Page 421 of 2861 results (0.012 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-7550

https://notcve.org/view.php?id=CVE-2015-7550

The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel before 4.3.4 does not properly use a semaphore, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted application that leverages a race condition between keyctl_revoke and keyctl_read calls. La función keyctl_read_key en security/keys/keyctl.c en el kernel de Linux en versiones anteriores a 4.3.4 no utiliza adecuadamente un semáforo, lo que permite a usuarios locales provocar una denegación de servicio (referencia a puntero NULL y caída del sistema) o posiblemente tiene otro impacto no especificado a través de una aplicación manipulada que aprovecha una condición de carrera entre llamadas keyctl_revoke y keyctl_read. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b4a1b4f5047e4f54e194681125c74c0aa64d637d http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html http://www.debian.org/security/2016/dsa-3434 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.4 http://www.securityfocus.com/bid/79903 http:/ • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 0

CVE-2015-7513

https://notcve.org/view.php?id=CVE-2015-7513

arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions. arch/x86/kvm/x86.c en el kernel de Linux en versiones anteriores a 4.4 no reinicia los valores del contador PIT durante la restauración del estado, lo que permite a usuarios invitados del SO provocar una denegación de servicio (error de división por cero y caída del host del SO) a través del valor cero, relacionado con las funciones kvm_vm_ioctl_set_pit y kvm_vm_ioctl_set_pit2. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0185604c2d82c560dab2f2933a18f797e74ab5a8 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html http://www.debian.org/security/2016/dsa-3434 http://www.openwall.com/lists/oss-security/2016/01/07/2 http://www.securityfocus.com/bid/79901 ht • CWE-369: Divide By Zero •

CVSS: 2.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-8569

https://notcve.org/view.php?id=CVE-2015-8569

The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application. Las funciones (1) pptp_bind y (2) pptp_connect en drivers/net/ppp/pptp.c en el kernel de Linux hasta la versión 4.3.3 no verifican la longitud de una dirección, lo que permite a usuarios locales obtener información sensible de la memoria del kernel y eludir el mecanismo de protección KASLR a través de una aplicación manipulada. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ccfd238e5a0e670d8178cf50180ea81ae09ae1 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html http://twitter.com/grsecurity/statuses/676744240802750464 http://www.debian.org/security/2016/d • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-7509 – kernel: Mounting ext2 fs e2fsprogs/tests/f_orphan as ext4 crashes system

https://notcve.org/view.php?id=CVE-2015-7509

fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015. fs/ext4/namei.c en el kernel Linux en versiones anteriores a 3.7 permite a atacantes físicamente próximos provocar una denegación de servicio (caída del sistema) a través de un archivo de sistema no-journal manipulado, un problema relacionado con CVE-2013-2015. A flaw was found in the way the Linux kernel's ext4 file system driver handled non-journal file systems with an orphan list. An attacker with physical access to the system could use this flaw to crash the system or, although unlikely, escalate their privileges on the system. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c9b92530a723ac5ef8e352885a1862b18f31b2f5 http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html http://rhn.redhat.com/errata/RHSA-2016-0855.html http://www.securitytracker.com/id/1034559 https://bugzilla.redhat.com/show_bug.cgi?id=1259222 https://bugzilla.su • CWE-20: Improper Input Validation CWE-250: Execution with Unnecessary Privileges •

CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-8374 – kernel: Information leak when truncating of compressed/inlined extents on BTRFS

https://notcve.org/view.php?id=CVE-2015-8374

fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action. fs/btrfs/inode.c en el kernel de Linux en versiones anteriores a 4.3.3 no maneja correctamente extensiones en línea comprimidas, lo que permite a usuarios locales obtener información sensible previa al truncamiento desde un archivo a través de una acción clone. An information-leak vulnerability was found in the kernel when it truncated a file to a smaller size which consisted of an inline extent that was compressed. The data between the new file size and the old file size was not discarded and the number of bytes used by the inode were not correctly decremented, which gave the wrong report for callers of the stat(2) syscall. This wasted metadata space and allowed for the truncated data to be leaked, and data corruption or loss to occur. A caller of the clone ioctl could exploit this flaw by using only standard file-system operations without root access to read the truncated data. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0305cd5f7fca85dae392b9ba85b116896eb7c1c7 http://rhn.redhat.com/errata/RHSA-2016-2574.html http://rhn.redhat.com/errata/RHSA-2016-2584.html http://www.debian.org/security/2015/dsa-3426 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3 http://www.openwall.com/lists/oss-security/2015/11/27/2 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html http://www.oracle.co • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •