CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6951 – kernel: NULL pointer dereference in keyring_search_aux function
https://notcve.org/view.php?id=CVE-2017-6951
16 Mar 2017 — The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type. La función keyring_search_aux en security/keys/keyring.c en el kernel de Linux hasta la versión 3.14.79 permite a usuarios locales provocar una denegación de servicio (referencia a puntero NULL y OOPS) a través de una llamada al sistema request_key para el tipo "muerte". The keyrin... • http://www.securityfocus.com/bid/96943 • CWE-476: NULL Pointer Dereference •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6874
https://notcve.org/view.php?id=CVE-2017-6874
14 Mar 2017 — Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls that leverage certain decrement behavior that causes incorrect interaction between put_ucounts and get_ucounts. Condición de carrera en kernel/ucount.c en el kernel de Linux hasta la versión 4.10.2 permite a usuarios locales provocar una denegación de servicio (uso después de liberación y caíd... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=040757f738e13caaa9c5078bca79aa97e11dde88 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0306
https://notcve.org/view.php?id=CVE-2017-0306
08 Mar 2017 — An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-34132950. • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0307
https://notcve.org/view.php?id=CVE-2017-0307
08 Mar 2017 — An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33177895. • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0333
https://notcve.org/view.php?id=CVE-2017-0333
08 Mar 2017 — An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33899363. • http://www.securityfocus.com/bid/96723 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0334
https://notcve.org/view.php?id=CVE-2017-0334
08 Mar 2017 — An information disclosure vulnerability in the NVIDIA GPU driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.18. Android ID: A-33245849. • http://www.securitytracker.com/id/1037968 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0335
https://notcve.org/view.php?id=CVE-2017-0335
08 Mar 2017 — An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33043375. • http://www.securityfocus.com/bid/96723 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0336
https://notcve.org/view.php?id=CVE-2017-0336
08 Mar 2017 — An information disclosure vulnerability in the NVIDIA GPU driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.18. Android ID: A-33042679. • http://www.securitytracker.com/id/1037968 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0337
https://notcve.org/view.php?id=CVE-2017-0337
08 Mar 2017 — An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-31992762. • http://www.securityfocus.com/bid/96723 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0338
https://notcve.org/view.php?id=CVE-2017-0338
08 Mar 2017 — An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33057977. • http://www.securityfocus.com/bid/96723 •