Page 467 of 2861 results (0.014 seconds)

CVSS: 4.7EPSS: 0%CPEs: 259EXPL: 0

CVE-2013-2899

https://notcve.org/view.php?id=CVE-2013-2899

drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PICOLCD is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device. drivers/hid/hid-picolcd_core.c en el subsistema Human Interface Device (HID) del kernel de Linux hasta la versión 3.11, cuando CONFIG_HID_PICOLCD está habilitado, permite físicamente a atacantes próximos causar una denegación de servicio (Referencia a puntero nulo y OOPS) a través de un dispositivo manipulado. • http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://marc.info/?l=linux-input&m=137772191714649&w=1 http://openwall.com/lists/oss-security/2013/08/28/13 http://www.ubuntu.com/usn/USN-1995-1 http://www.ubuntu.com/usn/USN-1998-1 http://www.ubuntu.com/usn/USN-2019-1 http://www.ubuntu.com/usn/USN-2021-1 http://www.ubuntu.com/usn/USN-2022-1 http: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.2EPSS: 0%CPEs: 259EXPL: 0

CVE-2013-2888 – Kernel: HID: memory corruption flaw

https://notcve.org/view.php?id=CVE-2013-2888

Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID. Multiples indices de array en drivers/hid/hid-core.c del subsistema Dispositivo de Interfaz Humano (HID) en el núcleo de Linux hasta 3.11, permite a atacantes físicos ejecutar código arbitrario o causar denegación de servicio (corrupción de memoria dinámica) a través de un dispositivo manipulado que proporcione un Report ID inválido • http://marc.info/?l=linux-input&m=137772180514608&w=1 http://openwall.com/lists/oss-security/2013/08/28/13 http://rhn.redhat.com/errata/RHSA-2013-1490.html http://rhn.redhat.com/errata/RHSA-2013-1645.html http://www.debian.org/security/2013/dsa-2766 http://www.ubuntu.com/usn/USN-1976-1 http://www.ubuntu.com/usn/USN-1977-1 http://www.ubuntu.com/usn/USN-1995-1 http://www.ubuntu.com/usn/USN-1998-1 http://www.ubuntu.com/usn/USN-2019- • CWE-20: Improper Input Validation •

CVSS: 4.7EPSS: 0%CPEs: 259EXPL: 0

CVE-2013-2890

https://notcve.org/view.php?id=CVE-2013-2890

drivers/hid/hid-sony.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SONY is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. drivers/hid/hid-sony.c en el subsistema Human Interface Device (HID) en el kernel de Linux hasta la v3.11, cuando CONFIG_HID_SONY es activado, permite a atacantes físicamente próximos provocar una denegación de servicio (escritura fuera de límites basada en memoria dinámica) a través de un dispositivo manipulado. • http://marc.info/?l=linux-input&m=137772182814616&w=1 http://openwall.com/lists/oss-security/2013/08/28/13 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.2EPSS: 0%CPEs: 259EXPL: 0

CVE-2013-2893 – Kernel: HID: LG: heap overflow flaw

https://notcve.org/view.php?id=CVE-2013-2893

The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c. El subsistema Human Interface Device (HID) en el núcleo de Linux hasta v3.11, cuando CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, o CONFIG_LOGIWHEELS_FF esta habilitado, permite a los atacantes físicamente próximos a provocar una denegación de servicio (escritura fuera de rango en la memoria dinámica) a través de un dispositivo manipulado, relacionado con (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, y (3) drivers/hid/hid-lg4ff.c. • http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://marc.info/?l=linux-input&m=137772186714627&w=1 http://openwall.com/lists/oss-security/2013/08/28/13 http://rhn.redhat.com/errata/RHSA-2013-1490.html http://www.securityfocus.com/bid/62050 http://www.ubuntu.com/usn/USN-2015-1 http://www.ubuntu.com/usn/USN-2016-1 http://www.ubuntu.com/usn/USN-2019-1 htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 3.8EPSS: 0%CPEs: 255EXPL: 1

CVE-2013-2140

https://notcve.org/view.php?id=CVE-2013-2140

The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service (data loss) via filesystem write operations on a read-only disk that supports the (1) BLKIF_OP_DISCARD (aka discard or TRIM) or (2) SCSI UNMAP feature. La función dispatch_discard_io en drivers/block/xen-blkback/blkback.c en la implementación Xen blkback en el kernel de Linux anterior a v3.10.5 permite a usuarios invitados del sistema operativo provocar una denegación de servicio (pérdida de datos) a través de operaciones de escritura del sistema de ficheros en un disco de sólo lectura que soporte la funcionalidad BLKIF_OP_DISCARD (aka discard o TRIM) o SCSI UNMAP. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=604c499cbbcc3d5fe5fb8d53306aa0fae1990109 http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-2140.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.5 http://www.openwall.com/lists/oss-security/2013/06/05/21 http://www.ubuntu.com/usn/USN-1938-1 http://www.ubuntu.com/usn/USN-1943-1 http://www.ubuntu.com/usn/USN-1944-1 http://www.ubuntu.com/usn/USN • CWE-20: Improper Input Validation •