CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2017-13715
https://notcve.org/view.php?id=CVE-2017-13715
The __skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel before 4.3 does not ensure that n_proto, ip_proto, and thoff are initialized, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a single crafted MPLS packet. función __skb_flow_dissect en net/core/flow_dissector.c en el kernel Linux en versiones anteriores a la 4.3 no garantiza que se inicialicen n_proto, ip_proto y thoff. Esto permite que atacantes remotos provoquen una denegación de servicio (bloqueo del sistema) o que ejecuten código arbitrario mediante un único paquete MPLS manipulado. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a6e544b0a88b53114bfa5a57e21b7be7a8dfc9d0 http://seclists.org/oss-sec/2017/q3/345 http://www.securityfocus.com/bid/100517 https://github.com/torvalds/linux/commit/a6e544b0a88b53114bfa5a57e21b7be7a8dfc9d0 • CWE-665: Improper Initialization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13693
https://notcve.org/view.php?id=CVE-2017-13693
The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table. La función acpi_ds_create_operands() en drivers/acpi/acpica/dsutils.c en el kernel Linux en su versión 4.12.9 no vacía la caché operand y provoca un volcado de pila de kernel, lo que permite que usuarios locales obtengan información sensible de la memoria del kernel y omitan el mecanismo de protección KASLR (en la versión 4.9 del kernel) mediante una tabla ACPI manipulada. • http://www.securityfocus.com/bid/100502 https://github.com/acpica/acpica/pull/295/commits/987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 https://patchwork.kernel.org/patch/9919053 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13695
https://notcve.org/view.php?id=CVE-2017-13695
The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table. La función acpi_ns_evaluate() en drivers/acpi/acpica/nseval.c en el kernel Linux en su versión 4.12.9 no vacía la caché operativa y provoca un volcado de pila de kernel, lo que permite que usuarios locales obtengan información sensible de la memoria del kernel y omitan el mecanismo de protección KASLR (en la versión 4.9 del kernel) mediante una tabla ACPI manipulada. • http://www.securityfocus.com/bid/100497 https://github.com/acpica/acpica/pull/296/commits/37f2c716f2c6ab14c3ba557a539c3ee3224931b5 https://patchwork.kernel.org/patch/9850567 https://usn.ubuntu.com/3696-1 https://usn.ubuntu.com/3696-2 https://usn.ubuntu.com/3762-1 https://usn.ubuntu.com/3762-2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13694
https://notcve.org/view.php?id=CVE-2017-13694
The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and node_ext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table. La función acpi_ps_complete_final_op() en drivers/acpi/acpica/psobject.c en el kernel Linux en su versión 4.12.9 no vacía las cachés node y node_ext y provoca un volcado de pila de kernel, lo que permite que usuarios locales obtengan información sensible de la memoria del kernel y omitan el mecanismo de protección KASLR (en la versión 4.9 del kernel) mediante una tabla ACPI manipulada. • http://www.securityfocus.com/bid/100500 https://github.com/acpica/acpica/pull/278/commits/4a0243ecb4c94e2d73510d096c5ea4d0711fc6c0 https://patchwork.kernel.org/patch/9806085 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-10663
https://notcve.org/view.php?id=CVE-2017-10663
The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain privileges via unspecified vectors. La función sanity_check_ckpt en fs/f2fs/super.c en el kernel Linux en versiones anteriores a la 4.12.4 no valida los arrays blkoff y segno, lo que permite que usuarios locales obtengan privilegios mediante vectores sin especificar. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=15d3042a937c13f5d9244241c7a9c8416ff6e82a http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.4 http://www.securityfocus.com/bid/100215 https://bugzilla.redhat.com/show_bug.cgi?id=1481149 https://github.com/torvalds/linux/commit/15d3042a937c13f5d9244241c7a9c8416ff6e82a https://source.android.com/security/bulletin/2017-08-01 • CWE-129: Improper Validation of Array Index •