Page 423 of 2856 results (0.013 seconds)

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1

The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image. La función xfs_bmap_extents_to_btree en fs/xfs/libxfs/xfs_bmap.c en el kernel de Linux, hasta la versión 4.16.3, permite que usuarios locales provoquen una denegación de servicio (desreferencia de puntero NULL en xfs_bmapi_write) mediante una imagen xfs manipulada. • http://www.securityfocus.com/bid/103959 https://bugzilla.kernel.org/show_bug.cgi?id=199423 https://usn.ubuntu.com/3752-1 https://usn.ubuntu.com/3752-2 https://usn.ubuntu.com/3752-3 https://usn.ubuntu.com/3754-1 https://usn.ubuntu.com/4486-1 https://www.debian.org/security/2018/dsa-4188 https://www.spinics.net/lists/linux-xfs/msg17254.html • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1

The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image. La función xfs_dinode_verify en fs/xfs/libxfs/xfs_inode_buf.c en el kernel de Linux, hasta la versión 4.16.3, permite que usuarios locales provoquen una denegación de servicio (desreferencia de puntero inválido en xfs_ilock_attr_map_shared) mediante una imagen xfs manipulada. The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel can cause a NULL pointer dereference in xfs_ilock_attr_map_shared function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted xfs filesystem image to cause a kernel panic and thus a denial of service. • http://www.securityfocus.com/bid/103960 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://bugzilla.kernel.org/show_bug.cgi?id=199377 https://usn.ubuntu.com/4578-1 https://usn.ubuntu.com/4579-1 https://www.spinics.net/lists/linux-xfs/msg17215.html https://access.redhat.com/security/cve/CVE-2018-10322 https://bugzilla.redhat.com/show_bug.cgi?id=1571623 • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0

The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space. La función udl_fb_mmap en drivers/gpu/drm/udl/udl_fb.c en el kernel de Linux en su versión 3.4 y hasta e incluyendo la versión 4.15 tiene una vulnerabilidad de desbordamiento de enteros que permite que usuarios locales con acceso al controlador udldrmfb obtengan permisos totales de lectura y escritura en páginas físicas del kernel, lo que resulta en la ejecución de código en el espacio del kernel. A an integer overflow vulnerability was discovered in the Linux kernel, from version 3.4 through 4.15, in the drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() function. An attacker with access to the udldrmfb driver could exploit this to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space. • https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html https://patchwork.freedesktop.org/patch/211845 https://research.checkpoint.com/mmap-vulnerabilities-linux-kernel https://usn.ubuntu.com/3654-1 https://usn.ubuntu.com/3654-2 https://usn.ubuntu.com/3656-1 https://usn.ubuntu.com/3674-1 https://usn.ubuntu.com&#x • CWE-190: Integer Overflow or Wraparound •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The arch_timer_reg_read_stable macro in arch/arm64/include/asm/arch_timer.h in the Linux kernel before 4.13 allows local users to cause a denial of service (infinite recursion) by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace, PREEMPT_TRACER, and FUNCTION_GRAPH_TRACER. La macro arch_timer_reg_read_stable en arch/arm64/include/asm/arch_timer.h en el kernel de Linux, en versiones anteriores a la 4.13, permite que usuarios locales provoquen una denegación de servicio (recursión infinita) escribiendo en un archivo en /sys/kernel/debug en ciertas circunstancias, tal y como se demuestra por un escenario que implica debugfs, ftrace, PREEMPT_TRACER y FUNCTION_GRAPH_TRACER. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=adb4f11e0a8f4e29900adb2b7af28b6bbd5c1fa4 https://github.com/torvalds/linux/commit/adb4f11e0a8f4e29900adb2b7af28b6bbd5c1fa4 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1

The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument. La función kill_something_info en kernel/signal.c en el kernel de Linux, en versiones anteriores a la 4.13, cuando se emplea una arquitectura y un compilador sin especificar, podría permitir que usuarios locales provoquen una denegación de servicio (DoS) mediante un argumento INT_MIN. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4ea77014af0d6205b05503d1c7aac6eace11d473 http://www.securitytracker.com/id/1040684 https://github.com/torvalds/linux/commit/4ea77014af0d6205b05503d1c7aac6eace11d473 https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html https://news.ycombinator.com/item?id=2972021 https://usn.ubuntu.com/3696-1 https://usn.ubuntu.com/3696-2 https://usn.ubuntu.com/3754-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •