CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6951 – kernel: NULL pointer dereference in keyring_search_aux function
https://notcve.org/view.php?id=CVE-2017-6951
The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type. La función keyring_search_aux en security/keys/keyring.c en el kernel de Linux hasta la versión 3.14.79 permite a usuarios locales provocar una denegación de servicio (referencia a puntero NULL y OOPS) a través de una llamada al sistema request_key para el tipo "muerte". The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allows local users to cause a denial of service via a request_key system call for the "dead" key type. • http://www.securityfocus.com/bid/96943 http://www.spinics.net/lists/keyrings/msg01845.html http://www.spinics.net/lists/keyrings/msg01846.html http://www.spinics.net/lists/keyrings/msg01849.html https://access.redhat.com/errata/RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2669 https://access.redhat.com/security/cve/CVE-2017-6951 https://bugzilla.redhat.com/show_bug.cgi?id=1433252 • CWE-476: NULL Pointer Dereference •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0523
https://notcve.org/view.php?id=CVE-2017-0523
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-32835279. • http://www.securityfocus.com/bid/96735 http://www.securitytracker.com/id/1037968 https://source.android.com/security/bulletin/2017-03-01 https://source.android.com/security/bulletin/2017-03-01.html https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=5bb646471da76d3d5cd02cf3da7a03ce6e3cb582 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6345
https://notcve.org/view.php?id=CVE-2017-6345
The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls. El subsistema LLC en el kernel de Linux en versiones anteriores a 4.9.13 no garantiza que exista cierto destructor en las circunstancias requeridas, lo que permite a usuarios locales provocar una denegación de servicio (BUG_ON) o posiblemente tener otro impacto no especificado a través de llamadas al sistema manipuladas. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8b74d439e1697110c5e5c600643e823eb1dd0762 http://www.debian.org/security/2017/dsa-3804 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.13 http://www.openwall.com/lists/oss-security/2017/02/28/7 http://www.securityfocus.com/bid/96510 https://github.com/torvalds/linux/commit/8b74d439e1697110c5e5c600643e823eb1dd0762 https://usn.ubuntu.com/3754-1 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6353
https://notcve.org/view.php?id=CVE-2017-6353
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986. net/sctp/socket.c en el kernel de Linux en versiones hasta 4.10.1 no restringe adecuadamente las operaciones de despegue de la asociación durante varios estados de espera, lo que permite a usuarios locales provocar una denegación de servicio (desbloqueo no válido y liberación doble) a través de una aplicación multihilo. NOTA: esta vulnerabilidad existe debido a una solución incorrecta de CVE-2017-5986. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfcb9f4f99f1e9a49e43398a7bfbf56927544af1 http://www.debian.org/security/2017/dsa-3804 http://www.openwall.com/lists/oss-security/2017/02/27/2 http://www.securityfocus.com/bid/96473 https://github.com/torvalds/linux/commit/dfcb9f4f99f1e9a49e43398a7bfbf56927544af1 • CWE-415: Double Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6348
https://notcve.org/view.php?id=CVE-2017-6348
The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices. La función hashben_delete en net/irda/irqueue.c en el kernel de Linux en versiones anteriores a 4.9.13 administra incorrectamente el soltado del bloqueo, lo que permite a usuarios locales provocar una denegación de servicio (punto muerto) a través de operaciones manipuladas en los dispositivos IrDA. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4c03b862b12f980456f9de92db6d508a4999b788 http://www.debian.org/security/2017/dsa-3804 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.13 http://www.openwall.com/lists/oss-security/2017/02/28/4 http://www.securityfocus.com/bid/96483 https://github.com/torvalds/linux/commit/4c03b862b12f980456f9de92db6d508a4999b788 https://usn.ubuntu.com/3754-1 •