CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2017-18509
https://notcve.org/view.php?id=CVE-2017-18509
An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187. • http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99253eb750fda6a644d5188fb26c43bad8d5a745 https://github.com/torvalds/linux/commit/99253eb750fda6a644d5188fb26c43bad8d5a745 https://lists.debian.org/debian-lts-announce/2019/08/msg00016.html https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html https://lists.openwall.net/netdev/2017/12/04/40 https://pulsesecurity.co.nz/ad • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-14763
https://notcve.org/view.php?id=CVE-2019-14763
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid. En el kernel de Linux anterior a versión 4.16.4, un error de doble bloqueo en el archivo drivers/usb/dwc3/gadget.c puede causar un punto muerto con f_hid. • https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.4 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=072684e8c58d17e853f8e8b9f6d9ce2e58d2b036 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c91815b596245fd7da349ecc43c8def670d2269e https://github.com/torvalds/linux/commit/072684e8c58d17e853f8e8b9f6d9ce2e58d2b036 https://github.com/torvalds/linux/commit/c91815b596245fd7da349ecc43c8def670d2269e https://usn.ubuntu.com/4115-1 https://usn.ubuntu.com/4118-1 https • CWE-667: Improper Locking •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-6762
https://notcve.org/view.php?id=CVE-2007-6762
In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array. En el kernel de Linux anterior a versión 2.6.20, se presenta un error por un paso en el archivo net/netlabel/netlabel_cipso_v4.c donde es posible desbordar la matriz doi_def-)tags[]. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2a2f11c227bdf292b3a2900ad04139d301b56ac4 https://github.com/torvalds/linux/commit/2a2f11c227bdf292b3a2900ad04139d301b56ac4 https://mirrors.edge.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20 https://support.f5.com/csp/article/K05342145 https://support.f5.com/csp/article/K05342145?utm_source=f5support&%3Butm_medium=RSS • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-5327
https://notcve.org/view.php?id=CVE-2011-5327
In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption. En el kernel de Linux anterior a versión 3.1, un problema por un paso en el archivo drivers/target/loopback/tcm_loop.c en la función tcm_loop_make_naa_tpg() podría causar, como mínimo, una corrupción de memoria. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=12f09ccb4612734a53e47ed5302e0479c10a50f8 https://github.com/torvalds/linux/commit/12f09ccb4612734a53e47ed5302e0479c10a50f8 https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1 https://support.f5.com/csp/article/K42315210 https://support.f5.com/csp/article/K42315210?utm_source=f5support&%3Butm_medium=RSS • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-6712
https://notcve.org/view.php?id=CVE-2012-6712
In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption. En el kernel de Linux anterior a versión 3.4, ocurre un desbordamiento de búfer en el archivo drivers/net/wireless/iwlwifi/iwl-agn-sta.c, que causará al menos una corrupción de memoria. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2da424b0773cea3db47e1e81db71eeebde8269d4 https://github.com/torvalds/linux/commit/2da424b0773cea3db47e1e81db71eeebde8269d4 https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •