Page 339 of 2853 results (0.017 seconds)

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1

CVE-2018-13094 – kernel: NULL pointer dereference in xfs_da_shrink_inode function

https://notcve.org/view.php?id=CVE-2018-13094

An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp. Se ha descubierto un problema en fs/xfs/libxfs/xfs_attr_leaf.c en el kernel de Linux hasta la versión 4.17.3. Puede ocurrir un OOPS para una imagen xfs corrupta después de que se llame a xfs_da_shrink_inode() con un bp NULL. An issue was discovered in the XFS filesystem in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel. • https://access.redhat.com/errata/RHSA-2019:0831 https://access.redhat.com/errata/RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2043 https://bugzilla.kernel.org/show_bug.cgi?id=199969 https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=bb3d48dcf86a97dc25fe9fc2c11938e19cb4399a https://github.com/torvalds/linux/commit/bb3d48dcf86a97dc25fe9fc2c11938e19cb4399a https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://usn.ubuntu.com/3752-1 https • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-13097

https://notcve.org/view.php?id=CVE-2018-13097

An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3. There is an out-of-bounds read or a divide-by-zero error for an incorrect user_block_count in a corrupted f2fs image, leading to a denial of service (BUG). Se ha descubierto un problema en fs/f2fs/super.c en el kernel de Linux hasta la versión 4.17.3. Existe una error de lectura fuera de límites o de división entre cero para un user_block_count incorrecto en una imagen f2fs corrupta, conduciendo a una denegación de servicio (BUG). • http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00033.html http://packetstormsecurity.com/files/151420/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://bugzilla.kernel.org/show_bug.cgi?id=200171 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9dc956b2c8523aed39d1e6508438be9fea28c8fc https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html https://seclists.org/bugtraq/2019/Jan/52 https://usn.ubuntu.com/3932-1 https:/&#x • CWE-125: Out-of-bounds Read CWE-369: Divide By Zero •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1

CVE-2018-12896

https://notcve.org/view.php?id=CVE-2018-12896

An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls. • https://bugzilla.kernel.org/show_bug.cgi?id=200189 https://github.com/lcytxw/bug_repro/tree/master/bug_200189 https://github.com/torvalds/linux/commit/78c9c4dfbf8c04883941445a195276bb4bb92c76 https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html https://usn.ubuntu.com/3847-1 https://usn.ubuntu.com/3847-2 https://usn.ubuntu.com/3847- • CWE-190: Integer Overflow or Wraparound •

CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2018-13053 – kernel: Integer overflow in the alarm_timer_nsleep function

https://notcve.org/view.php?id=CVE-2018-13053

The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. La función alarm_timer_nsleep en kernel/time/alarmtimer.c en el kernel de Linux hasta la versión 4.17.3 tiene un desbordamiento de enteros a través de un tiempo de espera relativo grande porque no se utiliza ktime_add_safe. A flaw was found in the alarm_timer_nsleep() function in kernel/time/alarmtimer.c in the Linux kernel. The ktime_add_safe() function is not used and an integer overflow can happen causing an alarm not to fire or possibly a denial-of-service if using a large relative timeout. • http://www.securityfocus.com/bid/104671 https://access.redhat.com/errata/RHSA-2019:0831 https://access.redhat.com/errata/RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2043 https://bugzilla.kernel.org/show_bug.cgi?id=200303 https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=5f936e19cc0ef97dbe3a56e9498922ad5ba1edef https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html https • CWE-190: Integer Overflow or Wraparound •

CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 2

CVE-2018-12904 – KVM (Nested Virtualization) - L1 Guest Privilege Escalation

https://notcve.org/view.php?id=CVE-2018-12904

In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL. En arch/x86/kvm/vmx.c en el kernel de Linux en versiones anteriores a la 4.17.2, cuando se emplea la virtualización anidada, los atacantes locales podrían hacer que los invitados L1 KVM realizasen un VMEXIT, permitiendo escalados de privilegios y ataques de denegación de servicio (DoS) debido a la falta de comprobación de CPL. • https://www.exploit-db.com/exploits/44944 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=727ba748e110b4de50d142edca9d6a9b7e6111d8 https://bugs.chromium.org/p/project-zero/issues/detail?id=1589 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.2 https://github.com/torvalds/linux/commit/727ba748e110b4de50d142edca9d6a9b7e6111d8 https://usn.ubuntu.com/3752-1 https://usn.ubuntu.com/3752-2 https://usn.ubuntu.com/3752-3 •