CVSS: 7.8EPSS: 29%CPEs: 21EXPL: 2CVE-2014-3673 – kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks
https://notcve.org/view.php?id=CVE-2014-3673
31 Oct 2014 — The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c. La implementación SCTP en el kernel de Linux hasta 3.17.2 permite a atacantes remotos causar una denegación de servicio (caída del sistema) a través de un chunk ASCONF malformado, relacionado con net/sctp/sm_make_chunk.c y net/sctp/sm_statefuns.c. A flaw was found in the way the Linux kern... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9de7922bc709eee2f609cd01d98aaedc4cf5ea74 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2014-3610 – kernel: kvm: noncanonical MSR writes
https://notcve.org/view.php?id=CVE-2014-3610
30 Oct 2014 — The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c. La funcionalidad de procesamiento WRMSR en el subsistema KVM en el kernel de Linux hasta 3.17.2 no ma... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=854e8bb1aa06c578c2c9145fa6bfe3680ef63b23 • CWE-248: Uncaught Exception •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2014-3647 – kernel: kvm: noncanonical rip after emulation
https://notcve.org/view.php?id=CVE-2014-3647
30 Oct 2014 — arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. arch/x86/kvm/emulate.c en el subsistema KVM en el kernel de Linux hasta 3.17.2 no realiza debidamente los cambios RIP, lo que permite a usuarios del sistema operativo invitado causar una denegación de servicio (caída del sistema operativo invitado) a través de una aplicación manipulada. A fla... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=234f3ce485d54017f15cf5e0699cff4100121601 • CWE-248: Uncaught Exception •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-3611 – kernel: kvm: PIT timer race condition
https://notcve.org/view.php?id=CVE-2014-3611
29 Oct 2014 — Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation. Condición de carrera en la función __kvm_migrate_pit_timer en arch/x86/kvm/i8254.c en el subsistema KVM en el kernel de Linux hasta 3.17.2 permite a usuarios del sistema operativo invitado causar una denegación de servicio (caída del sistema operativo anfitrión) mediante... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2febc839133280d5a5e8e1179c94ea674489dae2 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2014-3646 – kernel: kvm: vmx: invvpid vm exit not handled
https://notcve.org/view.php?id=CVE-2014-3646
29 Oct 2014 — arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. arch/x86/kvm/vmx.c en el subsistema KVM en el kernel de Linux hasta 3.17.2 no tiene un manejador de salida para la instrucción INVVPID, lo que permite a usuarios del sistema operativo invitado causar una denegación de servicio (caída del sistema operativo invitado) a través de... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a642fc305053cc1c6e47e4f4df327895747ab485 • CWE-248: Uncaught Exception •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2014-7970 – Kernel: fs: VFS denial of service
https://notcve.org/view.php?id=CVE-2014-7970
13 Oct 2014 — The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call. La implementación pivot_root en fs/namespace.c en el kernel de Linux hasta 3.17 no interactúa debidamente con ciertas localizaciones de un directorio chroot, lo que permite a usuarios locales causar una denegación de s... • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 3CVE-2014-8086 – Kernel: fs: ext4 race condition
https://notcve.org/view.php?id=CVE-2014-8086
13 Oct 2014 — Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag. Condición de carrera en la función ext4_file_write_iter en fs/ext4/file.c en el kernel de Linux hasta 3.17 permite a usuarios locales causar una denegación de servicio (no disponibilidad de ficheros) a través de una combinación de una acción de escr... • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-7975 – Kernel: fs: umount denial of service
https://notcve.org/view.php?id=CVE-2014-7975
13 Oct 2014 — The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of writability) by making certain unshare system calls, clearing the / MNT_LOCKED flag, and making an MNT_FORCE umount system call. La función do_umount en fs/namespace.c en el kernel de Linux hasta 3.17 no requiere la capacidad CAP_SYS_ADMIN para llamadas do_re... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ef3a56b1c466629cd0bf482b09c7b0e5a085bb5 •
CVSS: 7.5EPSS: 3%CPEs: 15EXPL: 2CVE-2014-7284
https://notcve.org/view.php?id=CVE-2014-7284
13 Oct 2014 — The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by leveraging the predictability of TCP sequence numbers, TCP and UDP port numbers, and IP ID values. La implementación net_get_random_once en net/core/utils.c en el kernel de Linux 3.13.x y 3.14.x anterior a 3.14.5... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3d4405226d27b3a215e4d03cfa51f536244e5de7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 3CVE-2014-7283 – kernel: xfs: directory hash ordering denial of service
https://notcve.org/view.php?id=CVE-2014-7283
13 Oct 2014 — The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service (filesystem corruption, and OOPS or panic) via operations on directories that have hash collisions, as demonstrated by rmdir operations. La función xfs_da3_fixhashpath en fs/xfs/xfs_da_btree.c en la implementación xfs en el kernel de Linux anterior a 3.14.2 no compara debidamente los valores de... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c88547a8119e3b581318ab65e9b72f27f23e641d • CWE-399: Resource Management Errors •