CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2014-0203 – kernel: fs: slab corruption due to the invalid last component type during do_filp_open()
https://notcve.org/view.php?id=CVE-2014-0203
The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause a denial of service (incorrect free operations and system crash) via an open system call. La función __do_follow_link en fs/namei.c en el kernel de Linux anterior a 2.6.33 no maneja debidamente el componente de último nombre de ruta durante el uso de ciertos sistemas de ficheros, lo que permite a usuarios locales causar una denegación de servicio (operaciones libres incorrectas y caída del sistema) a través de una llamada de sistema abierto. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=86acdca1b63e6890540fa19495cfc708beff3d8b http://linux.oracle.com/errata/ELSA-2014-0771.html http://linux.oracle.com/errata/ELSA-2014-3043.html http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.33 http://secunia.com/advisories/59262 http://secunia.com/advisories/59309 http://secunia.com/advisories/59406 http://secunia.com/advisories/59560 http://www.securityfocus.com/bid/68125 https:/&#x • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 9CVE-2014-3153 – Linux Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2014-3153
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. La función futex_requeue en kernel/futex.c en el kernel de Linux hasta 3.14.5 no asegura que las llamadas tengan dos direcciones futex diferentes, lo que permite a usuarios locales ganar privilegios a través de un comando FUTEX_REQUEUE manipulado que facilita la modificación insegura del objeto o función a la espera. A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. The futex_requeue function in kernel/futex.c in Linux kernel does not ensure that calls have two different futex addresses, which allows local users to gain privileges. • https://www.exploit-db.com/exploits/35370 https://github.com/timwr/CVE-2014-3153 https://github.com/lieanu/CVE-2014-3153 https://github.com/elongl/CVE-2014-3153 https://github.com/zerodavinci/CVE-2014-3153-exploit https://github.com/c3c/CVE-2014-3153 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e9c243a5a6de0be8e584c604d353412584b592f8 http://linux.oracle.com/errata/ELSA-2014-0771.html http://linux.oracle.com/errata/ELSA-2014-3037.html •
CVSS: 7.2EPSS: 0%CPEs: 16EXPL: 0CVE-2014-1737 – kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command
https://notcve.org/view.php?id=CVE-2014-1737
The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. La función raw_cmd_copyin en drivers/block/floppy.c en el kernel de Linux hasta 3.14.3 no maneja debidamente condiciones de error durante el procesado de una llamada FDRAWCMD ioctl, lo que permite a usuarios locales provocar operaciones kfree y ganar privilegios mediante el aprovechamiento de acceso de escritura hacia un dispositivo /dev/fd. A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ef87dbe7614341c2e7bfe8d32fcb7028cc97442c http://linux.oracle.com/errata/ELSA-2014-0771.html http://linux.oracle.com/errata/ELSA-2014-3043.html http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html http://rhn.redhat.com/errata/RHSA-2014-0800.html http://rhn.redhat.com/errata/RHSA-2014-0801.html http://secunia.com • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.6EPSS: 0%CPEs: 12EXPL: 0CVE-2014-1738 – kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command
https://notcve.org/view.php?id=CVE-2014-1738
The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. La función raw_cmd_copyout en drivers/block/floppy.c en el kernel de Linux hasta 3.14.3 no restringe debidamente acceso a ciertos punteros durante el procesamiento de una llamada FDRAWCMD ioctl, lo que permite a usuarios locales obtener información sensible de la memoria dinámica del kernel mediante el aprovechamiento de acceso a escritura hacia un dispositivo /dev/fd. A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2145e15e0557a01b9195d1c7199a1b92cb9be81f http://linux.oracle.com/errata/ELSA-2014-0771.html http://linux.oracle.com/errata/ELSA-2014-3043.html http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html http://rhn.redhat.com/errata/RHSA-2014-0800.html http://rhn.redhat.com/errata/RHSA-2014-0801.html http://secunia.com • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.5EPSS: 0%CPEs: 21EXPL: 0CVE-2014-2438 – mysql: unspecified DoS related to Replication (CPU April 2014)
https://notcve.org/view.php?id=CVE-2014-2438
Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication. Vulnerabilidad no especificada en Oracle MySQL Server 5.5.35 y anteriores y 5.6.15 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a través de vectores desconocidos relacionados con Replication. • http://rhn.redhat.com/errata/RHSA-2014-0522.html http://rhn.redhat.com/errata/RHSA-2014-0536.html http://rhn.redhat.com/errata/RHSA-2014-0537.html http://rhn.redhat.com/errata/RHSA-2014-0702.html http://security.gentoo.org/glsa/glsa-201409-04.xml http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html http://www.securityfocus.com/bid/66846 https://access.redhat.com/security/cve/CVE-2014-2438 https://bugzilla.redhat.com/show_bug.cgi?id=1088191 •