the page allocator (e.g., via concurrent page fault events) when the global OOM killer is invoked. NOTE: the software maintainer has not accepted certain proposed patches, in part because of a viewpoint that "the underlying problem is non-trivial to handle. ** EN D... • https://patchwork.kernel.org/patch/10395909 • CWE-399: Resource Management Errors •
CVSS: 7.0EPSS: 0%CPEs: 7EXPL: 0CVE-2018-5814
https://notcve.org/view.php?id=CVE-2018-5814
12 Jun 2018 — In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets. En el kernel de Linux en versiones anteriores a la 4.16.11, 4.14.43, 4.9.102 y 4.4.133, múltiples errores de condición de carrera al gestionar operaciones probe, disconnect y rebind pueden explotarse para desencadenar una con... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •