CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-10940 – kernel: incorrect memory bounds check in drivers/cdrom/cdrom.c
https://notcve.org/view.php?id=CVE-2018-10940
The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory. La función cdrom_ioctl_media_changed en drivers/cdrom/cdrom.c en el kernel de Linux en versiones anteriores a la 4.16.6 permite que atacantes locales empleen una comprobación de límites incorrecta en el ioctl CDROM_MEDIA_CHANGED del controlador CDROM para leer la memoria del kernel. A flaw was found in the Linux kernel, before 4.16.6 where the cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9de4ee40547fd315d4a0ed1dd15a2fa3559ad707 http://www.securityfocus.com/bid/104154 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://github.com/torvalds/linux/commit/9de4ee40547fd315d4a0ed1dd15a2fa3559ad707 https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html https://lists.debian.org/debian-lts-announce/2018/07/msg • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 1CVE-2018-1000199 – kernel: ptrace() incorrect error handling leads to corruption and DoS
https://notcve.org/view.php?id=CVE-2018-1000199
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f. El kernel de Linux en su versión 3.18 contiene una vulnerabilidad de funcionalidad peligrosa en modify_user_hw_breakpoint() que puede resultar en un cierre inesperado y en una posible corrupción de memoria. El ataque parece ser explotable mediante la ejecución de código local y la capacidad de usar ptrace. • https://github.com/dsfau/CVE-2018-1000199 http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html http://www.securitytracker.com/id/1040806 https://access.redhat.com/errata/RHSA-2018:1318 https://access.redhat.com/errata/RHSA-2018:1345 https://access.redhat.com/errata/RHSA-2018:1347 https://access.redhat.com/errata/RHSA-2018:1348 https://access.redhat.com/errata/RHSA-2018:1354 https://access.redhat.com/errata/RHSA-2018:1355 https://access.redhat.com/err • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-460: Improper Cleanup on Thrown Exception •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0CVE-2018-10675 – kernel: mm: use-after-free in do_get_mempolicy function allows local DoS or other unspecified impact
https://notcve.org/view.php?id=CVE-2018-10675
The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls. La función do_get_mempolicy en mm/mempolicy.c en el kernel de Linux, en versiones anteriores a la 4.12.9, permite que los usuarios locales provoquen una denegación de servicio (uso de memoria previamente liberada) o, posiblemente, causen otros impactos no especificados mediante llamadas del sistema manipuladas. The do_get_mempolicy() function in mm/mempolicy.c in the Linux kernel allows local users to hit a use-after-free bug via crafted system calls and thus cause a denial of service (DoS) or possibly have unspecified other impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=73223e4e2e3867ebf033a5a8eb2e5df0158ccc99 http://www.securityfocus.com/bid/104093 https://access.redhat.com/errata/RHSA-2018:2164 https://access.redhat.com/errata/RHSA-2018:2384 https://access.redhat.com/errata/RHSA-2018:2395 https://access.redhat.com/errata/RHSA-2018:2785 https://access.redhat.com/errata/RHSA-2018:2791 https://access.redhat.com/errata/RHSA-2018:2924 https://access.redhat.com/errata/RHSA-2018& • CWE-416: Use After Free •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2018-1108 – Linux RNG Flaws
https://notcve.org/view.php?id=CVE-2018-1108
kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. Los controladores de kernel, en versiones anteriores a la 4.17-rc1, son vulnerables a una debilidad en la implementación del kernel de Linux de datos de semilla aleatorios. Los programas, en un estado de arranque temprano, podrían emplear los datos asignados a la semilla antes de que se haya generado lo suficiente. There are several issues in drivers/char/random.c, in particular related to the behavior of the /dev/urandom RNG during and shortly after boot. • http://www.securityfocus.com/bid/104055 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1108 https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://usn.ubuntu.com/3718-1 https://usn.ubuntu.com/3718-2 https://usn.ubuntu.com/3752-1 https://usn.ubuntu.com/3752-2 https://usn.ubuntu.com/3752-3 https://www.debian.org/security/2018/dsa-4188 • CWE-330: Use of Insufficiently Random Values •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-10323
https://notcve.org/view.php?id=CVE-2018-10323
The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image. La función xfs_bmap_extents_to_btree en fs/xfs/libxfs/xfs_bmap.c en el kernel de Linux, hasta la versión 4.16.3, permite que usuarios locales provoquen una denegación de servicio (desreferencia de puntero NULL en xfs_bmapi_write) mediante una imagen xfs manipulada. • http://www.securityfocus.com/bid/103959 https://bugzilla.kernel.org/show_bug.cgi?id=199423 https://usn.ubuntu.com/3752-1 https://usn.ubuntu.com/3752-2 https://usn.ubuntu.com/3752-3 https://usn.ubuntu.com/3754-1 https://usn.ubuntu.com/4486-1 https://www.debian.org/security/2018/dsa-4188 https://www.spinics.net/lists/linux-xfs/msg17254.html • CWE-476: NULL Pointer Dereference •