Page 418 of 2885 results (0.020 seconds)

CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0

An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents. Se descubrió un problema en la función proc_pid_stack en fs/proc/base.c en el kernel de Linux hasta la versión 4.18.11. No asegura que solo root pueda inspeccionar la pila del kernel de una tarea arbitraria, lo que permite que un atacante local explote de forma arbitraria el proceso de marcha atrás en la pila a la hora de producirse una excepción (stack unwinding) y filtre el contenido de la pila de tareas del kernel. An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html http://www.securityfocus.com/bid/105525 https://access.redhat.com/errata/RHSA-2019:0512 https://access.redhat.com/errata/RHSA-2019:0514 https://access.redhat.com/errata/RHSA-2019:0831 https://access.redhat.com/errata/RHSA-2019:2473 https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html https://lists.debian.org/debian-lts-ann • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 2

An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable. Se ha encontrado un error de desbordamiento de enteros en la función create_elf_tables() del kernel de Linux. Un usuario local sin privilegios con acceso al binario SUID (o a otro privilegiado) podría emplear este error para escalar sus privilegios en el sistema. • https://www.exploit-db.com/exploits/45516 http://www.openwall.com/lists/oss-security/2021/07/20/2 http://www.securityfocus.com/bid/105407 https://access.redhat.com/errata/RHSA-2018:2748 https://access.redhat.com/errata/RHSA-2018:2763 https://access.redhat.com/errata/RHSA-2018:2846 https://access.redhat.com/errata/RHSA-2018:2924 https://access.redhat.com/errata/RHSA-2018:2925 https://access.redhat.com/errata/RHSA-2018:2933 https://access.redhat.com/errata/RHSA- • CWE-190: Integer Overflow or Wraparound •

CVSS: 8.3EPSS: 0%CPEs: 20EXPL: 0

A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. • http://www.securityfocus.com/bid/105388 https://access.redhat.com/errata/RHSA-2018:3651 https://access.redhat.com/errata/RHSA-2018:3666 https://access.redhat.com/errata/RHSA-2019:1946 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14633 https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.19/scsi-fixes&id=1816494330a83f2a064499d8ed2797045641f92c https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.19/scsi-fixes&id=8c39e2699 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem. Se ha descubierto un problema en el kernel de Linux en versiones anteriores a la 4.8. La comprobación de acceso incorrecta de montajes de overlayfs podría ser empleada por los atacantes locales para modificar o truncar archivos en el sistema de archivos subyacente An issue was discovered in the Linux kernel where an incorrect access check in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem. • http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00033.html http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.securityfocus.com/bid/105394 https://bugzilla.suse.com/show_bug.cgi?id=1106512 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c0ca3d70e8d3cf81e2255a217f7ca402f5ed0862 https://seclists.org/bugtraq/2019/Jul/33 https://security.netapp.com/advisory/ntap-20190204-0001 https://support. • CWE-862: Missing Authorization CWE-863: Incorrect Authorization •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest. Se ha encontrado un error en la forma en la que el hipervisor KVM del kernel de Linux en versiones anteriores a la 4.18 emulaba instrucciones como sgdt/sidt/fxsave/fxrstor. No comprobó el nivel de privilegios actual (CPL) al emular instrucciones sin privilegios. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html https://access.redhat.com/errata/RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2043 https://access.redhat.com/errata/RHSA-2020:0036 https://access.redhat.com/errata/RHSA-2020:0103 https://access.redhat.com/errata/RHSA-2020:0179 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10853 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=129a72a0d3c8e139a04512325384fe5ac119e • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •