CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0523
https://notcve.org/view.php?id=CVE-2017-0523
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-32835279. • http://www.securityfocus.com/bid/96735 http://www.securitytracker.com/id/1037968 https://source.android.com/security/bulletin/2017-03-01 https://source.android.com/security/bulletin/2017-03-01.html https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=5bb646471da76d3d5cd02cf3da7a03ce6e3cb582 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6353
https://notcve.org/view.php?id=CVE-2017-6353
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986. net/sctp/socket.c en el kernel de Linux en versiones hasta 4.10.1 no restringe adecuadamente las operaciones de despegue de la asociación durante varios estados de espera, lo que permite a usuarios locales provocar una denegación de servicio (desbloqueo no válido y liberación doble) a través de una aplicación multihilo. NOTA: esta vulnerabilidad existe debido a una solución incorrecta de CVE-2017-5986. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfcb9f4f99f1e9a49e43398a7bfbf56927544af1 http://www.debian.org/security/2017/dsa-3804 http://www.openwall.com/lists/oss-security/2017/02/27/2 http://www.securityfocus.com/bid/96473 https://github.com/torvalds/linux/commit/dfcb9f4f99f1e9a49e43398a7bfbf56927544af1 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6345
https://notcve.org/view.php?id=CVE-2017-6345
The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls. El subsistema LLC en el kernel de Linux en versiones anteriores a 4.9.13 no garantiza que exista cierto destructor en las circunstancias requeridas, lo que permite a usuarios locales provocar una denegación de servicio (BUG_ON) o posiblemente tener otro impacto no especificado a través de llamadas al sistema manipuladas. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8b74d439e1697110c5e5c600643e823eb1dd0762 http://www.debian.org/security/2017/dsa-3804 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.13 http://www.openwall.com/lists/oss-security/2017/02/28/7 http://www.securityfocus.com/bid/96510 https://github.com/torvalds/linux/commit/8b74d439e1697110c5e5c600643e823eb1dd0762 https://usn.ubuntu.com/3754-1 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6348
https://notcve.org/view.php?id=CVE-2017-6348
The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices. La función hashben_delete en net/irda/irqueue.c en el kernel de Linux en versiones anteriores a 4.9.13 administra incorrectamente el soltado del bloqueo, lo que permite a usuarios locales provocar una denegación de servicio (punto muerto) a través de operaciones manipuladas en los dispositivos IrDA. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4c03b862b12f980456f9de92db6d508a4999b788 http://www.debian.org/security/2017/dsa-3804 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.13 http://www.openwall.com/lists/oss-security/2017/02/28/4 http://www.securityfocus.com/bid/96483 https://github.com/torvalds/linux/commit/4c03b862b12f980456f9de92db6d508a4999b788 https://usn.ubuntu.com/3754-1 •
CVSS: 7.8EPSS: 1%CPEs: 6EXPL: 0CVE-2017-2634 – kernel: dccp: crash while sending ipv6 reset packet
https://notcve.org/view.php?id=CVE-2017-2634
It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. A remote attacker could use this flaw to crash the system. Se ha encontrado que la implementación del Protocolo de Control de Congestión de Datagramas (DCCP) del kernel de Linux en versiones anteriores a la 2.6.22.17 usaba la función inet_sk_rebuild_header() solo para IPv4 y conexiones DCCP IPv6, lo que podría resultar en corrupciones de memoria. Un atacante remoto podría utilizar este fallo para provocar un cierre inesperado del sistema. It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. • http://rhn.redhat.com/errata/RHSA-2017-0323.html http://rhn.redhat.com/errata/RHSA-2017-0346.html http://rhn.redhat.com/errata/RHSA-2017-0347.html http://www.securityfocus.com/bid/96529 http://www.securitytracker.com/id/1037909 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2634 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f53dc67c5e7babafe239b93a11678b0e05bead51 https://access.redhat.com/security/cve/CVE-2017-2634 https://bugzilla.redhat • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •