CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8324 – kernel: Null pointer dereference when mounting ext4
https://notcve.org/view.php?id=CVE-2015-8324
02 May 2016 — The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a crafted USB device, related to the ext4_fill_super function. La implementación de ext4 en el kernel de Linux en versiones anteriores a 2.6.34 no rastrea correctamente la inicalización de determinadas estructuras de datos, lo que permite a atacantes físicamente próxim... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=744692dc059845b2a3022119871846e74d4f6e11 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2012-6689 – libmnl: incorrect validation of netlink message origin allows attackers to spoof netlink messages
https://notcve.org/view.php?id=CVE-2012-6689
02 May 2016 — The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux kernel before 3.5.5 does not validate the dst_pid field, which allows local users to have an unspecified impact by spoofing Netlink messages. La función netlink_sendmsg en net/netlink/af_netlink.c en el kernel de Linux en versiones anteriores a 3.5.5 no valida el campo dst_pid, lo que permite a usuarios locales tener un impacto no especificado suplantando mensajes Netlink. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=20e1db19db5d6b9e4e83021595eab0dc8f107bef • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2008-7316
https://notcve.org/view.php?id=CVE-2008-7316
02 May 2016 — mm/filemap.c in the Linux kernel before 2.6.25 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers an iovec of zero length, followed by a page fault for an iovec of nonzero length. mm/filemap.c en el kernel de Linux en versiones anteriores a 2.6.25 permite a usuarios locales provocar una denegación de servicio (bucle infinito) a través de una llamada a sistema writev que desencadena un iovec de longitud cero, seguido por un fallo de página para un iovec de ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=124d3b7041f9a0ca7c43a6293e1cae4576c32fd5 • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 1%CPEs: 9EXPL: 1CVE-2015-7515 – Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - 'aiptek' Nullpointer Dereference
https://notcve.org/view.php?id=CVE-2015-7515
27 Apr 2016 — The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel before 4.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints. La función aiptek_probe en drivers/input/tablet/aiptek.c en el Kernel de Linux en versiones anteriores a 4.4 permite a atacantes físicamente próximos provocar una denegación de servicio (referencia a puntero NULL y caída de sistema) a través de un dispositivo USB ... • https://www.exploit-db.com/exploits/39544 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2015-8845 – kernel: incorrect restoration of machine specific registers from userspace
https://notcve.org/view.php?id=CVE-2015-8845
27 Apr 2016 — The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application. La función tm_reclaim_thread en arch/powerpc/kernel/process.c en el Kernel de Linux en versiones anteriores a 4.4.1 sobre plataformas powerpc no asegura que exista el modo TM suspend antes de ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142 • CWE-284: Improper Access Control CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8844 – kernel: incorrect restoration of machine specific registers from userspace
https://notcve.org/view.php?id=CVE-2015-8844
27 Apr 2016 — The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application. La implementación de signal en el Kernel de Linux en versiones anteriores a 4.3.5 sobre plataformas powerpc no verifica que exista un MSR con los bits S y T establecidos, lo que permite a usuarios locales provocar una denegación de servicio (excepción TM Bad... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d2b9d2a5ad5ef04ff978c9923d19730cb05efd55 • CWE-20: Improper Input Validation CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2016-3156 – kernel: ipv4: denial of service when destroying a network interface
https://notcve.org/view.php?id=CVE-2016-3156
27 Apr 2016 — The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses. La implementación IPv4 en el kernel de Linux en versiones anteriores a 4.5.2 no maneja adecuadamente la destrucción de objetos de dispositivo, lo que permite a usuarios del SO invitado provocar una denegación de servicio (corte de la red del sistema operativo anfitrión) disponie... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fbd40ea0180a2d328c5adc61414dc8bab9335ce2 • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2016-2143 – kernel: Fork of large process causes memory corruption
https://notcve.org/view.php?id=CVE-2016-2143
27 Apr 2016 — The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h. La implementación fork en el kernel de Linux en versiones anteriores a 4.5 en la plataforma s390 no maneja correctamente el caso de los cuatro niveles de la tabla de pági... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3446c13b268af86391d06611327006b059b8bab1 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2015-1339 – openSUSE Security Advisory - openSUSE-SU-2016:1008-1
https://notcve.org/view.php?id=CVE-2015-1339
12 Apr 2016 — Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times. Fuga de memoria en la función cuse_channel_release en fs/fuse/cuse.c en el kernel de Linux en versiones anteriores a 4.4 permite a usuarios locales provocar una denegación de servicio (consumo de memoria) o posiblemente tener otro impacto no especificado abriendo /dev/c... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c5816b4beccc8ba709144539f6fdd764f8fa49c • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2003-1604 – openSUSE Security Advisory - openSUSE-SU-2016:1008-1
https://notcve.org/view.php?id=CVE-2003-1604
12 Apr 2016 — The redirect_target function in net/ipv4/netfilter/ipt_REDIRECT.c in the Linux kernel before 2.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending packets to an interface that has a 0.0.0.0 IP address, a related issue to CVE-2015-8787. La función redirect_target en net/ipv4/netfilter/ipt_REDIRECT.c en el kernel de Linux en versiones anteriores a 2.6.0 permite a atacantes remotos to provocar una denegación de servicio (referencia a puntero NULL y OOPS) envi... • http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html •