CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-15852
https://notcve.org/view.php?id=CVE-2020-15852
20 Jul 2020 — An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154. Se detectó un problema en el kernel de Linux versiones 5.5 hasta 5.7.9, como es usado en Xen versiones hasta 4.13.x para invitados PV x86. Un atacante puede otorgar los permi... • http://www.openwall.com/lists/oss-security/2020/07/21/2 • CWE-276: Incorrect Default Permissions •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 1CVE-2020-15780 – kernel: lockdown: bypass through ACPI write via acpi_configfs
https://notcve.org/view.php?id=CVE-2020-15780
15 Jul 2020 — An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30. Se detectó un problema en el archivo drivers/acpi/acpi_configfs.c en el kernel de Linux versiones anteriores a 5.7.7. Una inyección de tablas ACPI maliciosas por medio de configfs podría ser usada por atacantes para omitir el bloqueo y asegurar las restricciones de arranque, ... • https://github.com/Annavid/CVE-2020-15780-exploit • CWE-284: Improper Access Control CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-15393
https://notcve.org/view.php?id=CVE-2020-15393
29 Jun 2020 — In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. En el kernel de Linux versión 4.4 hasta la versión 5.7.6, la función usbtest_disconnect en el archivo drivers/usb/misc/usbtest.c presenta una pérdida de memoria, también se conoce como CID-28ebeb8db770 • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00071.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 2CVE-2020-10757 – kernel: kernel: DAX hugepages not considered during mremap
https://notcve.org/view.php?id=CVE-2020-10757
09 Jun 2020 — A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. Se encontró un fallo en el kernel de Linux en las versiones posteriores a 4.5-rc1, en la manera en que mremap manejó DAX Huge Pages. Este fallo permite a un atacante local con acceso a un almacenamiento habilitado para DAX escalar sus privilegios en el sistema A flaw was found in the way mre... • https://github.com/ShaikUsaf/linux-4.19.72_CVE-2020-10757 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 1CVE-2020-13974 – kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c
https://notcve.org/view.php?id=CVE-2020-13974
09 Jun 2020 — An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case. Se detectó un problema en el kernel de Linux versión 4.4 hasta la versión 5.7.1. En el archivo drivers/tty/vt/keyboard.c presenta un desbordamiento de enteros si se llama a la función k_ascii varias veces seguidas, tambié... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.9EPSS: 0%CPEs: 20EXPL: 0CVE-2020-10711 – Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic
https://notcve.org/view.php?id=CVE-2020-10711
12 May 2020 — A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NU... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 1CVE-2019-19448
https://notcve.org/view.php?id=CVE-2019-19448
08 Dec 2019 — In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure. En el kernel de Linux versiones 5.0.21 y 5.3.11, montando una imagen de sistema de archivos btrfs diseñada, al realizar algunas operaciones y luego haciendo una llamada de sistem... • https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19448 • CWE-416: Use After Free •
CVSS: 7.2EPSS: 0%CPEs: 15EXPL: 0CVE-2014-0069 – kernel: cifs: incorrect handling of bogus user pointers during uncached writes
https://notcve.org/view.php?id=CVE-2014-0069
28 Feb 2014 — The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer. La función cifs_iovec_write en fs/cifs/file.c en el kernel de Linux hasta 3.13.5 no maneja debidamente opera... • http://article.gmane.org/gmane.linux.kernel.cifs/9401 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2001-0886
https://notcve.org/view.php?id=CVE-2001-0886
21 Dec 2001 — Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. Desbordamiento de buffer en la función glob de glibc para Red Hat Linux 6.2 a 7.2, y otros sistemas operativos, permite a atacantes causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrarios mediante un patrón de glob que acaba en una llave "{" • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000447 •
CVSS: 8.1EPSS: 1%CPEs: 1EXPL: 0CVE-1999-1346
https://notcve.org/view.php?id=CVE-1999-1346
07 Oct 1999 — PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file. • http://marc.info/?l=bugtraq&m=93942774609925&w=2 •