CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2016-4913 – kernel: Information leak when handling NM entries containing NUL
https://notcve.org/view.php?id=CVE-2016-4913
23 May 2016 — The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem. La función get_rock_ridge_filename en fs/isofs/rock.c en el kernel de Linux en versiones anteriores a 4.5.5 no maneja correctamente entradas NM (también conocidas como alternate name) que contienen caract... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99d825822eade8d827a1817357cbf3f889a552d6 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3713
https://notcve.org/view.php?id=CVE-2016-3713
16 May 2016 — The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash), via a crafted ioctl call. La función msr_mtrr_valid en arch/x86/kvm/mtrr.c en el kernel de Linux en versiones anteriores a 4.6.1 sostiene MSR 0x2f8, lo que permite a usuarios invitados del sistema operativo leer o escribir en la estruc... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9842df62004f366b9fed2423e24df10542ee0dc5 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 8%CPEs: 14EXPL: 1CVE-2016-3955
https://notcve.org/view.php?id=CVE-2016-3955
09 May 2016 — The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet. La función usbip_recv_xbuff en drivers/usb/usbip/usbip_common.c en el kernel de Linux en versiones anteriores a 4.5.3 permite a atacantes remotos provocar una denegación de servicio (escritura fuera de límites) o posiblemente tener otro impacto no e... • https://github.com/pqsec/uboatdemo • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0571
https://notcve.org/view.php?id=CVE-2015-0571
09 May 2016 — The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to gain privileges via a crafted application, related to wlan_hdd_hostapd.c and wlan_hdd_wext.c. El controlador WLAN (también conocido como Wi-Fi) para el kernel de Linux 3.x y 4.x, según se utiliza en Qualcomm Innovation Center (QuIC) Android contributions for MSM... • http://source.android.com/security/bulletin/2016-05-01.html • CWE-862: Missing Authorization •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0570
https://notcve.org/view.php?id=CVE-2015-0570
09 May 2016 — Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that uses a long WPS IE element. Desbordamiento de buffer basado en pila en la implementación de SET_WPS_IE IOCTL en wlan_hdd_hostapd.c en el controlador WLAN (también conocido como Wi-Fi) para... • http://source.android.com/security/bulletin/2016-05-01.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2CVE-2016-4557 – Linux Kernel 4.4 (Ubuntu 16.04) - 'BPF' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-4557
03 May 2016 — The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted BPF instructions that reference an incorrect file descriptor. La función replace_map_fd_with_map_ptr en kernel/bpf/verifier.c en el kernel de Linux en versiones anteriores a 4.5.5 no mantiene correctamente una estructura de datos fd, lo que permite a usuarios lo... • https://www.exploit-db.com/exploits/40759 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 3CVE-2016-2854 – AUFS (Ubuntu 15.10) - 'allow_userns' Fuse/Xattr User Namespaces Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-2854
02 May 2016 — The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory. El módulo aufs para el kernel de Linux 3.x y 4.x no mantiene correctamente datos POSIX ACL xattr, lo que permite a usuarios locales obtener privilegos aprovechando un directorio con permiso de escritura de grupo setgid. AUFS (Ubuntu 15.10) suffers from an allow_userns fuse/xattr user namespaces privilege escalation vuln... • https://www.exploit-db.com/exploits/41761 • CWE-269: Improper Privilege Management •
CVSS: 5.1EPSS: 0%CPEs: 10EXPL: 0CVE-2015-8839 – kernel: ext4 filesystem page fault race condition with fallocate call.
https://notcve.org/view.php?id=CVE-2015-8839
02 May 2016 — Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5 allow local users to cause a denial of service (disk corruption) by writing to a page that is associated with a different user's file after unsynchronized hole punching and page-fault handling. Múltiples condiciones de carrera en la implementación del sistema de archivos ext4 en el kernel de Linux en versiones anteriores a 4.5 permite a usuarios locales provocar una denegación de servicio (corrupción de disco) escr... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ea3d7209ca01da209cda6f0dea8be9cc4b7a933b • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.9EPSS: 0%CPEs: 9EXPL: 0CVE-2016-2187
https://notcve.org/view.php?id=CVE-2016-2187
02 May 2016 — The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor. La función gtco_probe en drivers/input/tablet/gtco.c en el kernel de Linux hasta la versión 4.5.2 permite a atacantes físicamente próximos provocar una denegación de servicio (referencia a puntero NULL y caída de sistema) a través de un valor de disposit... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=162f98dea487206d9ab79fc12ed64700667a894d •
CVSS: 4.9EPSS: 0%CPEs: 15EXPL: 0CVE-2016-3951
https://notcve.org/view.php?id=CVE-2016-3951
02 May 2016 — Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor. Vulnerabilidad de liberación de memoria doble en drivers/net/usb/cdc_ncm.c en el kernel de Linux en versiones anteriores a 4.5 permite a atacantes físicamente próximos provocar una denegación de servicio (caída de sistema) o posiblemente tener ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1666984c8625b3db19a9abc298931d35ab7bc64b •