CVSS: 9.9EPSS: 0%CPEs: 11EXPL: 0CVE-2015-3331 – Kernel: crypto: buffer overruns in RFC4106 implementation using AESNI
https://notcve.org/view.php?id=CVE-2015-3331
27 Apr 2015 — The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service (buffer overflow and system crash) or possibly execute arbitrary code by triggering a crypto API call, as demonstrated by use of a libkcapi test program with an AF_ALG(aead) socket. La función __driver_rfc4106_decrypt en arch/x86/crypto/aesni-intel_glue.c en... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccfe8c3f7e52ae83155cb038753f4c75b774ca8a • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 2CVE-2015-2922 – kernel: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements.
https://notcve.org/view.php?id=CVE-2015-2922
27 Apr 2015 — The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. La función ndisc_router_discovery en net/ipv6/ndisc.c en la implementación de protocolo Neighbor Discovery (ND) en la pila IPv6 en el kernel de Linux anterior a 3.19.6 permite a atacantes remotos reconfigurar una configura... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fd99094de2b83d1d4c8457f2c83483b2828e75a • CWE-17: DEPRECATED: Code CWE-454: External Initialization of Trusted Variables or Data Stores •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3332
https://notcve.org/view.php?id=CVE-2015-3332
27 Apr 2015 — A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x through 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds. Cierto backport en la implementación TCP Fast Open para el kernel de Linux... • http://article.gmane.org/gmane.linux.network/359588 • CWE-399: Resource Management Errors •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0CVE-2015-3339 – kernel: race condition between chown() and execve()
https://notcve.org/view.php?id=CVE-2015-3339
27 Apr 2015 — Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped. Condición de carrera en la función prepare_binprm en fs/exec.c en el kernel de Linux anterior a 3.19.6 permite a usuarios locales ganar privilegios mediante la ejecución de un programa setuid en un instancia de tiempo que un ch... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8b01fc86b9f425899f8a3a8fc1c47d73c2c20543 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2015-2041
https://notcve.org/view.php?id=CVE-2015-2041
09 Apr 2015 — net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. net/llc/sysctl_net_llc.c en el kernel de Linux anterior a 3.19 utiliza un tipo de datos incorrecto en una tabla sysctl, lo que permite a usuarios locales obtener información sensible de la memoria del kernel o posiblemente tener otro impacto no espe... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6b8d9117ccb4f81b1244aafa7bc70ef8fa45fc49 • CWE-17: DEPRECATED: Code •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-2042
https://notcve.org/view.php?id=CVE-2015-2042
09 Apr 2015 — net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. net/rds/sysctl.c en el kernel de Linux anterior a 3.19 utiliza un tipo de datos incorrecta en una tabla sysctl, lo que permite a usuarios locales obtener información sensible de la memoria del kernel o posiblemente tener otro impacto no especificado mediant... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=db27ebb111e9f69efece08e4cb6a34ff980f8896 • CWE-17: DEPRECATED: Code •
CVSS: 7.8EPSS: 10%CPEs: 8EXPL: 0CVE-2015-1465
https://notcve.org/view.php?id=CVE-2015-1465
24 Mar 2015 — The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service (memory consumption or system crash) via a flood of packets. La implementación IPv4 en el kernel de Linux anterior a 3.18.8 no considera correctamente la longitud del periodo de gracia de Read-Copy Update (RCU) para redirigir búsquedas en la ausencia de cacheo, l... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=df4d92549f23e1c037e83323aff58a21b3de7fe0 • CWE-17: DEPRECATED: Code •
CVSS: 5.5EPSS: 0%CPEs: 32EXPL: 0CVE-2015-2150
https://notcve.org/view.php?id=CVE-2015-2150
12 Mar 2015 — Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response. Xen 3.3.x hasta la versión 4.5.x y en el kernel de Linux hasta la versión 3.19.1 no restringe adecuadamente el acceso al registro... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=af6fc858a35b90e89ea7a7ee58e66628c55c776b • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 14EXPL: 0CVE-2014-8159 – kernel: infiniband: uverbs: unprotected physical memory access
https://notcve.org/view.php?id=CVE-2014-8159
11 Mar 2015 — The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by leveraging permissions on a uverbs device under /dev/infiniband/. La implementación InfiniBand (IB) en el paquete del kernel de Linux anterior a 2.6.32-504... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 • CWE-190: Integer Overflow or Wraparound CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2014-8173 – kernel: NULL pointer dereference in madvise(MADV_WILLNEED) support
https://notcve.org/view.php?id=CVE-2014-8173
05 Mar 2015 — The pmd_none_or_trans_huge_or_clear_bad function in include/asm-generic/pgtable.h in the Linux kernel before 3.13 on NUMA systems does not properly determine whether a Page Middle Directory (PMD) entry is a transparent huge-table entry, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted MADV_WILLNEED madvise system call that leverages the absence of a page-table lock. La función pmd_none_or_trans_huge_or_c... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ee53664bda169f519ce3c6a22d378f0b946c8178 • CWE-476: NULL Pointer Dereference •