Page 373 of 2144 results (0.011 seconds)

CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 5

CVE-2016-0728 – Linux Kernel 4.4.1 - REFCOUNT Overflow Use-After-Free in Keyrings Local Privilege Escalation

https://notcve.org/view.php?id=CVE-2016-0728

The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. La función join_session_keyring en security/keys/process_keys.c en el kernel de Linux en versiones anteriores a 4.4.1 no maneja correctamente referencias a objetos en un cierto caso de error, lo que permite a usuarios locales obtener privilegios o provocar una denegación de servicio (desbordamiento de entero y uso después de liberación) a través de comandos keyctl manipulados. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system. • https://www.exploit-db.com/exploits/40003 https://www.exploit-db.com/exploits/39277 https://github.com/hal0taso/CVE-2016-0728 https://github.com/googleweb/CVE-2016-0728 https://github.com/th30d00r/Linux-Vulnerability-CVE-2016-0728-and-Exploit http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23567fd052a9abb6d67fe8e7a9ccdd9800a540f2 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html http://lists.fedoraproject.org/pipermail/package-announce/2016 • CWE-416: Use After Free •

CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 1

CVE-2015-6637

https://notcve.org/view.php?id=CVE-2015-6637

The MediaTek misc-sd driver in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 25307013. El driver MediaTek misc-sd en Android en versiones anteriores a 5.1.1 LMY49F y 6.0 en versiones anteriores a 2016-01-01 permite a atacantes obtener privilegios a través de una aplicación manipulada, también conocida como error interno 25307013. • https://github.com/betalphafai/CVE-2015-6637 http://source.android.com/security/bulletin/2016-01-01.html http://www.securitytracker.com/id/1034592 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2015-6644 – bouncycastle: Information disclosure in GCMBlockCipher

https://notcve.org/view.php?id=CVE-2015-6644

Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 24106146. Bouncy Castle en Android en versiones anteriores a 5.1.1 LMY49F y 6.0 en versiones anteriores a 2016-01-01 permite a atacantes obtener información sensible a través de una aplicación manipulada, también conocida como error interno 24106146. It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. • http://source.android.com/security/bulletin/2016-01-01.html http://www.debian.org/security/2017/dsa-3829 http://www.securityfocus.com/bid/79865 http://www.securitytracker.com/id/1034592 https://access.redhat.com/errata/RHSA-2017:1832 https://access.redhat.com/errata/RHSA-2017:2808 https://access.redhat.com/errata/RHSA-2017:2809 https://access.redhat.com/errata/RHSA-2017:2810 https://access.redhat.com/errata/RHSA-2017:2811 https://access.redhat.com/errata/RHSA-2018:2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 3.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-6641

https://notcve.org/view.php?id=CVE-2015-6641

Bluetooth in Android 6.0 before 2016-01-01 allows remote attackers to obtain sensitive Contacts information by leveraging pairing, aka internal bug 23607427. Bluetooth en Android 6.0 en versiones anteriores a 2016-01-01 permite a atacantes remotos obtener información sensible de Contacts aprovechándo el pareado, también conocida como error interno 23607427. • http://source.android.com/security/bulletin/2016-01-01.html http://www.securitytracker.com/id/1034592 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0

CVE-2015-6643

https://notcve.org/view.php?id=CVE-2015-6643

Setup Wizard in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows physically proximate attackers to modify settings or bypass a reset protection mechanism via unspecified vectors, aka internal bug 25290269. Setup Wizard en Android 5.x en versiones anteriores a 5.1.1 LMY49F y 6.0 en versiones anteriores a 2016-01-01 permite a atacantes físicamente próximos modificar ajustes o eludir un mecanismo de protección de reseteo a través de vectores no especificados, también conocida como error interno 25290269. • http://source.android.com/security/bulletin/2016-01-01.html http://www.securitytracker.com/id/1034592 • CWE-264: Permissions, Privileges, and Access Controls •