Page 35 of 923 results (0.008 seconds)

CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0

CVE-2017-17806 – kernel: HMAC implementation does not validate that the underlying cryptographic hash algorithm is unkeyed allowing local attackers to cause denial-of-service

https://notcve.org/view.php?id=CVE-2017-17806

The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization. La implementación HMAC (crypto/hmac.c) en el kernel de Linux en versiones anteriores a la 4.14.8 no valida que el algoritmo de hash criptográfico subyacente no tenga clave, lo que permite que un atacante local capaz de utilizar la interfaz hash basada en AF_ALG (CONFIG_CRYPTO_USER_API_HASH) y el algoritmo hash basado en SHA-3 (CONFIG_CRYPTO_SHA3) provoque un desbordamiento de búfer de pila de kernel ejecutando una secuencia manipulada de llamadas al sistema para encontrar una inicialización SHA-3 ausente. The HMAC implementation (crypto/hmac.c) in the Linux kernel, before 4.14.8, does not validate that the underlying cryptographic hash algorithm is unkeyed. This allows a local attacker, able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3), to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1 http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html http://www.securityfocus. • CWE-391: Unchecked Error Condition CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0

CVE-2017-17805 – kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service

https://notcve.org/view.php?id=CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable. El algoritmo de cifrado Salsa20 en el kernel de Linux en versiones anteriores a la 4.14.8 no maneja correctamente las entradas de longitud cero, lo que permite a un atacante local capaz de utilizar la interfaz skcipher basada en AF_ALG (CONFIG_CRYPTO_USER_API_SKCIPHER) provocar una denegación de servicio (liberación de memoria no inicializada y fallo del kernel) o provocar otro impacto no especificado ejecutando una secuencia manipulada de llamadas al sistema que utilizan la API blkcipher_walk. Tanto la implementación genérica (crypto/salsa20_generic.c) como la implementación x86 (arch/x86/crypto/salsa20_glue.c) de Salsa20 eran vulnerables. The Salsa20 encryption algorithm in the Linux kernel, before 4.14.8, does not correctly handle zero-length inputs. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ecaaab5649781c5a0effdaf298a925063020500e http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html http://www.securityfocus. • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 3%CPEs: 14EXPL: 0

CVE-2016-9398

https://notcve.org/view.php?id=CVE-2016-9398

The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. La función jpc_floorlog2 en jpc_math.c en JasPer en versiones anteriores a 1.900.17 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.html http://www.openwall.com/lists/oss-security/2016/11/17/1 http://www.securityfocus.com/bid/94382 https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure https://bugzilla.redhat • CWE-617: Reachable Assertion •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2016-1602

https://notcve.org/view.php?id=CVE-2016-1602

A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig (usually root). Una inyección de código code injection en la herramienta de recogida de datos supportconfig en supportutils en SUSE Linux Enterprise Server 12 y 12-SP1 y SUSE Linux Enterprise Desktop 12 y 12-SP1 podría ser utilizada por atacantes locales para ejecutar código como el usuario que ejecuta supportconfig (usualmente root). • http://lists.suse.com/pipermail/sle-security-updates/2016-June/002096.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 5.5EPSS: 1%CPEs: 16EXPL: 0

CVE-2014-9845

https://notcve.org/view.php?id=CVE-2014-9845

The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. La función ReadDIBImage en coders/dib.c en ImageMagick permite a atacantes provocar una denegación de servicio (caída) a través de un archivo dib corrompido. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-08 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •