CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0CVE-2018-16871 – kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence
https://notcve.org/view.php?id=CVE-2018-16871
A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost. Se detectó un fallo en la implementación de NFS del kernel de Linux, todas las versiones 3.x y todas las versiones 4.x hasta 4.20. • https://access.redhat.com/errata/RHSA-2019:2696 https://access.redhat.com/errata/RHSA-2019:2730 https://access.redhat.com/errata/RHSA-2020:0740 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16871 https://security.netapp.com/advisory/ntap-20211004-0002 https://support.f5.com/csp/article/K18657134 https://support.f5.com/csp/article/K18657134?utm_source=f5support&%3Butm_medium=RSS https://access.redhat.com/security/cve/CVE-2018-16871 https://bugzilla.redhat.com/show_b • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-5327
https://notcve.org/view.php?id=CVE-2011-5327
In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption. En el kernel de Linux anterior a versión 3.1, un problema por un paso en el archivo drivers/target/loopback/tcm_loop.c en la función tcm_loop_make_naa_tpg() podría causar, como mínimo, una corrupción de memoria. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=12f09ccb4612734a53e47ed5302e0479c10a50f8 https://github.com/torvalds/linux/commit/12f09ccb4612734a53e47ed5302e0479c10a50f8 https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 https://support.f5.com/csp/article/K42315210 https://support.f5.com/csp/article/K42315210?utm_source=f5support&%3Butm_medium=RSS • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-6712
https://notcve.org/view.php?id=CVE-2012-6712
In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption. En el kernel de Linux anterior a versión 3.4, ocurre un desbordamiento de búfer en el archivo drivers/net/wireless/iwlwifi/iwl-agn-sta.c, que causará al menos una corrupción de memoria. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2da424b0773cea3db47e1e81db71eeebde8269d4 https://github.com/torvalds/linux/commit/2da424b0773cea3db47e1e81db71eeebde8269d4 https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9289 – kernel: out of bound read in DVB connexant driver.
https://notcve.org/view.php?id=CVE-2015-9289
In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23. En el kernel de Linux anterior a versión 4.1.4, ocurre un desbordamiento de búfer cuando se comprueban los parámetros username en el archivo drivers/media/dvb-frontends/cx24116.c. El tamaño máximo para un comando DiSEqC es 6, según la API de username. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fa2337a315a2448c5434f41e00d56b01a22283c https://github.com/torvalds/linux/commit/1fa2337a315a2448c5434f41e00d56b01a22283c https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4 https://access.redhat.com/security/cve/CVE-2015-9289 https://bugzilla.redhat.com/show_bug.cgi?id=1735655 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14284
https://notcve.org/view.php?id=CVE-2019-14284
In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00055.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00056.html http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3 https& • CWE-369: Divide By Zero •