CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2064
https://notcve.org/view.php?id=CVE-2016-2064
07 Aug 2016 — sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted application that makes an ioctl call specifying many commands. sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c en el controlador de audio MSM QDSP6 para el kernel de Linux 3.x, como se... • http://www.securityfocus.com/bid/92375 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0573
https://notcve.org/view.php?id=CVE-2015-0573
07 Aug 2016 — drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via a crafted application that makes a TSC_GET_CARD_STATUS ioctl call. drivers/media/platform/msm/broadcast/tsc.c en el controlador TSC para el kernel de Linux 3.x, como se usa en contribuciones Qualcomm ... • https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=e20f20aaed6b6d2fd1667bad9be9ef35103a51df • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-0568
https://notcve.org/view.php?id=CVE-2015-0568
07 Aug 2016 — Use-after-free vulnerability in the msm_set_crop function in drivers/media/video/msm/msm_camera.c in the MSM-Camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (memory corruption) via an application that makes a crafted ioctl call. Vulnerabilidad de uso después de liberación de memoria en la función msm_set_crop en drivers/media/video/msm/msm_camera.c e... • https://github.com/betalphafai/CVE-2015-0568 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2063
https://notcve.org/view.php?id=CVE-2016-2063
07 Aug 2016 — Stack-based buffer overflow in the supply_lm_input_write function in drivers/thermal/supply_lm_core.c in the MSM Thermal driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted application that sends a large amount of data through the debugfs interface. Desbordamiento de búfer basado en pila en la función supply_lm_input_write e... • http://www.securityfocus.com/bid/92381 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5340
https://notcve.org/view.php?id=CVE-2016-5340
07 Aug 2016 — The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name. La función is_ashmem_file en drivers/staging/android/ashmem.c en un cierto parche Qualcomm Innovation Center (QuIC) Android para el kernel de Linux 3.x no maneja adecuadamente validac... • http://source.android.com/security/bulletin/2016-10-01.html • CWE-20: Improper Input Validation •
CVSS: 5.8EPSS: 0%CPEs: 4EXPL: 5CVE-2016-5696 – kernel: challenge ACK counter information disclosure.
https://notcve.org/view.php?id=CVE-2016-5696
06 Aug 2016 — net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack. net/ipv4/tcp_input.c en el kernel de Linux en versiones anteriores a 4.7 no determina adecuadamente la tasa de segmentos de desafío ACK, lo que facilita a atacantes remotos secuestrar sesiones TCP a través de un ataque ciego en ventana. It was found that the RFC 5961 challenge ACK rate limiting as i... • https://github.com/Gnoxter/mountain_goat • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2016-6187 – Linux Kernel < 4.5.1 - Off-By-One (PoC)
https://notcve.org/view.php?id=CVE-2016-6187
06 Aug 2016 — The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor setprocattr hook. La función apparmor_setprocattr en security/apparmor/lsm.c en el kernel de Linux en versiones anteriores a 4.6.5 no valida el tamaño de búfer, lo que permite a usuarios locales obtener privilegios desencadenando un gancho AppArmor setprocattr. • https://www.exploit-db.com/exploits/44301 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6162
https://notcve.org/view.php?id=CVE-2016-6162
06 Aug 2016 — net/core/skbuff.c in the Linux kernel 4.7-rc6 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via certain IPv6 socket operations. net/core/skbuff.c en el kernel de Linux 4.7-rc6 permite a usuarios locales provocar una denegación de servicio (pánico) o posiblemente tener otro impacto no especificado a través de ciertas operaciones socket IPv6. • http://www.openwall.com/lists/oss-security/2016/07/05/8 • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2016-3841 – kernel: use-after-free via crafted IPV6 sendmsg for raw / tcp / udp / l2tp sockets.
https://notcve.org/view.php?id=CVE-2016-3841
06 Aug 2016 — The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call. La pila IPv6 en el kernel de Linux en versiones anteriores a 4.3.3 no maneja adecuadamente datos de las opciones, lo que permite a usuarios locales obtener privilegios o provocar una denegación de servicio (uso después de liberación y caída de sistema) a través de una llamada al sistema sendmsg m... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=45f6fad84cc305103b28d73482b344d7f5b76f39 • CWE-264: Permissions, Privileges, and Access Controls CWE-416: Use After Free CWE-667: Improper Locking •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5400
https://notcve.org/view.php?id=CVE-2016-5400
06 Aug 2016 — Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumption) via a crafted USB device that emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV devices and performs many connect and disconnect operations. Pérdida de memoria en la función airspy_probe en drivers/media/usb/airspy/airspy.c en el controlador USB airspy en el kernel de Linux en versiones anteriores a 4.7 permite ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa93d1fee85c890a34f2510a310e55ee76a27848 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •