CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 10CVE-2017-11176 – Linux Kernel < 4.11.8 - 'mq_notify: double sock_put()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-11176
11 Jul 2017 — The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact. La función mq_notify en el kernel de Linux hasta versión 4.11.9 no se ajusta el puntero sock a NULL al ingresar a la lógica de reintento. Durante un cierre de espacio de usuario de un socket Netlink, permite que los atacantes c... • https://packetstorm.news/files/id/149707 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-9984 – Ubuntu Security Notice USN-3469-2
https://notcve.org/view.php?id=CVE-2017-9984
28 Jun 2017 — The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability. La función snd_msnd_interrupt en el archivo sound/isa/msnd/msnd_pinnacle.c en el kernel de Linux hasta la versión 4.11.7 permite a los usuarios locales causar una deneg... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=20e2b791796bd68816fa115f12be5320de2b8021 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2017-9985 – Ubuntu Security Notice USN-3469-2
https://notcve.org/view.php?id=CVE-2017-9985
28 Jun 2017 — The snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability. La función snd_msndmidi_input_read en el archivo sound/isa/msnd/msnd_midi.c en el kernel de Linux hasta la versión 4.11.7 permite a los usuarios locales causar una den... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=20e2b791796bd68816fa115f12be5320de2b8021 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2017-1000363 – Ubuntu Security Notice USN-3333-1
https://notcve.org/view.php?id=CVE-2017-1000363
20 Jun 2017 — Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line. Una escritura fuera de límites en el archivo drivers/ch... • http://www.debian.org/security/2017/dsa-3945 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 4CVE-2017-1000370 – Linux Kernel (Debian 7/8/9/10 / Fedora 23/24/25 / CentOS 5.3/5.11/6.0/6.8/7.2.1511) - 'ldso_hwcap Stack Clash' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-1000370
19 Jun 2017 — The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the protection of the offset2lib patch. This affects Linux Kernel version 4.11.5 and earlier. This is a different issue than CVE-2017-1000371. This issue appears to be limited to i386 based systems. El parche offset2lib tal como es usado por el... • https://packetstorm.news/files/id/143204 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 5CVE-2017-1000371 – Linux Kernel - 'offset2lib' Stack Clash
https://notcve.org/view.php?id=CVE-2017-1000371
19 Jun 2017 — The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimum distance between the end of the PIE binary's read-write segment and the start of the stack becomes small enough that the stack guard page can be jumped over by an attacker. This affects Linux Kernel version 4.... • https://packetstorm.news/files/id/143204 • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2010-5321
https://notcve.org/view.php?id=CVE-2010-5321
24 Apr 2017 — Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service (memory consumption) by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability than CVE-2007-6761. NOTE: as of 2016-06-18, this affects only 11 drivers that have not been updated to use videobuf2 instead of videobuf. La pérdida de memoria en drivers/media/video/videobuf-core.c en el subsiste... • http://linuxtv.org/irc/v4l/index.php?date=2010-07-29 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2017-16645 – Ubuntu Security Notice USN-3617-3
https://notcve.org/view.php?id=CVE-2017-16645
03 Apr 2017 — The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (ims_pcu_parse_cdc_data out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device. La función ims_pcu_get_cdc_union_desc en drivers/input/misc/ims-pcu.c en el kernel de Linux, en versiones anteriores a la 4.13.11, permite que los usuarios locales provoquen una denegación de servicio (lectura fuera de límites ... • http://www.securityfocus.com/bid/101768 • CWE-125: Out-of-bounds Read •
CVSS: 7.7EPSS: 0%CPEs: 13EXPL: 0CVE-2018-1000026 – kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet
https://notcve.org/view.php?id=CVE-2018-1000026
03 Apr 2017 — Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM.. El kernel de Linux, al menos desde la versión v4.8, contiene una vulnerabilidad de validación de entradas in... • http://lists.openwall.net/netdev/2018/01/16/40 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18204 – Ubuntu Security Notice USN-3617-3
https://notcve.org/view.php?id=CVE-2017-18204
03 Apr 2017 — The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests. La función ocfs2_setattr en fs/ocfs2/file.c en el kernel de Linux, en versiones anteriores a la 4.14.2, permite que usuarios locales provoquen una denegación de servicio (deadlock) mediante peticiones DIO. Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=28f5a8a7c033cbf3e32277f4cc9c6afd74f05300 •