CVSS: 7.0EPSS: 0%CPEs: 7EXPL: 0CVE-2017-6346 – Ubuntu Security Notice USN-3361-1
https://notcve.org/view.php?id=CVE-2017-6346
01 Mar 2017 — Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls. Condición de carrera en net/packet/af_packet.c en el kernel de Linux en versiones anteriores a 4.9.13 permite a usuarios locales provocar una denegación de servicio (uso después de liberación de memoria) o la posibilidad de tener otro impacto no es... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d199fab63c11998a602205f7ee7ff7c05c97164b • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6347 – Ubuntu Security Notice USN-3361-1
https://notcve.org/view.php?id=CVE-2017-6347
01 Mar 2017 — The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system calls, as demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP transmission. La función ip_cmsg_recv_checksum en net/ipv4/ip_sockglue.c en el kernel de Linux en versiones anteriores a 4.10.1 tiene expectativas in... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca4ef4574f1ee5252e2cd365f8f5d5bafd048f32 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6348 – Ubuntu Security Notice USN-3361-1
https://notcve.org/view.php?id=CVE-2017-6348
01 Mar 2017 — The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices. La función hashben_delete en net/irda/irqueue.c en el kernel de Linux en versiones anteriores a 4.9.13 administra incorrectamente el soltado del bloqueo, lo que permite a usuarios locales provocar una denegación de servicio (punto muerto) a través de operaciones manipuladas en los disposi... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4c03b862b12f980456f9de92db6d508a4999b788 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6353 – Debian Security Advisory 3804-1
https://notcve.org/view.php?id=CVE-2017-6353
01 Mar 2017 — net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986. net/sctp/socket.c en el kernel de Linux en versiones hasta 4.10.1 no restringe adecuadamente las operaciones de despegue de la asociación durante varios estados de espera, l... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfcb9f4f99f1e9a49e43398a7bfbf56927544af1 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-5669 – Ubuntu Security Notice USN-3361-1
https://notcve.org/view.php?id=CVE-2017-5669
24 Feb 2017 — The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context. La función do_shmat en ipc/shm.c en el kernel de Linux hasta la versión 4.9.12 no restringe la dirección calculada por cierta operación de redondeo, lo que permite a u... • http://www.debian.org/security/2017/dsa-3804 •
CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0CVE-2017-6214 – kernel: ipv4/tcp: Infinite loop in tcp_splice_read()
https://notcve.org/view.php?id=CVE-2017-6214
23 Feb 2017 — The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag. La función tcp_splice_read en net/ipv4/tcp.c en el kernel de Linux en versiones anteriores a 4.9.11 permite a atacantes remotos provocar una denegación de servicio (bucle infinito y bloqueo débil) a través de vectores que involucran un paquete TCP con la bandera URG. A flaw was found in the ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2017-5897 – Ubuntu Security Notice USN-3361-1
https://notcve.org/view.php?id=CVE-2017-5897
23 Feb 2017 — The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access. La función ip6gre_err en net/ipv6/ip6_gre.c en el kernel de Linux permite a atacantes remotos tener impacto no especificado a través de vectores involucrando indicadores GRE flags en un paquete IPv6, que desencadenan un acceso fuera de los límites. USN-3358-1 fixed vulnerabilities in the Linux kernel for... • http://www.debian.org/security/2017/dsa-3791 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 6CVE-2017-6074 – Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free (PoC)
https://notcve.org/view.php?id=CVE-2017-6074
18 Feb 2017 — The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call. La función dccp_rcv_state_process en net/dccp/input.c en el kernel de Linux hasta la versión 4.9.11 no maneja adecuadamente estructuras de paquetes de datos DCCP_PKT_REQUEST en el e... • https://packetstorm.news/files/id/141339 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5986 – kernel: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf
https://notcve.org/view.php?id=CVE-2017-5986
18 Feb 2017 — Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state. Condición de carrera en la función sctp_wait_for_sndbuf en net/sctp/socket.c en el kernel de Linux en versiones anteriores a 4.9.11 permite a usuarios locales provocar una denegación de servicio (fallo de aserción y pánico) a través ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2dcab598484185dea7ec22219c76dcdd59e3cb90 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-617: Reachable Assertion •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0570
https://notcve.org/view.php?id=CVE-2015-0570
09 May 2016 — Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that uses a long WPS IE element. Desbordamiento de buffer basado en pila en la implementación de SET_WPS_IE IOCTL en wlan_hdd_hostapd.c en el controlador WLAN (también conocido como Wi-Fi) para... • http://source.android.com/security/bulletin/2016-05-01.html • CWE-787: Out-of-bounds Write •