Page 438 of 3260 results (0.022 seconds)

CVSS: 7.8EPSS: 22%CPEs: 14EXPL: 0

The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood. Vulnerabilidad en las funciones (1) udp_recvmsg y (2) udpv6_recvmsg en el kernel de Linux en versiones anteriores a 4.0.6, no considera adecuadamente ceder un procesador, lo que permite a atacantes remotos causar una denegación de servicio (colgado del sistema) a través de sumas de comprobación incorrectas dentro de una inundación de paquetes UDP. A flaw was found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=beb39db59d14990e401e235faf66a6b9b31240b0 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html http://lists.opensuse.org/opensuse&# • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call. Vulnerabilidad en la función kvm_apic_has_events en arch/x86/kvm/lapic.h en el Kernel de Linux hasta la versión 4.1.3, permite a usuarios locales causar una denegación de servicio (mediante la referencia a un puntero NULO y una caída del sistema) o posiblemente tener otro impacto no especificado a través del aprovechamiento de acceso a /dev/kvm para una llamada ioctl. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009 http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html http://www.debian.org/security/2015/dsa-3329 http://www.openwall.com/lists/oss-securit •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The tty_open function in drivers/tty/tty_io.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted access to a device file under the /dev/pts directory. La función tty_open en drivers/tty/tty_io.c en el kernel de Linux en versiones anteriores a 3.1.1 no maneja adecuadamente un fallo de búsqueda de controlador, lo que permite a usuarios locales provocar una denegación de servicio (referencia a puntero NULL y caída de sistema) o posiblemente tener otro impacto no especificado a través de acceso manipulado a un archivo de dispositivo bajo el directorio /dev/pts. A NULL pointer dereference flaw was found in the way the Linux kernel's virtual console implementation handled reference counting when accessing pseudo-terminal device files (/dev/pts/*). A local, unprivileged attacker could use this flaw to crash the system. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c290f8358acaeffd8e0c551ddcc24d1206143376 http://rhn.redhat.com/errata/RHSA-2015-1221.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.1 http://www.openwall.com/lists/oss-security/2015/03/13/17 https://bugzilla.redhat.com/show_bug.cgi?id=1201887 https://github.com/torvalds/linux/commit/c290f8358acaeffd8e0c551ddcc24d1206143376 https://access.redhat.com/security/cve/CVE-2011-5321 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler. Vulnerabilidad en la función bpf_int_jit_compile en arch/x86/net/bpf_jit_comp.c en el kernel de Linux en versiones anteriores a 4.0.6, permite a usuarios locales causar una denegación de servicio (caída del sistema) mediante la creación de un filtro de paquetes y después cargando instrucciones BPF manipuladas que desencadenan la convergencia tardía por el compilador JIT. A flaw was found in the kernel's implementation of the Berkeley Packet Filter (BPF). A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly optimize the JIT image on the last pass. This would lead to the CPU executing instructions that were not part of the JIT code. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3f7352bf21f8fd7ba3e2fcef9488756f188e12be http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html http://lists.opensuse.org • CWE-17: DEPRECATED: Code CWE-665: Improper Initialization •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The nft_flush_table function in net/netfilter/nf_tables_api.c in the Linux kernel before 3.18.5 mishandles the interaction between cross-chain jumps and ruleset flushes, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability. La función nft_flush_table en net/netfilter/nf_tables_api.c en el kernel de Linux en versiones anteriores a 3.18.5 no maneja adecuadamente la interacción entre saltos cross-chain y borrado de conjuntos de reglas, lo que permite a usuarios locales provocar una denegación de servicio (pánico) aprovechando la capacidad CAP_NET_ADMIN. A flaw was found in the way the nft_flush_table() function of the Linux kernel's netfilter tables implementation flushed rules that were referencing deleted chains. A local user who has the CAP_NET_ADMIN capability could use this flaw to crash the system. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a2f18db0c68fec96631c10cad9384c196e9008ac http://rhn.redhat.com/errata/RHSA-2015-1137.html http://rhn.redhat.com/errata/RHSA-2015-1138.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.5 http://www.openwall.com/lists/oss-security/2015/02/10/13 http://www.securityfocus.com/bid/72552 https://bugzilla.redhat.com/show_bug.cgi?id=1190966 https://github.com/torvalds/linux/commit/a2f18db0c68fec9 • CWE-19: Data Processing Errors CWE-416: Use After Free •