CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10087
https://notcve.org/view.php?id=CVE-2018-10087
13 Apr 2018 — The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value. La función kernel_wait4 en kernel/exit.c en el kernel de Linux, en versiones anteriores a la 4.13, cuando se emplea una arquitectura y un compilador sin especificar, podría permitir que usuarios locales provoquen una denegación de servicio (DoS) desencadenando un intento de... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd83c161fbcc5d8be637ab159c0de015cbff5ba4 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-10074
https://notcve.org/view.php?id=CVE-2018-10074
12 Apr 2018 — The hi3660_stub_clk_probe function in drivers/clk/hisilicon/clk-hi3660-stub.c in the Linux kernel before 4.16 allows local users to cause a denial of service (NULL pointer dereference) by triggering a failure of resource retrieval. La función hi3660_stub_clk_probe en drivers/clk/hisilicon/clk-hi3660-stub.c en el kernel de Linux, en versiones anteriores a la 4.16, permite que usuarios locales provoquen una denegación de servicio (desreferencia de puntero NULL) al desencadenar un error de recuperación de recu... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9903e41ae1f5d50c93f268ca3304d4d7c64b9311 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-10021
https://notcve.org/view.php?id=CVE-2018-10021
11 Apr 2018 — drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows local users to cause a denial of service (ata qc leak) by triggering certain failure conditions. NOTE: a third party disputes the relevance of this report because the failure can only occur for physically proximate attackers who unplug SAS Host Bus Adapter cables ** EN DISPUTA ** drivers/scsi/libsas/sas_scsi_host.c en el kernel de Linux en versiones anteriores a la 4.16 permite que los usuarios locales provoquen una denegación de ser... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=318aaf34f1179b39fa9c30fa0f3288b645beee39 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-18257
https://notcve.org/view.php?id=CVE-2017-18257
04 Apr 2018 — The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl. La función __get_data_block en fs/f2fs/data.c en el kernel de Linux, en versiones anteriores a la 4.11, permite que usuarios locales provoquen una denegación de servicio (desbordamiento de enteros y bucle) mediante el uso manipulado de las llamadas del sistema open y fall... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b86e33075ed1909d8002745b56ecf73b833db143 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1093
https://notcve.org/view.php?id=CVE-2018-1093
02 Apr 2018 — The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers. La función ext4_valid_block_bitmap en fs/ext4/balloc.c en el kernel de Linux hasta la versión 4.15.15 permite que los atacantes provoquen un denegación de servicio (lectura fuera de límites y cierre inesperado del sistema) mediante una imagen... • http://openwall.com/lists/oss-security/2018/03/29/1 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 1CVE-2018-1094 – kernel: NULL pointer dereference in ext4/xattr.c:ext4_xattr_inode_hash() causes crash with crafted ext4 image
https://notcve.org/view.php?id=CVE-2018-1094
02 Apr 2018 — The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image. La función ext4_fill_super en fs/ext4/super.c en el kernel de Linux hasta la versión 4.15.15 no inicializa siempre el controlador de las sumas de verificación crc32c, lo que permite que los atacantes provoquen una denegación de s... • http://openwall.com/lists/oss-security/2018/03/29/1 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1092 – kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image
https://notcve.org/view.php?id=CVE-2018-1092
02 Apr 2018 — The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image. La función ext4_iget en fs/ext4/inode.c en el kernel de Linux hasta la versión 4.15.15 gestiona de manera incorrecta el caso de un directorio root con un i_lnks_count igual a cero, lo que permite que los atacantes provoquen una d... • http://openwall.com/lists/oss-security/2018/03/29/1 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-1095 – kernel: out-of-bound access in fs/posix_acl.c:get_acl() causes crash with crafted ext4 image
https://notcve.org/view.php?id=CVE-2018-1095
02 Apr 2018 — The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, which causes misinterpretation of a size as an error code, and consequently allows attackers to cause a denial of service (get_acl NULL pointer dereference and system crash) via a crafted ext4 image. La función ext4_xattr_check_entries en fs/ext4/xattr.c en el kernel de Linux hasta la versión 4.15.15 no valida correctamente los tamaños de xattr, lo que provoca una malinterpret... • http://openwall.com/lists/oss-security/2018/03/29/1 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18255
https://notcve.org/view.php?id=CVE-2017-18255
31 Mar 2018 — The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calculation. La función perf_cpu_time_max_percent_handler en kernel/events/core.c en el kernel de Linux en versiones anteriores a la 4.11 permite que los usuarios locales provoquen una denegación de servicio (desbordamiento de enteros) o... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1572e45a924f254d9570093abde46430c3172e3d • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1091 – kernel: guest kernel crash during core dump on POWER9 host
https://notcve.org/view.php?id=CVE-2018-1091
27 Mar 2018 — In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service. En la función flush_tmregs_to_thread en arch/powerpc/kernel/ptrace.c en el kernel de Linux, en versiones anteriores a la 4.13.5, se puede desencad... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1fa0768a8713b135848f78fd43ffc208d8ded70 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-391: Unchecked Error Condition •