CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2014-7145 – Kernel: cifs: NULL pointer dereference in SMB2_tcon
https://notcve.org/view.php?id=CVE-2014-7145
28 Sep 2014 — The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals. La función SMB2_tcon en fs/cifs/smb2pdu.c en el kernel de Linux anterior a 3.16.3 permite a servidores remotos CIFS causar una denegación de servicio (referencia a puntero nulo y caída del sistema cliente) o posiblemente t... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=18f39e7be0121317550d03e267e3ebd4dbfbb3ce • CWE-399: Resource Management Errors CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 1CVE-2014-6410 – kernel: udf: Avoid infinite loop when processing indirect ICBs
https://notcve.org/view.php?id=CVE-2014-6410
28 Sep 2014 — The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UDF filesystem with a crafted inode. La función __udf_read_inode en fs/udf/inode.c en el kernel de Linux hasta 3.16.3 no restringe la cantidad de indirección ICB, lo que permite a atacantes físicamente próximos causar una denegación de servicio (bucle infinito o c... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c03aa9f6e1f938618e6db2e23afef0574efeeb65 • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 2%CPEs: 8EXPL: 3CVE-2014-6416
https://notcve.org/view.php?id=CVE-2014-6416
28 Sep 2014 — Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a long unencrypted auth ticket. Desbordamiento de buffer en net/ceph/auth_x.c en Ceph, utilizado en el kernel de Linux anterior a 3.16.3, permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y panic) o posiblemente tener otro impacto no especificado a través de ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c27a3e4d667fdcad3db7b104f75659478e0c68d8 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 3%CPEs: 5EXPL: 1CVE-2014-6417
https://notcve.org/view.php?id=CVE-2014-6417
28 Sep 2014 — net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly consider the possibility of kmalloc failure, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a long unencrypted auth ticket. net/ceph/auth_x.c en Ceph, utilizado en el kernel de Linux anterior a 3.16.3, no considera debidamente la posibilidad de fallos de kmalloc, lo que permite a atacantes remotos causar una denegación de servicio (caída del sistema... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c27a3e4d667fdcad3db7b104f75659478e0c68d8 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 4%CPEs: 8EXPL: 3CVE-2014-6418
https://notcve.org/view.php?id=CVE-2014-6418
28 Sep 2014 — net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor. net/ceph/auth_x.c en Ceph, utilizado en el kernel de Linux anterior a 3.16.3, no valida debidamente las respuestas de autor válidas, lo que permite a atacantes remotos causar una denegación de servicio (caída del sistema) o posib... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c27a3e4d667fdcad3db7b104f75659478e0c68d8 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 2CVE-2014-0205 – kernel: futex: refcount issue in case of requeue
https://notcve.org/view.php?id=CVE-2014-0205
11 Sep 2014 — The futex_wait function in kernel/futex.c in the Linux kernel before 2.6.37 does not properly maintain a certain reference count during requeue operations, which allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that triggers a zero count. La función futex_wait en kernel/futex.c en el kernel de Linux anterior a 2.6.37 no mantiene debidamente cierta cuenta de referencias durante las operaciones de rehacer colas, lo que perm... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7ada876a8703f23befbb20a7465a702ee39b1704 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVSS: 7.8EPSS: 1%CPEs: 20EXPL: 2CVE-2014-3535 – Kernel: netdevice.h: NULL pointer dereference over VxLAN
https://notcve.org/view.php?id=CVE-2014-3535
11 Sep 2014 — include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdev_printk and its related logging implementation, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) by sending invalid packets to a VxLAN interface. include/linux/netdevice.h en el kernel de Linux anterior a 2.6.36 utiliza incorrectamente los macros para netdev_printk y su implementación de registro relacionada, lo que permite a atacantes remotos causar una denegac... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=256df2f3879efdb2e9808bdb1b54b16fbb11fa38 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2014-3601 – kernel: kvm: invalid parameter passing in kvm_iommu_map_pages()
https://notcve.org/view.php?id=CVE-2014-3601
01 Sep 2014 — The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to (1) cause a denial of service (host OS memory corruption) or possibly have unspecified other impact by triggering a large gfn value or (2) cause a denial of service (host OS memory consumption) by triggering a small gfn value that leads to permanently pinned pages. La función kvm_iommu_map_pages en virt/kvm/iommu.c ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7 • CWE-189: Numeric Errors •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 1CVE-2014-5471 – kernel: isofs: unbound recursion when processing relocated directories
https://notcve.org/view.php?id=CVE-2014-5471
01 Sep 2014 — Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry. Vulnerabilidad de consumo de pila en la función parse_rock_ridge_inode_internal en fs/isofs/rock.c en el kernel de Linux hasta 3.16.1 permite a usuarios locales causar una denegació... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=410dd3cf4c9b36f27ed4542ee18b1af5e68645a4 • CWE-399: Resource Management Errors •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 1CVE-2014-5472 – kernel: isofs: unbound recursion when processing relocated directories
https://notcve.org/view.php?id=CVE-2014-5472
01 Sep 2014 — The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (unkillable mount process) via a crafted iso9660 image with a self-referential CL entry. La función parse_rock_ridge_inode_internal en fs/isofs/rock.c en el kernel de Linux hasta 3.16.1 permite a usuarios locales causar una denegación de servicio (un proceso de montaje imparable) a través de un imagen iso9660 manipulado con una entrada CL de auto referencia. It w... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=410dd3cf4c9b36f27ed4542ee18b1af5e68645a4 • CWE-20: Improper Input Validation •