CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2016-0758 – kernel: tags with indefinite length can corrupt pointers in asn1_find_indefinite_length()
https://notcve.org/view.php?id=CVE-2016-0758
12 May 2016 — Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data. Desbordamiento de entero en lib/asn1_decoder.c en el kernel de Linux en versiones anteriores a 4.6 permite a usuarios locales obtener privilegios a través de datos ASN.1 manipulados. A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 c... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0570
https://notcve.org/view.php?id=CVE-2015-0570
09 May 2016 — Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that uses a long WPS IE element. Desbordamiento de buffer basado en pila en la implementación de SET_WPS_IE IOCTL en wlan_hdd_hostapd.c en el controlador WLAN (también conocido como Wi-Fi) para... • http://source.android.com/security/bulletin/2016-05-01.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0571
https://notcve.org/view.php?id=CVE-2015-0571
09 May 2016 — The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to gain privileges via a crafted application, related to wlan_hdd_hostapd.c and wlan_hdd_wext.c. El controlador WLAN (también conocido como Wi-Fi) para el kernel de Linux 3.x y 4.x, según se utiliza en Qualcomm Innovation Center (QuIC) Android contributions for MSM... • http://source.android.com/security/bulletin/2016-05-01.html • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 11%CPEs: 14EXPL: 1CVE-2016-3955 – Ubuntu Security Notice USN-3002-1
https://notcve.org/view.php?id=CVE-2016-3955
09 May 2016 — The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet. La función usbip_recv_xbuff en drivers/usb/usbip/usbip_common.c en el kernel de Linux en versiones anteriores a 4.5.3 permite a atacantes remotos provocar una denegación de servicio (escritura fuera de límites) o posiblemente tener otro impacto no e... • https://github.com/pqsec/uboatdemo • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 4CVE-2016-4557 – Linux Kernel 4.4 (Ubuntu 16.04) - 'BPF' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-4557
03 May 2016 — The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted BPF instructions that reference an incorrect file descriptor. La función replace_map_fd_with_map_ptr en kernel/bpf/verifier.c en el kernel de Linux en versiones anteriores a 4.5.5 no mantiene correctamente una estructura de datos fd, lo que permite a usuarios lo... • https://packetstorm.news/files/id/136905 •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2053 – kernel: Kernel panic and system lockup by triggering BUG_ON() in public_key_verify_signature()
https://notcve.org/view.php?id=CVE-2016-2053
02 May 2016 — The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c. La función asn1_ber_decoder en lib/asn1_decoder.c en el kernel de Linux en versiones anteriores a 4.3 permite a atacantes provocar una denegación de servicio (pánico) a través de un archivo ASN.1 BER que carece de clave p... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0d62e9dd6da45bbf0f33a8617afc5fe774c8f45f • CWE-228: Improper Handling of Syntactically Invalid Structure CWE-310: Cryptographic Issues •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4176
https://notcve.org/view.php?id=CVE-2015-4176
02 May 2016 — fs/namespace.c in the Linux kernel before 4.0.2 does not properly support mount connectivity, which allows local users to read arbitrary files by leveraging user-namespace root access for deletion of a file or directory. fs/namespace.c en el kernel de Linux en versiones anteriores a 4.0.2 no soporta correctamente conectividad de montaje, lo que permite a usuarios locales leer archivos arbitrarios aprovechando acceso root al espacio de nombres de usuario para eliminar un archivo o directorio. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e0c9c0afd2fc958ffa34b697972721d81df8a56f • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2015-8746 – kernel: when NFSv4 migration is executed, kernel oops occurs at NFS client
https://notcve.org/view.php?id=CVE-2015-8746
02 May 2016 — fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted network traffic. fs/nfs/nfs4proc.c en el cliente NFS en el kernel de Linux en versiones anteriores a 4.2.2 no inicializa memoria correctamente para operaciones de recuperación de migración, lo que permite a servidores NFS remotos provocar una denegación de servi... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=18e3b739fdc826481c6a1335ce0c5b19b3d415da • CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-2070
https://notcve.org/view.php?id=CVE-2016-2070
02 May 2016 — The tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via crafted TCP traffic. La función tcp_cwnd_reduction en net/ipv4/tcp_input.c en el kernel de Linux en versiones anteriores a 4.3.5 permite a atacantes remotos provocar una denegación de servicio (error de división por cero y caída de sistema) a través de tráfico TCP manipulado. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8b8a321ff72c785ed5e8b4cf6eda20b35d427390 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4177
https://notcve.org/view.php?id=CVE-2015-4177
02 May 2016 — The collect_mounts function in fs/namespace.c in the Linux kernel before 4.0.5 does not properly consider that it may execute after a path has been unmounted, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call. La función collect_mounts en fs/namespace.c en el kernel de Linux en versiones anteriores a 4.0.5 no considera correctamente que se pueda ejecutar después de que una ruta sea desmontada, lo que permite a ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cd4a40174b71acd021877341684d8bb1dc8ea4ae •