CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6951 – kernel: NULL pointer dereference in keyring_search_aux function
https://notcve.org/view.php?id=CVE-2017-6951
The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type. La función keyring_search_aux en security/keys/keyring.c en el kernel de Linux hasta la versión 3.14.79 permite a usuarios locales provocar una denegación de servicio (referencia a puntero NULL y OOPS) a través de una llamada al sistema request_key para el tipo "muerte". The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allows local users to cause a denial of service via a request_key system call for the "dead" key type. • http://www.securityfocus.com/bid/96943 http://www.spinics.net/lists/keyrings/msg01845.html http://www.spinics.net/lists/keyrings/msg01846.html http://www.spinics.net/lists/keyrings/msg01849.html https://access.redhat.com/errata/RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2669 https://access.redhat.com/security/cve/CVE-2017-6951 https://bugzilla.redhat.com/show_bug.cgi?id=1433252 • CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0510
https://notcve.org/view.php?id=CVE-2017-0510
An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32402555. • http://www.securityfocus.com/bid/96800 http://www.securitytracker.com/id/1037968 https://alephsecurity.com/2017/03/08/nexus9-fiq-debugger https://source.android.com/security/bulletin/2017-03-01 https://source.android.com/security/bulletin/2017-03-01.html •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0527
https://notcve.org/view.php?id=CVE-2017-0527
An elevation of privilege vulnerability in the HTC Sensor Hub Driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33899318. • http://www.securityfocus.com/bid/96949 http://www.securitytracker.com/id/1037968 https://source.android.com/security/bulletin/2017-03-01 https://source.android.com/security/bulletin/2017-03-01.html •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0452
https://notcve.org/view.php?id=CVE-2017-0452
An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-32873615. • http://www.securityfocus.com/bid/96836 http://www.securitytracker.com/id/1037968 https://source.android.com/security/bulletin/2017-03-01 https://source.android.com/security/bulletin/2017-03-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0464
https://notcve.org/view.php?id=CVE-2017-0464
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32940193. • http://www.securityfocus.com/bid/96735 http://www.securitytracker.com/id/1037968 https://source.android.com/security/bulletin/2017-03-01 https://source.android.com/security/bulletin/2017-03-01.html https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=051597a4fe19fd1292fb7ea2e627d12d1fd2934f •