CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2017-9076 – kernel: net: IPv6 DCCP implementation mishandles inheritance
https://notcve.org/view.php?id=CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. La función dccp_v6_request_recv_sock en el archivo net/dccp/ipv6.c en el kernel de Linux hasta versión 4.11.1, el manejo inapropiado de la herencia, permite a los usuarios locales causar una denegación de servicio o posiblemente tener otro impacto no especificado por medio de llamadas de sistema diseñadas, un problema relacionado con CVE-2017 -8890. The IPv6 DCCP implementation in the Linux kernel mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. An unprivileged local user could use this flaw to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52 http://www.debian.org/security/2017/dsa-3886 http://www.securityfocus.com/bid/98586 https://access.redhat.com/errata/RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2669 https://access.redhat.com/errata/RHSA-2018:1854 https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52 https://patchwork.ozlabs.org • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9059
https://notcve.org/view.php?id=CVE-2017-9059
The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service (resource consumption) by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module reference and kernel daemon" leak. La implementación NFSv4 en el kernel de Linux hasta versión 4.11.1, permite a los usuarios locales causar una denegación de servicio (consumo de recursos) para aprovechar el apagado inapropiado de la devolución de llamada de canal al desmontar un sistema de archivos NFSv4, también se conoce como una perdida del "module reference and kernel daemon". • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c70422f760c120480fee4de6c38804c72aa26bc1 http://www.securityfocus.com/bid/98551 https://bugzilla.redhat.com/show_bug.cgi?id=1451386 https://github.com/torvalds/linux/commit/c70422f760c120480fee4de6c38804c72aa26bc1 https://www.spinics.net/lists/linux-nfs/msg63334.html • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7495 – kernel: ext4: power failure during write(2) causes on-disk information leak
https://notcve.org/view.php?id=CVE-2017-7495
fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from other users' files in opportunistic circumstances by waiting for a hardware reset, creating a new file, making write system calls, and reading this file. En el archivo fs/ext4/inode.c en el kernel de Linux anterior a versión 4.6.2, cuando es usado el modo data=ordered de ext4, maneja inapropiadamente una lista de necesidades de descarga antes de confirmar, lo que permite a los usuarios locales obtener información confidencial de los archivos de otros usuarios en circunstancias oportunistas al esperar un reinicio del hardware, crear un archivo nuevo, hacer llamadas al sistema de escritura y leer este archivo. A vulnerability was found in the Linux kernel where filesystems mounted with data=ordered mode may allow an attacker to read stale data from recently allocated blocks in new files after a system 'reset' by abusing ext4 mechanics of delayed allocation. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=06bd3c36a733ac27962fea7d6f47168841376824 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.2 http://www.openwall.com/lists/oss-security/2017/05/15/2 http://www.securityfocus.com/bid/98491 https://bugzilla.redhat.com/show_bug.cgi?id=1450261 https://github.com/torvalds/linux/commit/06bd3c36a733ac27962fea7d6f47168841376824 https://source.android.com/security/bulletin/2017-09-01 https://access.redhat.com/security • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2017-7487
https://notcve.org/view.php?id=CVE-2017-7487
The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface. La función ipxitf_ioctl en el archivo net/ipx/af_ipx.c en el kernel de Linux hasta la versión 4.11.1, maneja inapropiadamente conteos de referencias, lo que permite a los usuarios locales causar una denegación de servicio (uso de memoria previamente liberada) o posiblemente tener otro impacto no especificado por medio de una llamada ioctl SIOCGIFADDR fallida para una interfaz de IPX. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee0d8d8482345ff97a75a7d747efc309f13b0d80 http://www.debian.org/security/2017/dsa-3886 http://www.securityfocus.com/bid/98439 http://www.securitytracker.com/id/1039237 https://bugzilla.redhat.com/show_bug.cgi?id=1447734 https://github.com/torvalds/linux/commit/ee0d8d8482345ff97a75a7d747efc309f13b0d80 https://patchwork.ozlabs.org/patch/757549 https://source.android.com/security/bulletin/2017-09-01 • CWE-416: Use After Free •
CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0CVE-2017-8924
https://notcve.org/view.php?id=CVE-2017-8924
The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow. La función edge_bulk_in_callback en drivers/usb/serial/io_ti.c en el kernel de Linux anterior a 4.10.4 permite a los usuarios locales obtener información sensible (en el dmesg ringbuffer y syslog) de la memoria del kernel no inicializada usando un dispositivo USB manipulado (aparentando ser un io_ti USB serie) para activar un desbordamiento inferior de enteros. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=654b404f2a222f918af9b0cd18ad469d0c941a8e http://www.debian.org/security/2017/dsa-3886 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4 http://www.securityfocus.com/bid/98451 https://github.com/torvalds/linux/commit/654b404f2a222f918af9b0cd18ad469d0c941a8e • CWE-191: Integer Underflow (Wrap or Wraparound) •