Page 449 of 2775 results (0.020 seconds)

CVSS: 6.0EPSS: 0%CPEs: 5EXPL: 0

An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue “is a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held.” ** EN DISPUTA ** Se detectó un problema en el kernel de Linux versiones hasta 5.6.2. La función mpol_parse_str en el archivo mm/mempolicy.c presenta una escritura fuera de límites en la región stack de la memoria porque una lista de nodos vacía es manejada inapropiadamente durante el análisis de la opción de montaje, también se conoce como CID-aa9f7d5172fa. NOTA: Alguien en la comunidad de seguridad no está de acuerdo en que se trata de una vulnerabilidad porque el problema "es un error en el análisis de las opciones de montaje que sólo puede ser especificado por un usuario privilegiado, por lo que la activación del error no otorga ningún poder que no se tenga ya". An out-of-bounds write flaw was found in the Linux kernel. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd https://github.com/torvalds/linux/commit/aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://usn.ubuntu.com/4363-1 https://usn.ubuntu.com/4364-1 https://usn.ubuntu.com/4367-1 https:&# • CWE-787: Out-of-bounds Write •

CVSS: 4.4EPSS: 0%CPEs: 8EXPL: 0

An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4. Se detectó un problema en la función slc_bump en el archivo drivers/net/can/slcan.c en el kernel de Linux versión 3.16 hasta la versión 5.6.2. Permite a atacantes leer datos de can_frame no inicializados, conteniendo potencialmente información confidencial de la memoria de la pila del kernel, si la configuración carece de CONFIG_INIT_STACK_ALL, también se conoce como CID-b9258a2cece4 • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html http://packetstormsecurity.com/files/159565/Kernel-Live-Patch-Security-Notice-LSN-0072-1.html https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=08fadc32ce6239dc75fd5e869590e29bc62bbc28 https://github.com/torvalds/linux/commit/b9258a2cece4ec1f020715fe3554bc2e360f6264 https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debi • CWE-908: Use of Uninitialized Resource CWE-909: Missing Initialization of Resource •

CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 1

In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls. En el kernel de Linux versiones anteriores a 5.5.8, la función get_raw_socket en el archivo drivers/vhost/net.c carece de una comprobación de un campo sk_family, que podría permitir a atacantes desencadenar una corrupción de pila del kernel por medio de llamadas de sistema diseñadas. A stack buffer overflow issue was found in the get_raw_socket() routine of the Host kernel accelerator for virtio net (vhost-net) driver. It could occur while doing an ictol(VHOST_NET_SET_BACKEND) call, and retrieving socket name in a kernel stack variable via get_raw_socket(). A user able to perform ioctl(2) calls on the '/dev/vhost-net' device may use this flaw to crash the kernel resulting in DoS issue. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html http://www.openwall.com/lists/oss-security/2020/04/15/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.8 https://git.kernel.org/linus/42d84c8490f9f0931786f1623191fcab397c3d64 https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://lkml.org/lkm • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 7.1EPSS: 0%CPEs: 18EXPL: 0

An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2. Se detectó un problema en el kernel de Linux versión 3.16 hasta la versión 5.5.6. La función set_fdc en el archivo drivers/block/floppy.c, conlleva a una lectura fuera de límites de wait_til_ready porque el índice FDC no es comprobado para errores antes de asignarlos, también se conoce como CID-2e90ca68b0d2 An out-of-bounds (OOB) memory access flaw was found in the floppy driver module in the Linux kernel. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=2f9ac30a54dc0181ddac3705cdcf4775d863c530 https://github.com/torvalds/linux/commit/2e90ca68b0d2f5548804f22f0dd61145516171e3 https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://security.netapp.com/advisory/ntap& • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0

ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size. La función ext4_protect_reserved_inode en el archivo fs/ext4/block_validity.c en el kernel de Linux versiones hasta 5.5.3, permite a atacantes causar una denegación de servicio (soft lockup) por medio de un journal size diseñado. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html https://patchwork.ozlabs.org/patch/1236118 https://security.netapp.com/advisory/ntap-20200313-0003 https://usn.ubuntu.com/4318-1 https://usn.ubuntu.com/4324-1 https://usn.ubuntu.com/4342-1 https://usn.ubuntu.com/4344-1 https://usn.ubuntu.com/4419-1 • CWE-400: Uncontrolled Resource Consumption CWE-834: Excessive Iteration •