CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 0CVE-2018-11236 – glibc: Integer overflow in stdlib/canonicalize.c on 32-bit architectures leading to stack-based buffer overflow
https://notcve.org/view.php?id=CVE-2018-11236
18 May 2018 — stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution. stdlib/canonicalize.c en GNU C Library (también conocida como glibc o libc6), en versiones 2.27 y anteriores, al procesar argumentos con un nombre de ruta muy largo en la función realpath, podría encontrarse con u... • http://www.securityfocus.com/bid/104255 • CWE-121: Stack-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 2CVE-2018-11237 – glibc: Buffer overflow in __mempcpy_avx512_no_vzeroupper
https://notcve.org/view.php?id=CVE-2018-11237
18 May 2018 — An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper. Una implementación optimizada para AVX-512 de la función mempcpy en GNU C Library (también conocido como glibc o libc6), en versiones 2.27 y anteriores, podría escribir datos más allá del búfer objetivo, lo que desemboca en un desbordamiento de búfer en __mempcpy_avx512_no_vzeroupper. A ... • https://packetstorm.news/files/id/147870 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.9EPSS: 91%CPEs: 22EXPL: 8CVE-2018-1111 – DynoRoot DHCP Client - Command Injection
https://notcve.org/view.php?id=CVE-2018-1111
15 May 2018 — DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol. Los paquetes DHCP en Red Hat Enterprise Linux 6 y 7, Fedora... • https://packetstorm.news/files/id/147698 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-1118 – kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg()
https://notcve.org/view.php?id=CVE-2018-1118
10 May 2018 — Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file. El vhost del kernel de Linux desde la versión 4.8 no inicializa correctamente la memoria en los mensajes que se pasan entre invitados virtuales y el sistema operativo host en la función vhost/vhos... • https://access.redhat.com/errata/RHSA-2018:2948 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-665: Improper Initialization •
CVSS: 8.0EPSS: 0%CPEs: 24EXPL: 0CVE-2018-1087 – Kernel: KVM: error in exception handling leads to wrong debug stack value
https://notcve.org/view.php?id=CVE-2018-1087
08 May 2018 — kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to cra... • http://www.openwall.com/lists/oss-security/2018/05/08/5 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0CVE-2018-10675 – kernel: mm: use-after-free in do_get_mempolicy function allows local DoS or other unspecified impact
https://notcve.org/view.php?id=CVE-2018-10675
02 May 2018 — The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls. La función do_get_mempolicy en mm/mempolicy.c en el kernel de Linux, en versiones anteriores a la 4.12.9, permite que los usuarios locales provoquen una denegación de servicio (uso de memoria previamente liberada) o, posiblemente, causen otros impactos no especificados mediante llamadas del siste... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=73223e4e2e3867ebf033a5a8eb2e5df0158ccc99 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-10322 – kernel: Invalid pointer dereference in xfs_ilock_attr_map_shared() when mounting crafted xfs image allowing denial of service
https://notcve.org/view.php?id=CVE-2018-10322
24 Apr 2018 — The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image. La función xfs_dinode_verify en fs/xfs/libxfs/xfs_inode_buf.c en el kernel de Linux, hasta la versión 4.16.3, permite que usuarios locales provoquen una denegación de servicio (desreferencia de puntero inválido en xfs_ilock_attr_map_shared) mediante una imagen xfs manipulada. The xfs... • http://www.securityfocus.com/bid/103960 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 39EXPL: 0CVE-2018-8088 – slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution
https://notcve.org/view.php?id=CVE-2018-8088
20 Mar 2018 — org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series. org.slf4j.ext.EventData en el módulo slf4j-ext en QOS.CH SLF4J antes de la versión 1.8.0-beta2 permite a los atacantes remotos saltarse las restricciones de acceso previstas a través de datos manipulados. EventData en el módul... • http://www.securityfocus.com/bid/103737 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.1EPSS: 0%CPEs: 23EXPL: 0CVE-2018-1068 – kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c
https://notcve.org/view.php?id=CVE-2018-1068
16 Mar 2018 — A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory. Se ha encontrado un error en la implementación de la interfaz syscall de 32 bits para puentes de red (bridging) en el kernel de las versiones 4.x de Linux. Esto permitía que un usuario privilegiado escribiese de forma arbitraria en un rango limitado de memoria del kernel. A flaw was found in the Linux kernel's implementat... • http://www.securityfocus.com/bid/103459 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2018-7740 – kernel: Denial of service in resv_map_release function in mm/hugetlb.c
https://notcve.org/view.php?id=CVE-2018-7740
07 Mar 2018 — The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call. La función resv_map_release en mm/hugetlb.c en el kernel de Linux hasta la versión 4.15.7 permite que usuarios locales provoquen una denegación de servicio (error) mediante una aplicación manipulada que realiza llamadas del sistema mmap y tiene un argume... • http://www.securityfocus.com/bid/103316 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •