CVE-2017-15306 – Kernel: KVM: oops when checking KVM_CAP_PPC_HTM on PPC platform
https://notcve.org/view.php?id=CVE-2017-15306
The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM ioctl call to /dev/kvm. La función kvm_vm_ioctl_check_extension en arch/powerpc/kvm/powerpc.c en el kernel de Linux, en versiones anteriores a la 4.13.11, permite que los usuarios locales provoquen una denegación de servicio (desreferencia de puntero NULL y cierre inesperado del sistema) mediante una llamada ioctl KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM a /dev/kvm. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ac64115a66c18c01745bbd3c47a36b124e5fd8c0 http://openwall.com/lists/oss-security/2017/11/06/6 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.11 http://www.securityfocus.com/bid/101693 https://github.com/torvalds/linux/commit/ac64115a66c18c01745bbd3c47a36b124e5fd8c0 https://access.redhat.com/security/cve/CVE-2017-15306 https://bugzilla.redhat.com/show_bug.cgi?id=1510399 • CWE-476: NULL Pointer Dereference •
CVE-2017-16533
https://notcve.org/view.php?id=CVE-2017-16533
The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device. La función usbhid_parse en drivers/hid/usbhid/hid-core.c en el kernel de Linux, en versiones anteriores a la 4.13.8, permite que los usuarios locales provoquen una denegación de servicio (lectura fuera de límites y cierre inesperado del sistema) o, posiblemente, causen otros impactos no especificados mediante llamadas del sistema manipuladas. • http://www.securityfocus.com/bid/102026 https://github.com/torvalds/linux/commit/f043bfc98c193c284e2cd768fefabe18ac2fed9b https://groups.google.com/d/msg/syzkaller/CxkJ9QZgwlM/O3IOvAaGAwAJ https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html https://usn.ubuntu.com/3754-1 • CWE-125: Out-of-bounds Read •
CVE-2017-16529
https://notcve.org/view.php?id=CVE-2017-16529
The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device. La función snd_usb_create_streams en sound/usb/card.c en el kernel de Linux, en versiones anteriores a la 4.13.6, permite que los usuarios locales provoquen una denegación de servicio (lectura fuera de límites y cierre inesperado del sistema) o, posiblemente, causen otros impactos no especificados mediante llamadas del sistema manipuladas. • http://www.securityfocus.com/bid/103284 https://github.com/torvalds/linux/commit/bfc81a8bc18e3c4ba0cbaa7666ff76be2f998991 https://groups.google.com/d/msg/syzkaller/rDzv5RP_f2M/M5au06qmAwAJ https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html https://usn.ubuntu.com/3754-1 • CWE-125: Out-of-bounds Read •
CVE-2017-16526
https://notcve.org/view.php?id=CVE-2017-16526
drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device. drivers/uwb/uwbd.c en el kernel de Linux, en versiones anteriores a la 4.13.6, permite que los usuarios locales provoquen una denegación de servicio (fallo de protección general y cierre inesperado del sistema) o, posiblemente, causen otros impactos no especificados mediante llamadas del sistema manipuladas. • https://github.com/torvalds/linux/commit/bbf26183b7a6236ba602f4d6a2f7cade35bba043 https://groups.google.com/d/msg/syzkaller/zROBxKXzHDk/5I6aZ3O2AgAJ https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html https://usn.ubuntu.com/3754-1 https://www.debian.org/security/2018/dsa-4187 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-16531
https://notcve.org/view.php?id=CVE-2017-16531
drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to the USB_DT_INTERFACE_ASSOCIATION descriptor. drivers/usb/core/config.c en el kernel de Linux, en versiones anteriores a la 4.13.6, permite que los usuarios locales provoquen una denegación de servicio (lectura fuera de límites y cierre inesperado del sistema) o, posiblemente, causen otros impactos no especificados mediante llamadas del sistema manipuladas que utilizan un descriptor USB_DT_INTERFACE_ASSOCIATION. • http://www.securityfocus.com/bid/102025 https://github.com/torvalds/linux/commit/bd7a3fe770ebd8391d1c7d072ff88e9e76d063eb https://groups.google.com/d/msg/syzkaller/hP6L-m59m_8/Co2ouWeFAwAJ https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html https://usn.ubuntu.com/3754-1 https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •