Page 415 of 3325 results (0.040 seconds)

CVSS: 4.6EPSS: 0%CPEs: 10EXPL: 0

CVE-2015-5707

https://notcve.org/view.php?id=CVE-2015-5707

Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. Desbordamiento de entero en la función sg_start_req en drivers/scsi/sg.c en el kernel de Linux 2.6.x hasta la versión 4.x en versiones anteriores a 4.1 permite a usuarios locales provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un valor iov_count grande en una petición de escritura. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=451a2886b6bf90e2fb378f7c46c655450fb96e81 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdc81f45e9f57858da6351836507fbcf1b7583ee http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00026 • CWE-190: Integer Overflow or Wraparound •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-5697

https://notcve.org/view.php?id=CVE-2015-5697

The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call. Vulnerabilidad en la función get_bitmap en drivers/md/md.c en el kernel de Linux en versiones anteriores a 4.1.6, no inicializa una cierta estructura de datos de mapa de bits, lo que permite a usuarios locales obtener información sensible de la memoria del kernel a través de una llamada a GET_BITMAP_FILE de ioctl . • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b6878d9e03043695dbf3fa1caa6dfc09db225b16 http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163661.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163711.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164137.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164193.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html http:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-1333 – kernel: denial of service due to memory leak in add_key()

https://notcve.org/view.php?id=CVE-2015-1333

Memory leak in the __key_link_end function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service (memory consumption) via many add_key system calls that refer to existing keys. Vulnerabilidad de fuga de memoria en la función __key_link_end en security/kesy/keyring.c en el kernel de Linux en versiones anteriores a 4.1.4, permite a usuarios locales causar una denegación de servicio (consumo de memoria) a través de muchas llamadas al sistema add_key que hacen referencia a las claves existentes. It was found that the Linux kernel's keyring implementation would leak memory when adding a key to a keyring via the add_key() function. A local attacker could use this flaw to exhaust all available memory on the system. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca4da5dd1f99fe9c59f1709fb43e818b18ad20e0 http://rhn.redhat.com/errata/RHSA-2015-1778.html http://rhn.redhat.com/errata/RHSA-2015-1787.html http://www.debian.org/security/2015/dsa-3329 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4 http://www.openwall.com/lists/oss-security/2015/07/27/7 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 6.9EPSS: 0%CPEs: 51EXPL: 1

CVE-2015-3214 – QEMU - Programmable Interrupt Timer Controller Heap Overflow

https://notcve.org/view.php?id=CVE-2015-3214

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index. Vulnerabilidad en pit_ioport_read en i8254.c en el kernel de Linux en versiones anteriores a 2.6.33 y en QEMU en versiones anteriores a 2.3.1, no distingue entre longitudes de lectura y longitudes de escritura, lo que podría permitir a los usuarios invitados del SO ejecutar código arbitrario en el host del SO desencadenando el uso de un índice no válido. An out-of-bounds memory access flaw, leading to memory corruption or possibly an information leak, was found in QEMU's pit_ioport_read() function. A privileged guest user in a QEMU guest, which had QEMU PIT emulation enabled, could potentially, in rare cases, use this flaw to execute arbitrary code on the host with the privileges of the hosting QEMU process. • https://www.exploit-db.com/exploits/37990 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee73f656a604d5aa9df86a97102e4e462dd79924 http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.33 http://rhn.redhat.com/errata/RHSA-2015-1507.html http://rhn.redhat.com/errata/RHSA-2015-1508.html http://rhn.redhat.com/errata/RHSA-2015-1512.html http://www.debian.org/security/2015/dsa-3348 http://www.openwall.com/lists/oss-security/2015/06/25/7 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.2EPSS: 0%CPEs: 10EXPL: 0

CVE-2015-5157 – kernel: x86-64: IRET faults during NMIs processing

https://notcve.org/view.php?id=CVE-2015-5157

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI. Vulnerabilidad en arch/x86/entry/entry_64.S en el kernel de Linux en versiones anteriores a 4.1.6 en la plataforma x86_64, no maneja correctamente los fallos IRET procesando NMIs que ocurrieron durante la ejecución en el espacio de usuario, lo que puede permitir a usuarios locales obtener privilegios mediante desencadenamiento de una NMI. A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially (although highly unlikely), escalate their privileges on the system. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b6e6a8334d56354853f9c255d1395c2ba570e0a http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html http://rhn.redhat.com • CWE-264: Permissions, Privileges, and Access Controls CWE-435: Improper Interaction Between Multiple Correctly-Behaving Entities •