CVSS: 6.1EPSS: 0%CPEs: 204EXPL: 0CVE-2014-8884 – kernel: usb: buffer overflow in ttusb-dec
https://notcve.org/view.php?id=CVE-2014-8884
Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call. Desbordamiento de buffer basado en pila en la función ttusbdecfe_dvbs_diseqc_send_master_cmd en drivers/media/usb/ttusb-dec/ttusbdecfe.c en el kernel de Linux anterior a 3.17.4 permite a usuarios locales causar una denegación de servicio (caída del sistema) o posiblemente ganar privilegios a través de una longitud de mensaje grande en una llamada ioctl. A stack-based buffer overflow flaw was found in the TechnoTrend/Hauppauge DEC USB device driver. A local user with write access to the corresponding device could use this flaw to crash the kernel or, potentially, elevate their privileges on the system. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f2e323ec96077642d397bb1c355def536d489d16 http://rhn.redhat.com/errata/RHSA-2015-0290.html http://rhn.redhat.com/errata/RHSA-2015-0782.html http://rhn.redhat.com/errata/RHSA-2015-0864.html http://secunia.com/advisories/62305 http://www.debian.org/security/2014/dsa-3093 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4 http://www.openwall.com/lists/oss-security/2014/11/14/7 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2014-7843
https://notcve.org/view.php?id=CVE-2014-7843
The __clear_user function in arch/arm64/lib/clear_user.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. La función __clear_user en arch/arm64/lib/clear_user.S en el kernel de Linux anterior a 3.17.4 en la plataforma ARM64 permite a usuarios locales causar una denegación de servicio (caída del sistema) mediante la lectura de un byte más allá del límite de página /dev/zero. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=97fc15436b36ee3956efad83e22a557991f7d19d http://secunia.com/advisories/62305 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4 http://www.openwall.com/lists/oss-security/2014/11/13/5 http://www.securityfocus.com/bid/71082 https://bugzilla.redhat.com/show_bug.cgi?id=1163744 https://github.com/torvalds/linux/commit/97fc15436b36ee3956efad83e22a557991f7d19d • CWE-17: DEPRECATED: Code •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2014-8709 – kernel: net: mac80211: plain text information leak
https://notcve.org/view.php?id=CVE-2014-8709
The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets. La función ieee80211_fragment en net/mac80211/tx.c en el kernel de Linux anterior a 3.13.5 no mantiene debidamente cierto puntero de cola, lo que permite a atacantes remotos obtener información sensible en texto plano mediante la lectura de paquetes. An information leak flaw was found in the Linux kernel's IEEE 802.11 wireless networking implementation. When software encryption was used, a remote attacker could use this flaw to leak up to 8 bytes of plaintext. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=338f977f4eb441e69bb9a46eaa0ac715c931a67f http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html http://rhn.redhat.com/errata/RHSA-2015-0290.html http://rhn.redhat.com/errata/RHSA-2015-1272.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeL • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 2CVE-2014-8481
https://notcve.org/view.php?id=CVE-2014-8481
The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8480. El decodificador de instrucciones en arch/x86/kvm/emulate.c en el subsistema KVM en el kernel de Linux anterior a 3.18-rc2 no maneja debidamente las instrucciones inválidas, lo que permite a usuarios del sistema operativo invitado causar una denegación de servicio (referencia a puntero nulo y caída del sistema operativo anfitrión) a través de una aplicación manipulada que provoca (1) una instrucción traída indebidamente o (2) una instrucción que ocupa demasiados bytes. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-8480. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a430c9166312e1aa3d80bce32374233bdbfeba32 http://secunia.com/advisories/62042 http://thread.gmane.org/gmane.comp.emulators.kvm.devel/128427 http://www.openwall.com/lists/oss-security/2014/10/23/7 https://bugzilla.redhat.com/show_bug.cgi?id=1156615 https://github.com/torvalds/linux/commit/a430c9166312e1aa3d80bce32374233bdbfeba32 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2014-7826 – kernel: insufficient syscall number validation in perf and ftrace subsystems
https://notcve.org/view.php?id=CVE-2014-7826
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application. kernel/trace/trace_syscalls.c en el kernel de Linux hasta 3.17.2 no maneja debidamente los números privados de las llamadas al sistema durante el uso del subsistema ftrace, lo que permite a usuarios locales ganar privilegios o causar una denegación de servicio (referencia a puntero inválido) a través de una aplicación manipulada. An out-of-bounds memory access flaw, CVE-2014-7825, was found in the syscall tracing functionality of the Linux kernel's perf subsystem. A local, unprivileged user could use this flaw to crash the system. Additionally, an out-of-bounds memory access flaw, CVE-2014-7826, was found in the syscall tracing functionality of the Linux kernel's ftrace subsystem. On a system with ftrace syscall tracing enabled, a local, unprivileged user could use this flaw to crash the system, or escalate their privileges. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=086ba77a6db00ed858ff07451bedee197df868c9 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://rhn.redhat.com/errata/RHSA-2014-1943.html http://rhn.redhat.com/errata/RHSA-2015-0290.html http://rhn.redhat.com/errata/RHSA-2015-0864.html http://www.openwall.com/lists/oss-security/2014/11/06/11 http:// • CWE-476: NULL Pointer Dereference •