CVSS: 7.0EPSS: 0%CPEs: 9EXPL: 0CVE-2015-8543 – kernel: IPv6 connect causes DoS via NULL pointer dereference
https://notcve.org/view.php?id=CVE-2015-8543
The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application. La implementación de redes en el kernel de Linux hasta la versión 4.3.3, tal como se utiliza en Android y otros productos, no valida identificadores de protocolo para ciertas familias de protocolos, lo que permite a usuarios locales provocar una denegación de servicio (referencia a puntero de función NULL y caída de sistema) o posiblemente obtener privilegios mediante el aprovechamiento de soporte CLONE_NEWUSER para ejecutar una aplicación SOCK_RAW manipulada. A NULL pointer dereference flaw was found in the way the Linux kernel's network subsystem handled socket creation with an invalid protocol identifier. A local user could use this flaw to crash the system. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html http://rhn.redhat.com/errata/RHSA-2016-0855.html http://rhn.redhat.com/errata/RHSA-2016-2574.html http://rhn.redhat.com/errata/RHSA-2016-2584.html http:// • CWE-476: NULL Pointer Dereference •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 4CVE-2013-7446
https://notcve.org/view.php?id=CVE-2013-7446
Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. Vulnerabilidad de uso después de la liberación de la memoria en net/unix/af_unix.c en el kernel de Linux en versiones anteriores a 4.3.3 permite a usuarios locales eludir los permisos destinados al socket AF_UNIX o provocar una denegación de servicio (panic) a través de llamadas epoll_ctl manipuladas. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7d267278a9ece963d77eefec61630223fce08c6c http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00037.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00038.html http://lists.opensuse.org •
CVSS: 2.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7884
https://notcve.org/view.php?id=CVE-2015-7884
The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application. La función vivid_fb_ioctl en drivers/media/platform/vivid/vivid-osd.c en el kernel de Linux hasta la versión 4.3.3 no inicializa cierto miembro de estructura, lo que permite a usuarios locales obtener información sensible de la memoria del kernel a través de una aplicación manipulada. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=eda98796aff0d9bf41094b06811f5def3b4c333c http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html http://www.openwall.com/lists/oss-security/2015/10/21/8 http://www.securityfocus.com/bid/77317 http://www.securitytracker.com/id/1034893 http://www.ubuntu.com/usn/USN-2842-1 http://www.ubuntu.com/usn/USN-2842-2 http://www.ubuntu.com/usn/USN-2843-1 http://www.ubuntu.com/usn/USN&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7885
https://notcve.org/view.php?id=CVE-2015-7885
The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application. La función dgnc_mgmt_ioctl en drivers/staging/dgnc/dgnc_mgmt.c en el kernel de Linux hasta la versión 4.3.3 no inicializa cierto miembro de estructura, lo que permite a usuarios locales obtener información sensible de la memoria del kernel a través de una aplicación manipulada. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4b6184336ebb5c8dc1eae7f7ab46ee608a748b05 http://www.openwall.com/lists/oss-security/2015/10/21/8 http://www.securityfocus.com/bid/77317 http://www.securitytracker.com/id/1034896 http://www.ubuntu.com/usn/USN-2841-1 http://www.ubuntu.com/usn/USN-2841-2 http://www.ubuntu.com/usn/USN-2842-1 http://www.ubuntu.com/usn/USN-2842-2 http://www.ubuntu.com/usn/USN-2843-1 http://www.ubun • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 0CVE-2015-4170 – kernel: pty layer race condition on tty ldisc shutdown.
https://notcve.org/view.php?id=CVE-2015-4170
Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service (ldsem_down_read and ldsem_down_write deadlock) by establishing a new tty thread during shutdown of a previous tty thread. Condición de carrera en la función ldsem_cmpxchg en drivers/tty/tty_ldsem.c en el kernel de Linux en versiones anteriores a 3.13-rc4-next-20131218 permite a usuarios locales provocar una denegación de servicio (interbloqueo de ldsem_down_read y ldsem_down_write) estableciendo un nuevo hilo tty durante la desconexión de un hilo tty previo. A flaw was discovered in the way the Linux kernel's TTY subsystem handled the tty shutdown phase. A local, unprivileged user could use this flaw to cause denial of service on the system by holding a reference to the ldisc lock during tty shutdown, causing a deadlock. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cf872776fc84128bb779ce2b83a37c884c3203ae http://www.openwall.com/lists/oss-security/2015/05/26/1 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/74820 https://access.redhat.com/errata/RHSA-2016:1395 https://bugzilla.redhat.com/show_bug.cgi?id=1218879 https://github.com/torvalds/linux/commit/cf872776fc84128bb779ce2b83a37c884c3203ae https://www.kernel.org/pub/linu • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-667: Improper Locking •