CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6874
https://notcve.org/view.php?id=CVE-2017-6874
14 Mar 2017 — Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls that leverage certain decrement behavior that causes incorrect interaction between put_ucounts and get_ucounts. Condición de carrera en kernel/ucount.c en el kernel de Linux hasta la versión 4.10.2 permite a usuarios locales provocar una denegación de servicio (uso después de liberación y caíd... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=040757f738e13caaa9c5078bca79aa97e11dde88 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1CVE-2017-2636 – kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release()
https://notcve.org/view.php?id=CVE-2017-2636
07 Mar 2017 — Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline. Condición de carrera en drivers/tty/n_hdlc.c en el kernel de Linux hasta la versión 4.10.1 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (liberación doble) ajustando la línea de disciplina HDLC. A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdl... • https://github.com/alexzorin/cve-2017-2636-el • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6347 – Ubuntu Security Notice USN-3361-1
https://notcve.org/view.php?id=CVE-2017-6347
01 Mar 2017 — The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system calls, as demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP transmission. La función ip_cmsg_recv_checksum en net/ipv4/ip_sockglue.c en el kernel de Linux en versiones anteriores a 4.10.1 tiene expectativas in... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca4ef4574f1ee5252e2cd365f8f5d5bafd048f32 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6353 – Debian Security Advisory 3804-1
https://notcve.org/view.php?id=CVE-2017-6353
01 Mar 2017 — net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986. net/sctp/socket.c en el kernel de Linux en versiones hasta 4.10.1 no restringe adecuadamente las operaciones de despegue de la asociación durante varios estados de espera, l... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfcb9f4f99f1e9a49e43398a7bfbf56927544af1 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-5669 – Ubuntu Security Notice USN-3361-1
https://notcve.org/view.php?id=CVE-2017-5669
24 Feb 2017 — The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context. La función do_shmat en ipc/shm.c en el kernel de Linux hasta la versión 4.9.12 no restringe la dirección calculada por cierta operación de redondeo, lo que permite a u... • http://www.debian.org/security/2017/dsa-3804 •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0570
https://notcve.org/view.php?id=CVE-2015-0570
09 May 2016 — Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that uses a long WPS IE element. Desbordamiento de buffer basado en pila en la implementación de SET_WPS_IE IOCTL en wlan_hdd_hostapd.c en el controlador WLAN (también conocido como Wi-Fi) para... • http://source.android.com/security/bulletin/2016-05-01.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0571
https://notcve.org/view.php?id=CVE-2015-0571
09 May 2016 — The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to gain privileges via a crafted application, related to wlan_hdd_hostapd.c and wlan_hdd_wext.c. El controlador WLAN (también conocido como Wi-Fi) para el kernel de Linux 3.x y 4.x, según se utiliza en Qualcomm Innovation Center (QuIC) Android contributions for MSM... • http://source.android.com/security/bulletin/2016-05-01.html • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 4CVE-2016-2853 – AUFS (Ubuntu 15.10) - 'allow_userns' Fuse/Xattr User Namespaces Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-2853
02 May 2016 — The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program. El módulo aufs para el kernel de Linux 3.x y 4.x no restringe correctamente el espacio de nombres de montaje, lo que permite a usuarios locales obtener privilegos montando un sistema de archivos aufs sobre un sistema de archivos FUSE y luego ejecutando un programa s... • https://packetstorm.news/files/id/141914 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 4CVE-2016-2854 – AUFS (Ubuntu 15.10) - 'allow_userns' Fuse/Xattr User Namespaces Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-2854
02 May 2016 — The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory. El módulo aufs para el kernel de Linux 3.x y 4.x no mantiene correctamente datos POSIX ACL xattr, lo que permite a usuarios locales obtener privilegos aprovechando un directorio con permiso de escritura de grupo setgid. Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not proper... • https://packetstorm.news/files/id/141914 • CWE-269: Improper Privilege Management •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 2CVE-2015-0569 – Linux Kernel 3.x/4.x - prima WLAN Driver Heap Overflow
https://notcve.org/view.php?id=CVE-2015-0569
25 Jan 2016 — Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that establishes a packet filter. Desbordamiento de buffer basado en memoria dinámica en la implementación de extensiones de wireless privadas IOCTL en wlan_hdd_wext.c en el contro... • https://packetstorm.news/files/id/135372 • CWE-787: Out-of-bounds Write •