CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2014-9644 – kernel: crypto api unprivileged arbitrary module load via request_module()
https://notcve.org/view.php?id=CVE-2014-9644
26 Feb 2015 — The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes) expression, a different vulnerability than CVE-2013-7421. La API Crypto en el kernel de Linux anterior a 3.18.5 permite a usuarios locales cargar módulos del kernel arbitrarios a través de una llamada al sistema de enlaces para un socket AF_ALG con una expresión... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4943ba16bbc2db05115707b3ff7b4874e9e3c560 • CWE-269: Improper Privilege Management CWE-749: Exposed Dangerous Method or Function •
CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0CVE-2014-8160 – kernel: iptables restriction bypass if a protocol handler kernel module not loaded
https://notcve.org/view.php?id=CVE-2014-8160
26 Feb 2015 — net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers. net/netfilter/nf_conntrack_proto_generic.c en el kernel de Linux anterior a 3.18 genera entradas conntrack incorrectas durante el manejo de ciertos juegos de reglas iptables para los protocolos... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=db29a9508a9246e77087c5531e45b2c88ec6988b • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 11EXPL: 1CVE-2015-0239 – kernel: kvm: insufficient sysenter emulation when invoked from 16-bit code
https://notcve.org/view.php?id=CVE-2015-0239
26 Feb 2015 — The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction. La función em_sysenter en arch/x86/kvm/emulate.c en el kernel de Linux anterior a 3.18.5, cuando al sistema operativo invitado le falta la inicialización SYSENTER MSR, permite a usuarios del si... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f3747379accba8e95d70cec0eae0582c8c182050 • CWE-269: Improper Privilege Management CWE-391: Unchecked Error Condition •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 2CVE-2015-1593 – kernel: Linux stack ASLR implementation Integer overflow
https://notcve.org/view.php?id=CVE-2015-1593
16 Feb 2015 — The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c. La característica de aleatoriedad de la pila en el Kernel de Linux anterior a 3.19.1 en plataformas... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e7c22d447bb6d7e37bfe39ff658486ae78e8d77 • CWE-190: Integer Overflow or Wraparound CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 1CVE-2014-5332
https://notcve.org/view.php?id=CVE-2014-5332
06 Feb 2015 — Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by using a race condition to escape the Chrome sandbox. Condición de carrera en NVMap en NVIDIA Tegra Linux Kernel 3.10 permite a usuarios locales obtener privilegios a través de una llamada IOCTL NVMAP_IOC_CREATE manipulada, lo que desencadena un error de uso después de liberación de memoria, según lo demostrado med... • http://googleprojectzero.blogspot.com/2015/01/exploiting-nvmap-to-escape-chrome.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2014-7822 – Linux Kernel 3.13/3.14 (Ubuntu) - 'splice()' System Call Local Denial of Service
https://notcve.org/view.php?id=CVE-2014-7822
29 Jan 2015 — The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted splice system call, as demonstrated by use of a file descriptor associated with an ext4 filesystem. La implementación de ciertas operaciones de archivo splice_write en el kernel de Linux anterior a 3.16 no fuerza una restricció... • https://www.exploit-db.com/exploits/36743 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 39EXPL: 0CVE-2014-9529 – kernel: use-after-free during key garbage collection
https://notcve.org/view.php?id=CVE-2014-9529
09 Jan 2015 — Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key. Condición de carrera en la función key_gc_unused_keys en security/keys/gc.c en el kernel de Linux hasta 3.18.2 permite a usuarios locales causar una denegación de servicio (corrupción ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a3a8784454692dd72e5d5d34dcdab17b4420e74c • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 41EXPL: 0CVE-2014-9584 – kernel: isofs: unchecked printing of ER records
https://notcve.org/view.php?id=CVE-2014-9584
09 Jan 2015 — The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image. La función parse_rock_ridge_inode_internal en fs/isofs/rock.c en el kernel de Linux anterior a 3.18.2 no valida un valor de longitud en el campo Extensions Reference (ER) System Use, lo que permite a usuarios locales obtener ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e2024624e678f0ebb916e6192bd23c1f9fdf696 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 39EXPL: 1CVE-2014-9585 – kernel: ASLR bruteforce possible for vdso library
https://notcve.org/view.php?id=CVE-2014-9585
09 Jan 2015 — The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD. La función vdso_addr en arch/x86/vdso/vma.c en el kernel de Linux hasta 3.18.2 no elige correctamente localizaciones de memoria para la área vDSO, lo que facilita a usuarios locales evadir el mecanismo de protección ASLR mediante la adivinación de ... • http://git.kernel.org/?p=linux/kernel/git/luto/linux.git%3Ba=commit%3Bh=bc3b94c31d65e761ddfe150d02932c65971b74e2 •
CVSS: 7.8EPSS: 8%CPEs: 3EXPL: 0CVE-2014-9428
https://notcve.org/view.php?id=CVE-2014-9428
02 Jan 2015 — The batadv_frag_merge_packets function in net/batman-adv/fragmentation.c in the B.A.T.M.A.N. implementation in the Linux kernel through 3.18.1 uses an incorrect length field during a calculation of an amount of memory, which allows remote attackers to cause a denial of service (mesh-node system crash) via fragmented packets. La función batadv_frag_merge_packets en net/batman-adv/fragmentation.c en la implementación B.A.T.M.A.N. en el kernel de Linux hasta 3.18.1 utiliza un campo de longitud incorrecto duran... • http://bugs.debian.org/774155 • CWE-399: Resource Management Errors •