CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10087
https://notcve.org/view.php?id=CVE-2018-10087
The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value. La función kernel_wait4 en kernel/exit.c en el kernel de Linux, en versiones anteriores a la 4.13, cuando se emplea una arquitectura y un compilador sin especificar, podría permitir que usuarios locales provoquen una denegación de servicio (DoS) desencadenando un intento de uso del valor -INT_MIN. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd83c161fbcc5d8be637ab159c0de015cbff5ba4 http://www.securityfocus.com/bid/103774 https://github.com/torvalds/linux/commit/dd83c161fbcc5d8be637ab159c0de015cbff5ba4 https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html https://news.ycombinator.com/item?id=2972021 https://usn.ubuntu.com/3696-1 https://usn.ubuntu.com/3696-2 https://usn.ubuntu.com/3754-1 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-10074
https://notcve.org/view.php?id=CVE-2018-10074
The hi3660_stub_clk_probe function in drivers/clk/hisilicon/clk-hi3660-stub.c in the Linux kernel before 4.16 allows local users to cause a denial of service (NULL pointer dereference) by triggering a failure of resource retrieval. La función hi3660_stub_clk_probe en drivers/clk/hisilicon/clk-hi3660-stub.c en el kernel de Linux, en versiones anteriores a la 4.16, permite que usuarios locales provoquen una denegación de servicio (desreferencia de puntero NULL) al desencadenar un error de recuperación de recursos. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9903e41ae1f5d50c93f268ca3304d4d7c64b9311 https://github.com/torvalds/linux/commit/9903e41ae1f5d50c93f268ca3304d4d7c64b9311 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-10021
https://notcve.org/view.php?id=CVE-2018-10021
drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows local users to cause a denial of service (ata qc leak) by triggering certain failure conditions. NOTE: a third party disputes the relevance of this report because the failure can only occur for physically proximate attackers who unplug SAS Host Bus Adapter cables ** EN DISPUTA ** drivers/scsi/libsas/sas_scsi_host.c en el kernel de Linux en versiones anteriores a la 4.16 permite que los usuarios locales provoquen una denegación de servicio (ata qc leak) al desencadenarse una serie de condiciones de fallo. NOTA: un tercero discute la relevancia de este informe debido a que el error solo puede ocurrir para atacantes físicamente cercanos que desconectan los cables SAS Host Bus Adapter. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=318aaf34f1179b39fa9c30fa0f3288b645beee39 https://bugzilla.suse.com/show_bug.cgi?id=1089281 https://github.com/torvalds/linux/commit/318aaf34f1179b39fa9c30fa0f3288b645beee39 https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html https://usn.ubuntu.com/3678-1 https://usn.ubuntu.com/3678-2 https://usn.ubuntu.com/3678-3 https://usn.ubuntu.com/3678-4 https://usn.ubuntu.com/3696-1 https://usn.ubuntu •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-18257
https://notcve.org/view.php?id=CVE-2017-18257
The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl. La función __get_data_block en fs/f2fs/data.c en el kernel de Linux, en versiones anteriores a la 4.11, permite que usuarios locales provoquen una denegación de servicio (desbordamiento de enteros y bucle) mediante el uso manipulado de las llamadas del sistema open y fallocate con un ioctl FS_IOC_FIEMAP. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b86e33075ed1909d8002745b56ecf73b833db143 https://github.com/torvalds/linux/commit/b86e33075ed1909d8002745b56ecf73b833db143 https://usn.ubuntu.com/3696-1 https://usn.ubuntu.com/3696-2 https://www.debian.org/security/2018/dsa-4188 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-1095 – kernel: out-of-bound access in fs/posix_acl.c:get_acl() causes crash with crafted ext4 image
https://notcve.org/view.php?id=CVE-2018-1095
The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, which causes misinterpretation of a size as an error code, and consequently allows attackers to cause a denial of service (get_acl NULL pointer dereference and system crash) via a crafted ext4 image. La función ext4_xattr_check_entries en fs/ext4/xattr.c en el kernel de Linux hasta la versión 4.15.15 no valida correctamente los tamaños de xattr, lo que provoca una malinterpretación de un tamaño como un código de error y, en consecuencia, permite que los atacantes provoquen una denegación de servicio (desreferencia de puntero NULL en get_acl y cierre inesperado del sistema) mediante una imagen ext4 manipulada. The Linux kernel is vulnerable to an out-of-bound access bug in the fs/posix_acl.c:get_acl() function. An attacker could trick a legitimate user or a privileged attacker could exploit this to cause a system crash or other unspecified impact with a crafted ext4 image. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely. • http://openwall.com/lists/oss-security/2018/03/29/1 https://access.redhat.com/errata/RHSA-2018:2948 https://bugzilla.kernel.org/show_bug.cgi?id=199185 https://bugzilla.redhat.com/show_bug.cgi?id=1560793 https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=ce3fd194fcc6fbdc00ce095a852f22df97baa401 https://usn.ubuntu.com/3695-1 https://usn.ubuntu.com/3695-2 https://access.redhat.com/security/cve/CVE-2018-1095 • CWE-476: NULL Pointer Dereference •