Page 467 of 2604 results (0.015 seconds)

CVSS: 2.1EPSS: 0%CPEs: 7EXPL: 1

CVE-2014-1739 – Linux Kernel 3.3.5 - '/drivers/media/media-device.c' Local Information Disclosure

https://notcve.org/view.php?id=CVE-2014-1739

The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioctl call. La función media_device_enum_entities en drivers/media/media-device.c en el kernel de Linux anterior a 3.14.6 no inicializa cierta estructura de datos, lo que permite a usuarios locales obtener información sensible de la memoria del kernel mediante el aprovechamiento del acceso a lectura /dev/media0 para una llamada MEDIA_IOC_ENUM_ENTITIES ioctl. An information leak flaw was found in the way the Linux kernel handled media device enumerate entities IOCTL requests. A local user able to access the /dev/media0 device file could use this flaw to leak kernel memory bytes. • https://www.exploit-db.com/exploits/39214 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e6a623460e5fc960ac3ee9f946d3106233fd28d8 http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html http://secunia.com/advisories/59597 http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0

CVE-2014-4171 – Kernel: mm/shmem: denial of service

https://notcve.org/view.php?id=CVE-2014-4171

mm/shmem.c in the Linux kernel through 3.15.1 does not properly implement the interaction between range notification and hole punching, which allows local users to cause a denial of service (i_mutex hold) by using the mmap system call to access a hole, as demonstrated by interfering with intended shmem activity by blocking completion of (1) an MADV_REMOVE madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call. mm/shmem.c en el kernel de Linux hasta 3.15.1 no implementa debidamente la interacción entre la notificación del rango y la creación de agujeros, lo que permite a usuarios locales causar una denegación de servicio (apropiación del i_mutex) mediante la llamada de sistema mmap para acceder a un agujero, tal y como fue demostrado mediante la interferencia con la actividad shmem intencionada a través del bloqueo del completado de (1) una llamada MADV_REMOVE madvise o (2) una llamada FALLOC_FL_PUNCH_HOLE fallocate. A race condition flaw was found in the way the Linux kernel's mmap(2), madvise(2), and fallocate(2) system calls interacted with each other while operating on virtual memory file system files. A local user could use this flaw to cause a denial of service. • http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html http://marc.info/?l=linux-mm-commits&m=140303745420549&w=2 http://ozlabs.org/~akpm/mmots/broken-out/shmem-fix-faulting-into-a-hole-while-its-punched.patch http://rhn.redhat.com/errata/RHSA-2014-1318.html http://rhn.redhat.com/errata/RHSA-2015-0102.html http://secunia.com/advisories/59777 http://secunia.com/advisories/60564 http& •

CVSS: 2.3EPSS: 0%CPEs: 35EXPL: 0

CVE-2014-4027 – Kernel: target/rd: imformation leakage

https://notcve.org/view.php?id=CVE-2014-4027

The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator. La función rd_build_device_space en drivers/target/target_core_rd.c en el kernel de Linux anterior a 3.14 no inicializa debidamente cierta estructura de datos, lo que permite a usuarios locales obtener información sensible de la memoria ramdisk_mcp mediante el aprovechamiento del acceso a un iniciador SCSI. An information leak flaw was found in the RAM Disks Memory Copy (rd_mcp) backend driver of the iSCSI Target subsystem of the Linux kernel. A privileged user could use this flaw to leak the contents of kernel memory to an iSCSI initiator remote client. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618 http://secunia.com/advisories/59134 http://secunia.com/advisories/59777 http://secunia.com/advisories/60564 http://secunia.com/advisories/61310 http://www.openwall. • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2014-4508 – Kernel: x86_32: BUG in syscall auditing

https://notcve.org/view.php?id=CVE-2014-4508

arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000. arch/x86/kernel/entry_32.S en el kernel de Linux hasta 3.15.1 en plataformas de 32-bit x86, cuando la auditoria de llamadas de sistema está habilitada y la etiqueta de la funcionalidad de la CPU sep está configurada, permite a usuarios locales causar una denegación de servicio (OOPS y caída del sistema) a través de un número de llamada de sistema inválido, tal y como fue demostrado por el número 1000. A flaw was found in the Linux kernel’s system-call auditing support(CONFIG_AUDITSYSCALL) for 32-bit platforms. It is vulnerable to a crash caused by erroneous handling of bad system call numerals. This issue occurs during syscall(2) calls if system-call auditing is enabled on the system. This flaw allows an unprivileged user or process to crash the system kernel, resulting in a denial of service. • http://article.gmane.org/gmane.linux.kernel/1726110 http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://openwall.com/lists/oss-security/2014/06/20/1 http://secunia.com/advisories/58964 http://secunia.com/advisories/60564 http://www.openwall.com/lists/oss-security/2014/06/20/10 http://www.openwall.com&# • CWE-189: Numeric Errors CWE-391: Unchecked Error Condition •

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 2

CVE-2014-4014 – Linux Kernel 3.13 - SGID Privilege Escalation

https://notcve.org/view.php?id=CVE-2014-4014

The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with group ownership of root. La implementación de capacidades en el kernel de Linux anterior a 3.14.8 no considera debidamente que los espacios de nombres no sean aplicables a inodos, lo que permite a usuarios locales evadir restricciones chmod mediante la creación anterior de un espacio de nombre de usuario, tal y como fue demostrado mediante la configuración del bit setgid en un fichero con propiedad de grupo del root. • https://www.exploit-db.com/exploits/33824 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=23adbe12ef7d3d4195e80800ab36b37bee28cd03 http://secunia.com/advisories/59220 http://www.exploit-db.com/exploits/33824 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8 http://www.openwall.com/lists/oss-security/2014/06/10/4 http://www.securityfocus.com/bid/67988 http://www.securitytracker.com/id/1030394 https://bugzilla.redhat.com/show_ • CWE-264: Permissions, Privileges, and Access Controls •