CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-1420
https://notcve.org/view.php?id=CVE-2015-1420
26 Feb 2015 — Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function. Condición de carrera en la función handle_to_path en fs/fhandle.c en el Kernel de Linux a través de 3.19.1 permite a usuarios locales evadir las restricciones del tamaño y lanzar operaciones de lectura en ubic... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 10.0EPSS: 3%CPEs: 12EXPL: 0CVE-2015-1421 – kernel: net: slab corruption from use after free on INIT collisions
https://notcve.org/view.php?id=CVE-2015-1421
26 Feb 2015 — Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data. Vulnerabilidad de uso después de liberación en la función sctp_assoc_update en net/sctp/associola.c en el Kernel de Linux anterior a 3.18.8 permite a atacantes remotos causar una deneg... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=600ddd6825543962fb807884169e57b580dba208 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2014-9683 – kernel: buffer overflow in eCryptfs
https://notcve.org/view.php?id=CVE-2014-9683
26 Feb 2015 — Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted filename. Error de superación de límite (off-by-one) en la función ecryptfs_decode_from_filename en fs/ecryptfs/crypto.c en el subsistema eCryptfs en el kernel de Linux anterior a 3.18.2 permite a usuarios locales causar una denegación de s... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=942080643bce061c3dd9d5718d3b745dcb39a8bc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2013-7421 – kernel: crypto api unprivileged arbitrary module load via request_module()
https://notcve.org/view.php?id=CVE-2013-7421
26 Feb 2015 — The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644. La API Crypto en el kernel de Linux anterior a 3.18.5 permite a usuarios locales cargar módulos del kernel arbitrarios a través de una llamada al sistema de enlaces para un socket AF_ALG con un nombre de módulo en el campo salg_name, una vulnerabilidad diferente a CVE-2014-9644... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5d26a105b5a73e5635eae0629b42fa0a90e07b7b • CWE-269: Improper Privilege Management CWE-749: Exposed Dangerous Method or Function •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2014-9644 – kernel: crypto api unprivileged arbitrary module load via request_module()
https://notcve.org/view.php?id=CVE-2014-9644
26 Feb 2015 — The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes) expression, a different vulnerability than CVE-2013-7421. La API Crypto en el kernel de Linux anterior a 3.18.5 permite a usuarios locales cargar módulos del kernel arbitrarios a través de una llamada al sistema de enlaces para un socket AF_ALG con una expresión... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4943ba16bbc2db05115707b3ff7b4874e9e3c560 • CWE-269: Improper Privilege Management CWE-749: Exposed Dangerous Method or Function •
CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0CVE-2014-8160 – kernel: iptables restriction bypass if a protocol handler kernel module not loaded
https://notcve.org/view.php?id=CVE-2014-8160
26 Feb 2015 — net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers. net/netfilter/nf_conntrack_proto_generic.c en el kernel de Linux anterior a 3.18 genera entradas conntrack incorrectas durante el manejo de ciertos juegos de reglas iptables para los protocolos... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=db29a9508a9246e77087c5531e45b2c88ec6988b • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 11EXPL: 1CVE-2015-0239 – kernel: kvm: insufficient sysenter emulation when invoked from 16-bit code
https://notcve.org/view.php?id=CVE-2015-0239
26 Feb 2015 — The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction. La función em_sysenter en arch/x86/kvm/emulate.c en el kernel de Linux anterior a 3.18.5, cuando al sistema operativo invitado le falta la inicialización SYSENTER MSR, permite a usuarios del si... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f3747379accba8e95d70cec0eae0582c8c182050 • CWE-269: Improper Privilege Management CWE-391: Unchecked Error Condition •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 2CVE-2015-1593 – kernel: Linux stack ASLR implementation Integer overflow
https://notcve.org/view.php?id=CVE-2015-1593
16 Feb 2015 — The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c. La característica de aleatoriedad de la pila en el Kernel de Linux anterior a 3.19.1 en plataformas... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e7c22d447bb6d7e37bfe39ff658486ae78e8d77 • CWE-190: Integer Overflow or Wraparound CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 1CVE-2014-5332
https://notcve.org/view.php?id=CVE-2014-5332
06 Feb 2015 — Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by using a race condition to escape the Chrome sandbox. Condición de carrera en NVMap en NVIDIA Tegra Linux Kernel 3.10 permite a usuarios locales obtener privilegios a través de una llamada IOCTL NVMAP_IOC_CREATE manipulada, lo que desencadena un error de uso después de liberación de memoria, según lo demostrado med... • http://googleprojectzero.blogspot.com/2015/01/exploiting-nvmap-to-escape-chrome.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2014-7822 – Linux Kernel 3.13/3.14 (Ubuntu) - 'splice()' System Call Local Denial of Service
https://notcve.org/view.php?id=CVE-2014-7822
29 Jan 2015 — The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted splice system call, as demonstrated by use of a file descriptor associated with an ext4 filesystem. La implementación de ciertas operaciones de archivo splice_write en el kernel de Linux anterior a 3.16 no fuerza una restricció... • https://www.exploit-db.com/exploits/36743 • CWE-264: Permissions, Privileges, and Access Controls •