CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6348
https://notcve.org/view.php?id=CVE-2017-6348
01 Mar 2017 — The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices. La función hashben_delete en net/irda/irqueue.c en el kernel de Linux en versiones anteriores a 4.9.13 administra incorrectamente el soltado del bloqueo, lo que permite a usuarios locales provocar una denegación de servicio (punto muerto) a través de operaciones manipuladas en los disposi... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4c03b862b12f980456f9de92db6d508a4999b788 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6353
https://notcve.org/view.php?id=CVE-2017-6353
01 Mar 2017 — net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986. net/sctp/socket.c en el kernel de Linux en versiones hasta 4.10.1 no restringe adecuadamente las operaciones de despegue de la asociación durante varios estados de espera, l... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfcb9f4f99f1e9a49e43398a7bfbf56927544af1 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-5669
https://notcve.org/view.php?id=CVE-2017-5669
24 Feb 2017 — The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context. La función do_shmat en ipc/shm.c en el kernel de Linux hasta la versión 4.9.12 no restringe la dirección calculada por cierta operación de redondeo, lo que permite a u... • http://www.debian.org/security/2017/dsa-3804 •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2017-2618 – kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate)
https://notcve.org/view.php?id=CVE-2017-2618
23 Feb 2017 — A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. Se ha encontrado un fallo en el manejo del kernel de Linux para borrar los atributos SELinux de los ficheros /proc/pid/attr en versiones anteriores a la 4.9.10. Una escritura vacía (null) en este archivo puede cerrar de manera inesperada el sistema haciendo que el sistem... • http://www.securityfocus.com/bid/96272 • CWE-193: Off-by-one Error CWE-682: Incorrect Calculation •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2017-5897
https://notcve.org/view.php?id=CVE-2017-5897
23 Feb 2017 — The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access. La función ip6gre_err en net/ipv6/ip6_gre.c en el kernel de Linux permite a atacantes remotos tener impacto no especificado a través de vectores involucrando indicadores GRE flags en un paquete IPv6, que desencadenan un acceso fuera de los límites. • http://www.debian.org/security/2017/dsa-3791 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0CVE-2017-6214 – kernel: ipv4/tcp: Infinite loop in tcp_splice_read()
https://notcve.org/view.php?id=CVE-2017-6214
23 Feb 2017 — The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag. La función tcp_splice_read en net/ipv4/tcp.c en el kernel de Linux en versiones anteriores a 4.9.11 permite a atacantes remotos provocar una denegación de servicio (bucle infinito y bloqueo débil) a través de vectores que involucran un paquete TCP con la bandera URG. A flaw was found in the ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2016-8636
https://notcve.org/view.php?id=CVE-2016-8636
22 Feb 2017 — Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read request involving the "RDMA protocol over infiniband" (aka Soft RoCE) technology. Desbordamiento de entero en la función mem_check_range en drivers/infiniband/sw/rxe/rxe_mr.c en el kernel de Linux en versiones a... • https://github.com/jigerjain/Integer-Overflow-test • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5986 – kernel: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf
https://notcve.org/view.php?id=CVE-2017-5986
18 Feb 2017 — Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state. Condición de carrera en la función sctp_wait_for_sndbuf en net/sctp/socket.c en el kernel de Linux en versiones anteriores a 4.9.11 permite a usuarios locales provocar una denegación de servicio (fallo de aserción y pánico) a través ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2dcab598484185dea7ec22219c76dcdd59e3cb90 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 4CVE-2017-6074 – Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free (PoC)
https://notcve.org/view.php?id=CVE-2017-6074
18 Feb 2017 — The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call. La función dccp_rcv_state_process en net/dccp/input.c en el kernel de Linux hasta la versión 4.9.11 no maneja adecuadamente estructuras de paquetes de datos DCCP_PKT_REQUEST en el e... • https://www.exploit-db.com/exploits/41457 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6001 – kernel: Race condition between multiple sys_perf_event_open() calls
https://notcve.org/view.php?id=CVE-2017-6001
18 Feb 2017 — Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786. Condición de carrera en kernel/events/core.c en el kernel de Linux en versiones anteriores a 4.9.7 permite a usuarios locales obtener privilegios a través de una aplicación manipulada que hace... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=321027c1fe77f892f4ea07846aeae08cefbbb290 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •