Page 446 of 3174 results (0.020 seconds)

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2014-7975 – Kernel: fs: umount denial of service

https://notcve.org/view.php?id=CVE-2014-7975

The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of writability) by making certain unshare system calls, clearing the / MNT_LOCKED flag, and making an MNT_FORCE umount system call. La función do_umount en fs/namespace.c en el kernel de Linux hasta 3.17 no requiere la capacidad CAP_SYS_ADMIN para llamadas do_remount_sb que cambian el sistema de ficheros root a sólo lectura, lo que permite a usuarios locales causar una denegación de servicio (pérdida de la habilidad de escritura) mediante la realización de ciertas llamadas a la liberación de sistemas, la limpieza del indicador / MNT_LOCKED, y la realización de una llamada al sistema umount MNT_FORCE. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ef3a56b1c466629cd0bf482b09c7b0e5a085bb5 http://secunia.com/advisories/60174 http://secunia.com/advisories/61145 http://secunia.com/advisories/62633 http://secunia.com/advisories/62634 http://thread.gmane.org/gmane.linux.kernel.stable/109312 http://www.openwall.com/lists/oss-security/2014/10/08/22 http://www.securityfocus.com/bid/70314 http://www.securitytracker.com/id/1031180 http://www.ubuntu.com/usn/US •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1

CVE-2014-7970 – Kernel: fs: VFS denial of service

https://notcve.org/view.php?id=CVE-2014-7970

The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call. La implementación pivot_root en fs/namespace.c en el kernel de Linux hasta 3.17 no interactúa debidamente con ciertas localizaciones de un directorio chroot, lo que permite a usuarios locales causar una denegación de servicio (bucle de montaje de árbol) a través de valores . (punto) en ambos argumentos en la llamada de sistema pivot_root. • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html http://secunia.com/advisories/60174 http://secunia.com/advisories/61142 http://www.openwall.com/lists/oss-security/2014/10/08/21 http://www.securityfocus.com/bid/70319 http://www.securitytracker.com/id/1030991 http://www.spinics.net/lists/linux-fsdevel/msg79153.html http://www.ubuntu.com/usn/USN-2419-1 http://www.ubuntu.com/usn/USN-2420-1 http://www.ubuntu.com/usn/USN-2513-1 http: • CWE-400: Uncontrolled Resource Consumption •

CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 1

CVE-2012-6657 – Kernel: net: guard tcp_set_keepalive against crash

https://notcve.org/view.php?id=CVE-2012-6657

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket. La función sock_setsockopt en net/core/sock.c en el kernel de Linux anterior a 3.5.7 no asegura que una acción keepalive está asociada con un socket de flujo, lo que permite a usuarios locales causar una denegación de servicio (caída del sistema) mediante el aprovechamiento de la habilidad de crear un socket en bruto. It was found that the Linux kernel's networking implementation did not correctly handle the setting of the keepalive socket option on raw sockets. A local user able to create a raw socket could use this flaw to crash the system. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3e10986d1d698140747fcfc2761ec9cb64c1d582 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://marc.info/?l=bugtraq&m=142722450701342&w=2 http://marc.info/?l=bugtraq&m=142722544401658&w=2 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.7 http://www.openwall.com/lists/oss-security/2014/09&#x • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.1EPSS: 7%CPEs: 8EXPL: 3

CVE-2014-6418

https://notcve.org/view.php?id=CVE-2014-6418

net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor. net/ceph/auth_x.c en Ceph, utilizado en el kernel de Linux anterior a 3.16.3, no valida debidamente las respuestas de autor válidas, lo que permite a atacantes remotos causar una denegación de servicio (caída del sistema) o posiblemente tener otro impacto no especificado a través de datos manipulados de la dirección IP de un monitor Ceph. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c27a3e4d667fdcad3db7b104f75659478e0c68d8 http://tracker.ceph.com/issues/8979 http://tracker.ceph.com/issues/9561 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3 http://www.openwall.com/lists/oss-security/2014/09/15/7 http://www.ubuntu.com/usn/USN-2376-1 http://www.ubuntu.com/usn/USN-2377-1 http://www.ubuntu.com/usn/USN-2378-1 http://www.ubuntu.com/usn/USN • CWE-399: Resource Management Errors •

CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0

CVE-2014-3184 – Kernel: HID: off by one error in various _report_fixup routines

https://notcve.org/view.php?id=CVE-2014-3184

The report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c. Las funciones report_fixup en el subsistema HID en el kernel de Linux anterior a 3.16.2 podrían permitir a atacantes físicamente próximos causar una denegación de servicio (escritura fuera de rango) a través de un dispositivo manipulado que proporciona un descriptor de informes pequeño, relacionado con (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, y (6) drivers/hid/hid-sunplus.c. Multiple out-of-bounds write flaws were found in the way the Cherry Cymotion keyboard driver, KYE/Genius device drivers, Logitech device drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote control driver, and Sunplus wireless desktop driver handled HID reports with an invalid report descriptor size. An attacker with physical access to the system could use either of these flaws to write data past an allocated memory buffer. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ab25786c87eb20857bbb715c3ae34ec8fd6a214 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://rhn.redhat.com/errata/RHSA-2014-1318.html http://rhn.redhat.com/errata/RHSA&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error •