CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 3CVE-2018-14634 – Linux Kernel 2.6.x / 3.10.x / 4.14.x (RedHat / Debian / CentOS) (x64) - 'Mutagen Astronomy' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-14634
25 Sep 2018 — An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable. Se ha encontrado un error de desbordamiento de enteros en la función create_elf_tables() del kernel de Linux. Un usuario local sin privilegios con acceso al binario SUID (o a otro privilegiado) podría emplear ... • https://www.exploit-db.com/exploits/45516 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.3EPSS: 0%CPEs: 20EXPL: 0CVE-2018-14633 – kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target
https://notcve.org/view.php?id=CVE-2018-14633
25 Sep 2018 — A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system... • http://www.securityfocus.com/bid/105388 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-16597 – kernel: overlayfs file truncation without permissions
https://notcve.org/view.php?id=CVE-2018-16597
21 Sep 2018 — An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem. Se ha descubierto un problema en el kernel de Linux en versiones anteriores a la 4.8. La comprobación de acceso incorrecta de montajes de overlayfs podría ser empleada por los atacantes locales para modificar o truncar archivos en el sistema de archivos subyacente An issue was discovered in the Linux kernel where an i... • http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00033.html • CWE-862: Missing Authorization CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 5CVE-2018-17182 – Linux Kernel - VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-17182
19 Sep 2018 — An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations. Se ha descubierto un problema en el kernel de Linux hasta la versión 4.18.8. La función vmacache_flush_all en mm/vmacache.c manipula incorrectamente los desbordamientos de números de secuencias. • https://www.exploit-db.com/exploits/45497 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 1CVE-2018-14641 – kernel: a bug in ip_frag_reasm() can cause a crash in ip_do_fragment()
https://notcve.org/view.php?id=CVE-2018-14641
18 Sep 2018 — A security flaw was found in the ip_frag_reasm() function in net/ipv4/ip_fragment.c in the Linux kernel from 4.19-rc1 to 4.19-rc3 inclusive, which can cause a later system crash in ip_do_fragment(). With certain non-default, but non-rare, configuration of a victim host, an attacker can trigger this crash remotely, thus leading to a remote denial-of-service. Se ha encontrado un error de seguridad en la función ip_frag_reasm() en net/ipv4/ip_fragment.c en el kernel de Linux, desde la versión 4.19-rc1 a la 4.1... • https://access.redhat.com/errata/RHSA-2018:2948 • CWE-20: Improper Input Validation CWE-456: Missing Initialization of a Variable •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10853 – kernel: kvm: guest userspace to guest kernel write
https://notcve.org/view.php?id=CVE-2018-10853
11 Sep 2018 — A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest. Se ha encontrado un error en la forma en la que el hipervisor KVM del kernel de Linux en versiones anteriores a la 4.18 emulaba instrucciones como sgdt/sidt/fxsave/fxrstor. No comprobó el nivel d... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2018-16658 – kernel: Information leak in cdrom_ioctl_drive_status
https://notcve.org/view.php?id=CVE-2018-16658
07 Sep 2018 — An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940. Se ha descubierto un problema en el kernel de Linux hasta antes de la versión 4.18.6. Una fuga de información en cdrom_ioctl_drive_status en drivers/cdrom/cdrom.c podría ser empleada por atacantes locales para leer m... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f3fafc9c2f0ece10832c25f7ffcb07c97a32ad4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-6555
https://notcve.org/view.php?id=CVE-2018-6555
04 Sep 2018 — The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket. La función irda_setsockopt en net/irda/af_irda.c y siguientes en drivers/staging/irda/net/af_irda.c en el kernel de Linux en versiones anteriores a la 4.17 permite que usuarios locales provoquen una denegación de servicio (... • http://www.securityfocus.com/bid/105304 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-6554
https://notcve.org/view.php?id=CVE-2018-6554
04 Sep 2018 — Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket. Fuga de memoria en la función irda_bind en net/irda/af_irda.c y siguientes en drivers/staging/irda/net/af_irda.c en el kernel de Linux en versiones anteriores a la 4.17 permite que usuarios locales provoquen una denegación de servicio (consumo de memoria) enlaza... • http://www.securityfocus.com/bid/105302 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2018-16276
https://notcve.org/view.php?id=CVE-2018-16276
31 Aug 2018 — An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges. Se descubrió un problema en yurex_read en drivers/usb/misc/yurex.c en el kernel de Linux hasta la versión 4.17.7. Los atacantes locales pueden emplear lecturas/escrituras de acceso de usuario con una comprobación incorrecta de límites en el controlad... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f1e255d60ae66a9f672ff9a207ee6cd8e33d2679 • CWE-787: Out-of-bounds Write •