CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2016-4470 – kernel: Uninitialized variable in request_key handling causes kernel crash in error handling path
https://notcve.org/view.php?id=CVE-2016-4470
27 Jun 2016 — The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command. La función key_reject_and_link en security/keys/key.c en el kernel de Linux hasta la versión 4.6.3 no asegura que cierta estructura de datos esté inicializada, lo que permite a usuarios locales provocar una denegación de servicio (caí... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a • CWE-253: Incorrect Check of Function Return Value •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2066
https://notcve.org/view.php?id=CVE-2016-2066
13 Jun 2016 — Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application that makes an ioctl call. Error de entero sin signo en el controlador de audio MSM QDSP6 para el kernel de Linux 3.x, según se utiliza en contribuciones Android Qualcomm Innovation Center (QuIC) para dispositivos MSM ... • http://source.android.com/security/bulletin/2016-06-01.html • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2061
https://notcve.org/view.php?id=CVE-2016-2061
13 Jun 2016 — Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (array overflow and memory corruption) via a crafted application that triggers an msm_isp_axi_create_stream call. Error de entero sin signo en el controlador de video MSM V4L2 para el kernel de Linux 3.x, según se utiliza en contribuciones Android Qualcomm Innovat... • http://source.android.com/security/bulletin/2016-06-01.html • CWE-269: Improper Privilege Management •
CVSS: 8.1EPSS: 0%CPEs: 22EXPL: 1CVE-2016-1583 – Linux Kernel - 'ecryptfs' '/proc/$pid/environ' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-1583
10 Jun 2016 — The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. La función ecryptfs_privileged_open en fs/ecryptfs/kthread.c en el kernel de Linux en versiones anteriores a 4.6.3 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (consumo de memoria... • https://www.exploit-db.com/exploits/39992 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2016-4581 – kernel: Slave being first propagated copy causes oops in propagate_mnt
https://notcve.org/view.php?id=CVE-2016-4581
23 May 2016 — fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series of mount system calls. fs/pnode.c en el kernel de Linux en versiones anteriores a 4.5.4 no cruza adecuadamente la propagación del montaje de árbol en un determinado caso implicando un montaje esclavo, lo que permite a usuarios locales provocar una denegación de ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5ec0811d30378ae104f250bfc9b3640242d81e3f • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4568
https://notcve.org/view.php?id=CVE-2016-4568
23 May 2016 — drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a crafted number of planes in a VIDIOC_DQBUF ioctl call. drivers/media/v4l2-core/videobuf2-v4l2.c en el kernel de Linux en versiones anteriores a 4.5.3 permite a usuarios locales provocar una denegación de servicio (operación de escritura en la memoria del kernel) o posiblemente tener otro impacto no especifica... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c1f6951a8a82e6de0d82b1158b5e493fc6c54ab • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 1CVE-2016-4558 – Linux Kernel (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps
https://notcve.org/view.php?id=CVE-2016-4558
23 May 2016 — The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted application on (1) a system with more than 32 Gb of memory, related to the program reference count or (2) a 1 Tb system, related to the map reference count. El subsistema BPF en el kernel de Linux en versiones anteriores a 4.5.5 no maneja correctamente las cuentas de referencia, lo que permite a usuarios... • https://www.exploit-db.com/exploits/39773 •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2016-4569 – kernel: Information leak in Linux sound module in timer.c
https://notcve.org/view.php?id=CVE-2016-4569
23 May 2016 — The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface. La función snd_timer_user_params en sound/core/timer.c en el kernel de Linux hasta la versión 4.6 no inicializa una estructura de datos determinada, lo que permite a usuarios locales obtener información sensible del kernel de memoria de pila a través... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cec8f96e49d9be372fdb0c3836dcf31ec71e457e • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2016-4565 – kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko
https://notcve.org/view.php?id=CVE-2016-4565
23 May 2016 — The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface. La memoria de pila InfiniBand (también conocida como IB) en el kernel de Linux en versiones anteriores a 4.5.3 confía incorrectamente en llamadas al sistema de escritura, lo que permite a usuarios locales provocar una denegación de servicio (operación de... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 2CVE-2016-4794 – kernel: Use after free in array_map_alloc
https://notcve.org/view.php?id=CVE-2016-4794
23 May 2016 — Use-after-free vulnerability in mm/percpu.c in the Linux kernel through 4.6 allows local users to cause a denial of service (BUG) or possibly have unspecified other impact via crafted use of the mmap and bpf system calls. Vulnerabilidad de uso después de liberación de memoria en el kernel de Linux hasta la versión 4.6 permite a usuarios locales provocar una denegación de servicio (BUG) o posiblemente tener otro impacto no especificado a través del uso manipulado de llamadas de sistema mmap y bpf. Use after ... • http://rhn.redhat.com/errata/RHSA-2016-2574.html • CWE-416: Use After Free •