CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-15951
https://notcve.org/view.php?id=CVE-2017-15951
28 Oct 2017 — The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls. El subsistema KEYS en el kernel de Linux en versiones anteriores a la 4.13.10 no sincroniza correctamente las acciones de actualización con las de detección de una clave en el estado "negative" para evitar una... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=363b02dab09b3226f3bd1420dad9c72b79a42a76 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 8CVE-2017-5123 – Linux Kernel 4.13 (Ubuntu 17.10) - 'waitid()' SMEP/SMAP/Chrome Sandbox Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-5123
25 Oct 2017 — Insufficient data validation in waitid allowed an user to escape sandboxes on Linux. Una comprobación de datos insuficiente en waitid permitía a un usuario escapar de los sandbox en Linux • https://www.exploit-db.com/exploits/43127 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2017-15649 – Linux Kernel - 'AF_PACKET' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-15649
19 Oct 2017 — net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346. net/packet/af_packet.c en versiones anteriores a la 4.13.6 del kernel de Linux permite que usuarios locales obtengan privilegios mediante llamadas manipuladas al sistema que dan lugar a... • https://www.exploit-db.com/exploits/44053 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2017-7558 – kernel: Out of bounds read in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() in SCTP stack
https://notcve.org/view.php?id=CVE-2017-7558
19 Oct 2017 — A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic information. As a result, up to 100 bytes of the slab data could be leaked to a userspace. Se ha encontrado una fuga de datos del kernel debido a una lectura fuera de límites en el kernel de Linux en la... • http://seclists.org/oss-sec/2017/q3/338 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15537
https://notcve.org/view.php?id=CVE-2017-15537
17 Oct 2017 — The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace() or rt_sigreturn() system call, allowing local users to read the FPU registers of other processes on the system, related to arch/x86/kernel/fpu/regset.c and arch/x86/kernel/fpu/signal.c. El subsistema x86/fpu (Floating Point Unit) en el kernel de Linux en versiones an... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=814fb7bb7db5433757d76f4c4502c96fc53b0b5e • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2017-15265 – kernel: Use-after-free in snd_seq_ioctl_create_port()
https://notcve.org/view.php?id=CVE-2017-15265
16 Oct 2017 — Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c. Condición de carrera en el subsistema ALSA en el kernel de Linux en versiones anteriores a la 4.13.8 permite que usuarios locales provoquen una denegación de servicio (uso de memoria previamente liberada) o posiblemente ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15299 – kernel: Incorrect updates of uninstantiated keys crash the kernel
https://notcve.org/view.php?id=CVE-2017-15299
14 Oct 2017 — The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call. El subsistema de claves KEYS en el kernel Linux hasta la versión 4.13.7 gestiona de manera incorrecta el uso de add_key para una clave que ya existe, pero no se ha probado, lo que permite que usuarios locales pro... • https://access.redhat.com/errata/RHSA-2018:0654 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12192 – kernel: NULL pointer dereference due to KEYCTL_READ on negative key
https://notcve.org/view.php?id=CVE-2017-12192
12 Oct 2017 — The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of service (OOPS and system crash) via a crafted KEYCTL_READ operation. La función keyctl_read_key en security/keys/keyctl.c en el subcomponente Key Management en el kernel de Linux en versiones anteriores a la 4.13.5 no considera correctamente que se puede ten... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=37863c43b2c6464f252862bf2e9768264e961678 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15274 – kernel: dereferencing NULL payload with nonzero length
https://notcve.org/view.php?id=CVE-2017-15274
12 Oct 2017 — security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192. security/keys/keyctl.c en el kernel de Linux en versiones anteriores a la 4.11.5 no tiene en cuenta el caso de una carga útil NULL junto con un valor de longitud que no sea cero, lo qu... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5649645d725c73df4302428ee4e02c869248b4c5 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-12188 – Kernel: KVM: MMU potential stack buffer overrun during page walks
https://notcve.org/view.php?id=CVE-2017-12188
11 Oct 2017 — arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service (incorrect index during page walking, and host OS crash), aka an "MMU potential stack buffer overrun." arch/x86/kvm/mmu.c en el kernel de Linux hasta 4.13.5, cuando se utiliza la virtualización anidada, no atraviesa adecuadamente las... • http://www.securityfocus.com/bid/101267 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-121: Stack-based Buffer Overflow •