CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 14CVE-2016-0728 – Linux Kernel 4.4.1 - REFCOUNT Overflow Use-After-Free in Keyrings Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-0728
19 Jan 2016 — The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. La función join_session_keyring en security/keys/process_keys.c en el kernel de Linux en versiones anteriores a 4.4.1 no maneja correctamente referencias a objetos en un cierto caso de error, lo que permite a usuarios l... • https://packetstorm.news/files/id/135330 • CWE-416: Use After Free •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8575 – Ubuntu Security Notice USN-2907-1
https://notcve.org/view.php?id=CVE-2015-8575
05 Jan 2016 — The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application. La función sco_sock_bind en net/bluetooth/sco.c en el kernel de Linux en versiones anteriores a 4.3.4 no verifica la longitud de una dirección, lo que permite a usuarios locales obtener información sensible de la memoria del kernel y eludir el mecan... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7550 – Ubuntu Security Notice USN-2911-2
https://notcve.org/view.php?id=CVE-2015-7550
05 Jan 2016 — The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls. La función keyctl_read_key en security/keys/keyctl.c en el kernel de Linux en versiones anteriores a 4.3.4 no utiliza adecuadamente un semáforo, l... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b4a1b4f5047e4f54e194681125c74c0aa64d637d • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8709 – Debian Security Advisory 3434-1
https://notcve.org/view.php?id=CVE-2015-8709
05 Jan 2016 — kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here. ** DISPUTADA ** kernel/ptrace.c en el kernel de Linux hasta la versión 4.4.1 no maneja correctamente el mapeo uid y gid, lo que permite a usuarios locales obtener privilegios estab... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 0CVE-2015-7513 – Ubuntu Security Notice USN-2889-2
https://notcve.org/view.php?id=CVE-2015-7513
05 Jan 2016 — arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions. arch/x86/kvm/x86.c en el kernel de Linux en versiones anteriores a 4.4 no reinicia los valores del contador PIT durante la restauración del estado, lo que permite a usuarios invitados del SO provocar una deneg... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0185604c2d82c560dab2f2933a18f797e74ab5a8 • CWE-369: Divide By Zero •
CVSS: 2.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8569 – Ubuntu Security Notice USN-2907-1
https://notcve.org/view.php?id=CVE-2015-8569
28 Dec 2015 — The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application. Las funciones (1) pptp_bind y (2) pptp_connect en drivers/net/ppp/pptp.c en el kernel de Linux hasta la versión 4.3.3 no verifican la longitud de una dirección, lo que permite a usuarios locales obtener información sensible d... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 8CVE-2015-8660 – Linux Kernel (Ubuntu / Fedora / RedHat) - 'Overlayfs' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-8660
28 Dec 2015 — The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application. La función ovl_setattr en fs/overlayfs/inode.c en el kernel de Linux hasta la versión 4.3.3 trata de fusionar distintas operaciones setattr, lo que permite a usuarios locales eludir las restricciones destinadas al acceso y modificar los a... • https://packetstorm.news/files/id/135151 • CWE-264: Permissions, Privileges, and Access Controls CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.0EPSS: 0%CPEs: 15EXPL: 0CVE-2015-8551 – Ubuntu Security Notice USN-2846-1
https://notcve.org/view.php?id=CVE-2015-8551
20 Dec 2015 — The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks." El controlador backend PCI en Xen, cuando se ejecuta en un sistema x86 y... • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.0EPSS: 0%CPEs: 9EXPL: 1CVE-2015-8543 – kernel: IPv6 connect causes DoS via NULL pointer dereference
https://notcve.org/view.php?id=CVE-2015-8543
18 Dec 2015 — The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application. La implementación de redes en el kernel de Linux hasta la versión 4.3.3, tal como se utiliza en Android y otros productos, n... • https://github.com/bittorrent3389/CVE-2015-8543_for_SLE12SP1 • CWE-476: NULL Pointer Dereference •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 4CVE-2013-7446 – Ubuntu Security Notice USN-2889-2
https://notcve.org/view.php?id=CVE-2013-7446
18 Dec 2015 — Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. Vulnerabilidad de uso después de la liberación de la memoria en net/unix/af_unix.c en el kernel de Linux en versiones anteriores a 4.3.3 permite a usuarios locales eludir los permisos destinados al socket AF_UNIX o provocar una denegación de servicio (panic) a través de llamadas epoll_ctl manipul... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7d267278a9ece963d77eefec61630223fce08c6c •