CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10154
https://notcve.org/view.php?id=CVE-2016-10154
06 Feb 2017 — The smbhash function in fs/cifs/smbencrypt.c in the Linux kernel 4.9.x before 4.9.1 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a scatterlist. La función smbhash en fs/cifs/smbencrypt.c en el kernel de Linux 4.9.x en versiones anteriores a 4.9.1 interactúa incorrectamente con la opción CONFIG_VMAP_STACK, que permi... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=06deeec77a5a689cc94b21a8a91a76e42176685d • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5551 – kernel: S_ISGD is not cleared when setting posix ACLs in tmpfs (CVE-2016-7097 incomplete fix)
https://notcve.org/view.php?id=CVE-2017-5551
06 Feb 2017 — The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097. La función simple_set_acl en fs/posix_acl.c en el kernel de Linux en versiones anteriores a 4.9.6 preserva el bit setgid durante una ll... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=497de07d89c1410d76a15bec2bb41f24a2a89f31 • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2016-10150
https://notcve.org/view.php?id=CVE-2016-10150
03 Feb 2017 — Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or possibly gain privileges via crafted ioctl calls on the /dev/kvm device. Vulnerabilidad de uso después de liberación de memoria en la función kvm_ioctl_create_device en virt/kvm/kvm_main.c en el kernel de Linux en versiones anteriores a 4.8.13 permite a usuarios del SO anfitrión provocar una denegación de servicio (... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0f1d21c1ccb1da66629627a74059dd7f5ac9c61 • CWE-264: Permissions, Privileges, and Access Controls CWE-416: Use After Free •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5206
https://notcve.org/view.php?id=CVE-2017-5206
24 Jan 2017 — Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument. Firejail en versiones anteriores a 0.9.44.4, cuando se ejecuta en un Linux kernel en versiones anteriores a 4.8, permite a atacantes dependientes del contexto evitar un mecanismo seccomp-based de protección de sandbox a través del argumento --allow-debuggers. • http://www.openwall.com/lists/oss-security/2017/01/07/5 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10147 – kernel: Kernel crash by spawning mcrypt(alg) with incompatible algorithm
https://notcve.org/view.php?id=CVE-2016-10147
18 Jan 2017 — crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm, as demonstrated by mcryptd(md5). crypto/mcryptd.c en el kernel de Linux en versiones anteriores a 4.8.15 permite a usuarios locales provocar una denegación de servicio (referencia a puntero NULL y caída del sistema) usando un socket AF_ALG con un algoritmo incompatible, según lo demostrado por mcryptd(md5). Al... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=48a992727d82cb7db076fa15d372178743b1f4cd • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2584 – Kernel: kvm: use after free in complete_emulated_mmio
https://notcve.org/view.php?id=CVE-2017-2584
15 Jan 2017 — arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt. arch/x86/kvm/emulate.c en el kernel de Linux hasta la versión 4.9.3 permite a usuarios locales obtener información sensible de memoria del kernel o provocar una denegación de servicio (uso después de liberación de memoria) a través de una ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=129a72a0d3c8e139a04512325384fe5ac119e74d • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-8399 – kernel: net: Out of bounds stack read in memcpy_fromiovec
https://notcve.org/view.php?id=CVE-2016-8399
12 Jan 2017 — An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935. • http://rhn.redhat.com/errata/RHSA-2017-0817.html • CWE-20: Improper Input Validation CWE-284: Improper Access Control •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2016-10088 – kernel: Use after free in SCSI generic device interface (CVE-2016-9576 regression)
https://notcve.org/view.php?id=CVE-2016-10088
30 Dec 2016 — The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576. La implementación sg en el kernel Linux hasta la versión 4.9 no restring... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=128394eff343fc6d2f32172f03e24829539c5835 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9576 – kernel: Use after free in SCSI generic device interface
https://notcve.org/view.php?id=CVE-2016-9576
28 Dec 2016 — The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device. La función blk_rq_map_user_iov en block/blk-map.c en el kernel de Linux en versiones anteriores a 4.8.14 no restringe adecuadamente el tipo de iterador, lo que permite a usuarios locales leer o escribir a ubica... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ac402cfcdc904f9772e1762b3fda112dcc56a0 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9588 – Kernel: kvm: nVMX: uncaught software exceptions in L1 guest leads to DoS
https://notcve.org/view.php?id=CVE-2016-9588
28 Dec 2016 — arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest. arch/x86/kvm/vmx.c en el kernek de Linux hasta la versión 4.9 no gestiona adecuadamente las excepciones #BP y #OF, lo que permite a usuarios del SO invitados provocar una denegación de servicio (caída del SO invitado) declinando el manejo de una excepción lanzada por un invitado L2. Linux... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ef85b67385436ddc1998f45f1d6a210f935b3388 • CWE-248: Uncaught Exception CWE-388: 7PK - Errors •