Page 347 of 2942 results (0.018 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used. En fs/ocfs2/cluster/nodemanager.c en el kernel de Linux, en versiones anteriores a la 4.15, los usuarios locales pueden provocar una denegación de servicio (desreferencia de puntero NULL y error) debido a que no se emplea un mutex requerido. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=853bc26a7ea39e354b9f8889ae7ad1492ffa28d2 http://www.securityfocus.com/bid/103278 https://github.com/torvalds/linux/commit/853bc26a7ea39e354b9f8889ae7ad1492ffa28d2 https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html https://usn.ubuntu.com/3776-1 https://usn.ubuntu.com/3776-2 https://usn.ubuntu.com/3798-1 https://usn.ubuntu.com/3798-2 https://www.debian.org/security/2018/dsa-4187 https://www.d • CWE-476: NULL Pointer Dereference •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c. El subsistema netfilter en el kernel de Linux, hasta la versión 4.15.7, gestiona de manera incorrecta el caso de una regla blob que contiene un salto pero carece de una cadena definida por el usuario. Esto permite que usuarios locales provoquen una denegación de servicio (DoS) aprovechando las capacidades CAP_NET_RAW o CAP_NET_ADMIN, relacionadas con arpt_do_table en net/ipv4/netfilter/arp_tables.c, ipt_do_table en net/ipv4/netfilter/ip_tables.c y ip6t_do_table en net/ipv6/netfilter/ip6_tables.c. A flaw was found in the netfilter/iptables subsystem. A user with the netfilter modification capabilities could insert a rule which could panic the system. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57ebd808a97d7c5b1e1afb937c2db22beba3c1f8 http://lists.openwall.net/netdev/2018/01/27/46 http://patchwork.ozlabs.org/patch/870355 http://www.securitytracker.com/id/1040446 https://access.redhat.com/errata/RHSA-2018:2948 https://bugzilla.redhat.com/show_bug.cgi?id=1547824 https://github.com/torvalds/linux/commit/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8 https://usn.ubuntu.com/3654-1 https://usn.ubuntu.com/3654-2 https: • CWE-476: NULL Pointer Dereference •

CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery. El kernel de Linux, en versiones anteriores a la 4.11, es vulnerable a una desreferencia de puntero NULL en fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() que permite que un atacante que controla un servidor CIFS provoque un pánico en un cliente con el servidor montado, debido a que un campo TargetInfo en una respuesta de negociación de instalación NTLMSSP se gestiona de manera incorrecta durante la recuperación de sesión. A flaw was found in the Linux kernel's client-side implementation of the cifs protocol. This flaw allows an attacker controlling the server to kernel panic a client which has the CIFS server mounted. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cabfb3680f78981d26c078a26e5c748531257ebb http://www.securityfocus.com/bid/103378 https://bugzilla.redhat.com/show_bug.cgi?id=1539599 https://github.com/torvalds/linux/commit/cabfb3680f78981d26c078a26e5c748531257ebb https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html https://patchwork.kernel.org/patch/10187633 https://usn.ubuntu.com/3880-1 https:&#x • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash. En el kernel de Linux en versiones anteriores a la 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51 y 3.2.102, un error en la función "_sctp_make_chunk()" (net/sctp/sm_make_chunk.c) al gestionar el tamaño de paquetes SCTP puede explotarse para provocar un cierre inesperado del kernel. An error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP, packet length can be exploited by a malicious local user to cause a kernel crash and a DoS. • https://access.redhat.com/errata/RHSA-2018:1854 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2019:0641 https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.102 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.51 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25 https://cdn.kernel.org/p • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping. La función madvise_willneed en mm/madvise.c en el kernel de Linux, en versiones anteriores a la 4.14.4, permite que usuarios locales provoquen una denegación de servicio (bucle infinito) desencadenando el uso de MADVISE_WILLNEED para un mapeo DAX. The madvise_willneed function in the Linux kernel allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2019:3967 https://access.redhat.com/errata/RHSA-2019:4057 https://access.redhat.com/errata/RHSA-2019:4058 https://github.com/torvalds/linux/commit/6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91 https://usn.u • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •