Page 428 of 2849 results (0.022 seconds)

CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0

A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this. Se ha detectado un error en el kernel de Linux en versiones anteriores a la 4.12 en la forma en la que el módulo KVM procesó el bit trap flag(TF) en EFLAGS durante la emulación de la instrucción de la llamada del sistema, lo que conduce a que se lance una excepción de depuración (#DB) en la pila invitada. Un usuario/proceso en un invitado podría utilizar este error para escalar sus privilegios en el invitado. • http://www.openwall.com/lists/oss-security/2017/06/23/5 http://www.securityfocus.com/bid/99263 http://www.securitytracker.com/id/1038782 https://access.redhat.com/articles/3290921 https://access.redhat.com/errata/RHSA-2018:0395 https://access.redhat.com/errata/RHSA-2018:0412 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518 https://usn.ubuntu.com/3619-1 https://usn.ubuntu.com/3619-2 https://usn.ubuntu.com/3754-1 https://www.debian.org/security&# • CWE-250: Execution with Unnecessary Privileges CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used. En fs/ocfs2/cluster/nodemanager.c en el kernel de Linux, en versiones anteriores a la 4.15, los usuarios locales pueden provocar una denegación de servicio (desreferencia de puntero NULL y error) debido a que no se emplea un mutex requerido. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=853bc26a7ea39e354b9f8889ae7ad1492ffa28d2 http://www.securityfocus.com/bid/103278 https://github.com/torvalds/linux/commit/853bc26a7ea39e354b9f8889ae7ad1492ffa28d2 https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html https://usn.ubuntu.com/3776-1 https://usn.ubuntu.com/3776-2 https://usn.ubuntu.com/3798-1 https://usn.ubuntu.com/3798-2 https://www.debian.org/security/2018/dsa-4187 https://www.d • CWE-476: NULL Pointer Dereference •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c. El subsistema netfilter en el kernel de Linux, hasta la versión 4.15.7, gestiona de manera incorrecta el caso de una regla blob que contiene un salto pero carece de una cadena definida por el usuario. Esto permite que usuarios locales provoquen una denegación de servicio (DoS) aprovechando las capacidades CAP_NET_RAW o CAP_NET_ADMIN, relacionadas con arpt_do_table en net/ipv4/netfilter/arp_tables.c, ipt_do_table en net/ipv4/netfilter/ip_tables.c y ip6t_do_table en net/ipv6/netfilter/ip6_tables.c. A flaw was found in the netfilter/iptables subsystem. A user with the netfilter modification capabilities could insert a rule which could panic the system. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=57ebd808a97d7c5b1e1afb937c2db22beba3c1f8 http://lists.openwall.net/netdev/2018/01/27/46 http://patchwork.ozlabs.org/patch/870355 http://www.securitytracker.com/id/1040446 https://access.redhat.com/errata/RHSA-2018:2948 https://bugzilla.redhat.com/show_bug.cgi?id=1547824 https://github.com/torvalds/linux/commit/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8 https://usn.ubuntu.com/3654-1 https://usn.ubuntu.com/3654-2 https: • CWE-476: NULL Pointer Dereference •

CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery. El kernel de Linux, en versiones anteriores a la 4.11, es vulnerable a una desreferencia de puntero NULL en fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() que permite que un atacante que controla un servidor CIFS provoque un pánico en un cliente con el servidor montado, debido a que un campo TargetInfo en una respuesta de negociación de instalación NTLMSSP se gestiona de manera incorrecta durante la recuperación de sesión. A flaw was found in the Linux kernel's client-side implementation of the cifs protocol. This flaw allows an attacker controlling the server to kernel panic a client which has the CIFS server mounted. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cabfb3680f78981d26c078a26e5c748531257ebb http://www.securityfocus.com/bid/103378 https://bugzilla.redhat.com/show_bug.cgi?id=1539599 https://github.com/torvalds/linux/commit/cabfb3680f78981d26c078a26e5c748531257ebb https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html https://patchwork.kernel.org/patch/10187633 https://usn.ubuntu.com/3880-1 https:&#x • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash. En el kernel de Linux en versiones anteriores a la 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51 y 3.2.102, un error en la función "_sctp_make_chunk()" (net/sctp/sm_make_chunk.c) al gestionar el tamaño de paquetes SCTP puede explotarse para provocar un cierre inesperado del kernel. An error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP, packet length can be exploited by a malicious local user to cause a kernel crash and a DoS. • https://access.redhat.com/errata/RHSA-2018:1854 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2019:0641 https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.102 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.51 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25 https://cdn.kernel.org/p • CWE-20: Improper Input Validation •