Page 362 of 2588 results (0.016 seconds)

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2018-12233

https://notcve.org/view.php?id=CVE-2018-12233

In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr. En la función ea_get en fs/jfs/xattr.c en el kernel de Linux hasta la versión 4.17.1, un error de corrupción de memoria en JFS puede desencadenarse mediante una llamada a setxattr dos veces con dos nombres de atributo extendidos diferentes en el mismo archivo. Esta vulnerabilidad puede ser desencadenada por un usuario no privilegiado con la capacidad de crear archivos y ejecutar programas. • http://www.securityfocus.com/bid/104452 https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html https://lkml.org/lkml/2018/6/2/2 https://marc.info/?l=linux-kernel&m=152814391530549&w=2 https://usn.ubuntu.com/3752-1 https://usn.ubuntu.com/3752-2 https://usn.ubuntu.com/3752-3 https://usn.ubuntu.com/3753-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 2

CVE-2018-11508 – Linux Kernel 4.13 - 'compat_get_timex()' Leak Kernel Pointer

https://notcve.org/view.php?id=CVE-2018-11508

The compat_get_timex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via adjtimex. Se ha descubierto un problema en Moodle 3.x. Al sustituir URL en los portfolios, los usuarios pueden instanciar cualquier clase. Esto también puede ser explotado por usuarios que hayan iniciado sesión como invitados para lanzar un ataque DDoS. Linux kernel version 4.13 suffers from a compat_get_timex() kernel pointer leak vulnerability. • https://www.exploit-db.com/exploits/46208 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a0b98734479aa5b3c671d5190e86273372cab95 http://www.securityfocus.com/bid/104292 https://bugs.chromium.org/p/project-zero/issues/detail?id=1574 https://github.com/torvalds/linux/commit/0a0b98734479aa5b3c671d5190e86273372cab95 https://usn.ubuntu.com/3695-1 https://usn.ubuntu.com/3695-2 https://usn.ubuntu.com/3697-1 https://usn.ubuntu.com/3697-2 https://www.kernel.org • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 2

CVE-2018-1120 – Procps-ng - Multiple Vulnerabilities

https://notcve.org/view.php?id=CVE-2018-1120

A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc/<pid>/cmdline (or /proc/<pid>/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks). Se ha encontrado un error que afecta al kernel de Linux en versiones anteriores a la 4.17. Al realizar un mmap() sobre un archivo copiado con FUSE en la memoria de un proceso que contiene argumentos de línea de comandos (o cadenas de entorno), un atacante puede hacer que las utilidades de psutils o procps (como ps o w) o cualquier otro programa que realiza una llamada read() a los archivos /proc//cmdline (o /proc//environ) se bloqueen indefinidamente (denegación de servicio) o durante un tiempo determinado (como primitiva de sincronización para otros ataques). By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc/<pid>/cmdline (or /proc/<pid>/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks). • https://www.exploit-db.com/exploits/44806 http://seclists.org/oss-sec/2018/q2/122 http://www.securityfocus.com/bid/104229 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1120 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7f7ccc2ccc2e70c6054685f5e3522efa81556830 https://lists.debian.org/debian-lt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18270 – kernel: improper keyrings creation

https://notcve.org/view.php?id=CVE-2017-18270

In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service. En el kernel de Linux, en versiones anteriores a la 4.13.5, un usuario local podría crear keyrings para otros usuarios mediante comandos keyctl, estableciendo configuraciones por defecto no deseadas o provocando una denegación de servicio (DoS). A flaw was found in the Linux kernel in the way a local user could create keyrings for other users via keyctl commands. This may allow an attacker to set unwanted defaults, a denial of service, or possibly leak keyring information between users. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=237bbd29f7a049d310d907f4b2716a7feef9abf3 http://www.securityfocus.com/bid/104254 https://bugzilla.redhat.com/show_bug.cgi?id=1580979 https://bugzilla.redhat.com/show_bug.cgi?id=1856774#c11 https://bugzilla.redhat.com/show_bug.cgi?id=1856774#c9 https://github.com/torvalds/linux/commit/237bbd29f7a049d310d907f4b2716a7feef9abf3 https://support.f5.com/csp/article/K37301725 https://usn.ubuntu.com/3754-1 https://www.kernel.org • CWE-287: Improper Authentication •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-11232

https://notcve.org/view.php?id=CVE-2018-11232

The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable. La función etm_setup_aux function en drivers/hwtracing/coresight/coresight-etm-perf.c en el kernel de Linux en versiones anteriores a la 4.10.2 permite que los atacantes provoquen una denegación de servicio (pánico) debido a que un parámetro se emplea de forma incorrecta como variable local. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f09444639099584bc4784dfcd85ada67c6f33e0f https://github.com/torvalds/linux/commit/f09444639099584bc4784dfcd85ada67c6f33e0f https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.2 • CWE-20: Improper Input Validation •