CVSS: 9.8EPSS: 41%CPEs: 14EXPL: 0CVE-2015-5364 – kernel: net: incorrect processing of checksums in UDP implementation
https://notcve.org/view.php?id=CVE-2015-5364
23 Jul 2015 — The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood. Vulnerabilidad en las funciones (1) udp_recvmsg y (2) udpv6_recvmsg en el kernel de Linux en versiones anteriores a 4.0.6, no considera adecuadamente ceder un procesador, lo que permite a atacantes remotos causar una denegación de servicio (colgado del sis... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=beb39db59d14990e401e235faf66a6b9b31240b0 • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 39%CPEs: 2EXPL: 0CVE-2015-5366 – kernel: net: incorrect processing of checksums in UDP implementation
https://notcve.org/view.php?id=CVE-2015-5366
23 Jul 2015 — The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364. Vulnerabilidad en las funciones (1) udp_recvmsg y (2) udpv6_recvmsg en el kernel de Linux en versiones anteriores a 4.0.6, proporcionan valores de retorno -EAGAIN inapropiados, lo que permite a ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=beb39db59d14990e401e235faf66a6b9b31240b0 • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-5321 – Kernel: tty: driver reference leakage in tty_open
https://notcve.org/view.php?id=CVE-2011-5321
16 Jul 2015 — The tty_open function in drivers/tty/tty_io.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted access to a device file under the /dev/pts directory. La función tty_open en drivers/tty/tty_io.c en el kernel de Linux en versiones anteriores a 3.1.1 no maneja adecuadamente un fallo de búsqueda de controlador, lo que permite a usuarios locale... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c290f8358acaeffd8e0c551ddcc24d1206143376 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4700 – kernel: Crafted BPF filters may crash kernel during JIT optimisation
https://notcve.org/view.php?id=CVE-2015-4700
07 Jul 2015 — The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler. Vulnerabilidad en la función bpf_int_jit_compile en arch/x86/net/bpf_jit_comp.c en el kernel de Linux en versiones anteriores a 4.0.6, permite a usuarios locales causar una denegación de servicio (caída del sistema) mediante la cre... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3f7352bf21f8fd7ba3e2fcef9488756f188e12be • CWE-17: DEPRECATED: Code CWE-665: Improper Initialization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1573 – kernel: panic while flushing nftables rules that reference deleted chains.
https://notcve.org/view.php?id=CVE-2015-1573
23 Jun 2015 — The nft_flush_table function in net/netfilter/nf_tables_api.c in the Linux kernel before 3.18.5 mishandles the interaction between cross-chain jumps and ruleset flushes, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability. La función nft_flush_table en net/netfilter/nf_tables_api.c en el kernel de Linux en versiones anteriores a 3.18.5 no maneja adecuadamente la interacción entre saltos cross-chain y borrado de conjuntos de reglas, lo que permite a usuari... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a2f18db0c68fec96631c10cad9384c196e9008ac • CWE-19: Data Processing Errors CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 10CVE-2015-1328 – Linux Kernel (Ubuntu / Fedora / RedHat) - 'Overlayfs' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-1328
15 Jun 2015 — The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace. La implementación de overlayfs en el paquete linux (también conocido como kernel Linux) en versiones anteriores a 3.19.0-21.21 en Ubuntu hasta la versión 15.04 no compr... • https://www.exploit-db.com/exploits/40688 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-4167
https://notcve.org/view.php?id=CVE-2015-4167
10 Jun 2015 — The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem. Vulnerabilidad en la función udf_read_inode en fs/udf/inode.c en el kernel de Linux en versiones anteriores a 3.19.1, no valida determinados valores de longitud, lo que permite a usuarios locales provocar una denegación de servicio (representaci... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23b133bdc452aa441fcb9b82cbf6dd05cfd342d0 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0275 – kernel: fs: ext4: fallocate zero range page size > block size BUG()
https://notcve.org/view.php?id=CVE-2015-0275
10 Jun 2015 — The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request. La función ext4_zero_range en fs/ext4/extents.c en el kernel de Linux en versiones anteriores a 4.1 permite a usuarios locales provocar una denegación de servicio (BUG) a través de una petición de rango cero a fallocate manipulada. A flaw was found in the way the Linux kernel's ext4 file system handled the "page size > block size" ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2af21aae11972fa924374ddcf52e88347cf5a8 • CWE-17: DEPRECATED: Code •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 7CVE-2015-3636 – kernel: ping sockets: use-after-free leading to local privilege escalation
https://notcve.org/view.php?id=CVE-2015-3636
10 Jun 2015 — The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect. Vulnerabilidad en la función ping_unhash en net/ipv4/ping.c en el kernel de L... • https://github.com/fi01/CVE-2015-3636 • CWE-416: Use After Free •
CVSS: 7.2EPSS: 0%CPEs: 13EXPL: 1CVE-2015-4036
https://notcve.org/view.php?id=CVE-2015-4036
10 Jun 2015 — Array index error in the tcm_vhost_make_tpg function in drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted VHOST_SCSI_SET_ENDPOINT ioctl call. NOTE: the affected function was renamed to vhost_scsi_make_tpg before the vulnerability was announced. Vulnerabilidad de error de índice de Array en la función tcm_vhost_make_tpg en drivers/vhost/scsi.c en el kernel de Linux en versione... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=59c816c1f24df0204e01851431d3bab3eb76719c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •