CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2017-16528 – Ubuntu Security Notice USN-3619-1
https://notcve.org/view.php?id=CVE-2017-16528
04 Nov 2017 — sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device. sound/core/seq_device.c en el kernel de Linux, en versiones anteriores a la 4.13.4, permite que los usuarios locales provoquen una denegación de servicio (uso de memoria previamente liberada snd_rawmidi_dev_seq_free y cierre inesperado del sistema) o, posiblemente, causen otros ... • https://github.com/torvalds/linux/commit/fc27fe7e8deef2f37cba3f2be2d52b6ca5eb9d57 • CWE-416: Use After Free •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2017-16535 – Ubuntu Security Notice USN-3485-2
https://notcve.org/view.php?id=CVE-2017-16535
04 Nov 2017 — The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel before 4.13.10 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device. La función usb_get_bos_descriptor en drivers/usb/core/config.c en el kernel de Linux, en versiones anteriores a la 4.13.10, permite que los usuarios locales provoquen una denegación de servicio (lectura fuera de límites y cierre inesperado del sistema) o, po... • http://www.securityfocus.com/bid/102022 • CWE-125: Out-of-bounds Read •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2017-16536 – Ubuntu Security Notice USN-3619-1
https://notcve.org/view.php?id=CVE-2017-16536
04 Nov 2017 — The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device. La función cx231xx_usb_probe en drivers/media/usb/cx231xx/cx231xx-cards.c en el kernel de Linux, en versiones hasta la 4.13.11, permite que los usuarios locales provoquen una denegación de servicio (desreferencia de puntero NULL y cierre in... • https://groups.google.com/d/msg/syzkaller/WlUAVfDvpRk/1V1xuEA4AgAJ • CWE-476: NULL Pointer Dereference •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2017-16534 – Ubuntu Security Notice USN-3485-2
https://notcve.org/view.php?id=CVE-2017-16534
04 Nov 2017 — The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device. La función cdc_parse_cdc_header en drivers/usb/core/message.c en el kernel de Linux, en versiones anteriores a la 4.13.6, permite que los usuarios locales provoquen una denegación de servicio (lectura fuera de límites y cierre inesperado del sistema) o, posibl... • http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 0CVE-2017-16525 – Ubuntu Security Notice USN-3485-2
https://notcve.org/view.php?id=CVE-2017-16525
04 Nov 2017 — The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup. La función usb_serial_console_disconnect en drivers/usb/serial/console.c en el kernel de Linux, en versiones anteriores a la 4.13.8, permite que los usuarios locales provoquen una denegación de servicio (uso de... • http://www.securityfocus.com/bid/102028 • CWE-416: Use After Free •
CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2017-16527 – Ubuntu Security Notice USN-3485-2
https://notcve.org/view.php?id=CVE-2017-16527
04 Nov 2017 — sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device. sound/usb/mixer.c en el kernel de Linux, en versiones anteriores a la 4.13.8, permite que los usuarios locales provoquen una denegación de servicio (uso de memoria previamente liberada snd_usb_mixer_interrupt y cierre inesperado del sistema) o, posiblemente, causen otros impactos no es... • https://github.com/torvalds/linux/commit/124751d5e63c823092060074bd0abaae61aaa9c4 • CWE-416: Use After Free •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2017-16530 – Ubuntu Security Notice USN-3485-2
https://notcve.org/view.php?id=CVE-2017-16530
04 Nov 2017 — The uas driver in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to drivers/usb/storage/uas-detect.h and drivers/usb/storage/uas.c. El controlador uas en el kernel de Linux, en versiones anteriores a la 4.13.6, permite que los usuarios locales provoquen una denegación de servicio (lectura fuera de límites y cierre inesperado del sistema) o, posiblemente, causen ot... • https://github.com/torvalds/linux/commit/786de92b3cb26012d3d0f00ee37adf14527f35c4 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-5331
https://notcve.org/view.php?id=CVE-2006-5331
29 Oct 2017 — The altivec_unavailable_exception function in arch/powerpc/kernel/traps.c in the Linux kernel before 2.6.19 on 64-bit systems mishandles the case where CONFIG_ALTIVEC is defined and the CPU actually supports Altivec, but the Altivec support was not detected by the kernel, which allows local users to cause a denial of service (panic) by triggering execution of an Altivec instruction. La función altivec_unavailable_exception en arch/powerpc/kernel/traps.c en el kernel de Linux en versiones anteriores a la 2.6... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6c4841c2b6c32a134f9f36e5e08857138cc12b10 • CWE-19: Data Processing Errors •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-15951 – Ubuntu Security Notice USN-3485-2
https://notcve.org/view.php?id=CVE-2017-15951
28 Oct 2017 — The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls. El subsistema KEYS en el kernel de Linux en versiones anteriores a la 4.13.10 no sincroniza correctamente las acciones de actualización con las de detección de una clave en el estado "negative" para evitar una... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=363b02dab09b3226f3bd1420dad9c72b79a42a76 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 10CVE-2017-5123 – Linux Kernel 4.13 (Ubuntu 17.10) - 'waitid()' SMEP/SMAP/Chrome Sandbox Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-5123
25 Oct 2017 — Insufficient data validation in waitid allowed an user to escape sandboxes on Linux. Una comprobación de datos insuficiente en waitid permitía a un usuario escapar de los sandbox en Linux • https://packetstorm.news/files/id/144904 • CWE-20: Improper Input Validation •