CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7917
https://notcve.org/view.php?id=CVE-2016-7917
The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability. La función nfnetlink_rcv_batch en net / netfilter / nfnetlink.c en el kernel de Linux en versiones anteriores a 4.5 no comprueba si el campo de longitud de un mensaje por lotes es lo suficientemente grande, lo que permite a los usuarios locales obtener información sensible de la memoria del kernel o provocar una denegación de servicio (bucle infinito o lectura fuera de rango) aprovechando la capacidad de CAP_NET_ADMIN. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c58d6c93680f28ac58984af61d0a7ebf4319c241 http://source.android.com/security/bulletin/2016-11-01.html http://www.securityfocus.com/bid/94147 https://github.com/torvalds/linux/commit/c58d6c93680f28ac58984af61d0a7ebf4319c241 • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7915 – kernel: HID: core: prevent out-of-bound readings
https://notcve.org/view.php?id=CVE-2016-7915
The hid_input_field function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device, as demonstrated by a Logitech DJ receiver. La función hid_input_field en drivers/hid/hid-core.c en el kernel de Linux en versiones anteriores a 4.6 Permite que atacantes físicamente próximos obtengan información sensible de la memoria del núcleo o causen una denegación de servicio (lectura fuera de rango) conectando un dispositivo, como lo demuestra un receptor Logitech DJ. The hid_input_field() function in 'drivers/hid/hid-core.c' in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=50220dead1650609206efe91f0cc116132d59b3f http://rhn.redhat.com/errata/RHSA-2016-2574.html http://source.android.com/security/bulletin/2016-11-01.html http://www.securityfocus.com/bid/94138 https://github.com/torvalds/linux/commit/50220dead1650609206efe91f0cc116132d59b3f https://access.redhat.com/security/cve/CVE-2016-7915 https://bugzilla.redhat.com/show_bug.cgi?id=1404733 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8964
https://notcve.org/view.php?id=CVE-2015-8964
The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure. La función tty_set_termios_ldisc en drivers/tty/tty_ldisc.c enel kernel de Linux en versiones anteriores a 4.5 permite a los usuarios locales obtener información sensible de la memoria del kernel mediante la lectura de una estructura de datos tty. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd42bf1197144ede075a9d4793123f7689e164bc http://source.android.com/security/bulletin/2016-11-01.html http://www.securityfocus.com/bid/94138 https://github.com/torvalds/linux/commit/dd42bf1197144ede075a9d4793123f7689e164bc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2016-7913 – kernel: media: use-after-free in [tuner-xc2028] media driver
https://notcve.org/view.php?id=CVE-2016-7913
The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure. La función xc2028_set_config en drivers/media/tuners/tuner-xc2028.c en el kernel de Linux en versiones anteriores a 4.6 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (uso después de liberación de memoria) mediante vectores que implican la omisión del nombre de firmware de una determinada estructura de datos. The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8dfbcc4351a0b6d2f2d77f367552f48ffefafe18 http://source.android.com/security/bulletin/2016-11-01.html http://www.securityfocus.com/bid/94201 https://access.redhat.com/errata/RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1190 https://github.com/torvalds/linux/commit/8dfbcc4351a0b6d2f2d77f367552f48ffefafe18 https://usn&# • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2016-7911
https://notcve.org/view.php?id=CVE-2016-7911
Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call. Condición de carrera en la función get_task_ioprio en block/ioprio.c en el kernel de Linux en versiones anteriores a 4.6.6 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (uso posterior a la llamada) mediante una llamada manipulada al sistema ioprio_get. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ba8682107ee2ca3347354e018865d8e1967c5f4 http://source.android.com/security/bulletin/2016-11-01.html http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.6 http://www.securityfocus.com/bid/94135 https://github.com/torvalds/linux/commit/8ba8682107ee2ca3347354e018865d8e1967c5f4 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •