CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5576
https://notcve.org/view.php?id=CVE-2017-5576
06 Feb 2017 — Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call. Desbordamiento de enteros en la función vc4_get_bcl en drivers/gpu/drm/vc4/vc4_gem.c en el controlador de VideoCore DRM en el kernel de Linux en versiones anteriores a 4.9.7 permite a usuarios locales provocar una denegación de... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5549
https://notcve.org/view.php?id=CVE-2017-5549
06 Feb 2017 — The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel before 4.9.5 places uninitialized heap-memory contents into a log entry upon a failure to read the line status, which allows local users to obtain sensitive information by reading the log. La función klsi_105_get_line_state en drivers/usb/serial/kl5kusb105.c en el kernel de Linux en versiones anteriores a 4.9.5 coloca los contenidos de memoria de pila no inicializados en una entrada de registro sobre un fallo para le... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=146cc8a17a3b4996f6805ee5c080e7101277c410 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2010-5328
https://notcve.org/view.php?id=CVE-2010-5328
06 Feb 2017 — include/linux/init_task.h in the Linux kernel before 2.6.35 does not prevent signals with a process group ID of zero from reaching the swapper process, which allows local users to cause a denial of service (system crash) by leveraging access to this process group. include/linux/init_task.h en el kernel de Linux en versiones anteriores a 2.6.35 no impide que las señales con un ID de grupo de proceso de cero alcancen el proceso swapper, lo que permite a usuarios locales provocar una denegación de servicio (ca... • http://ftp.naist.jp/pub/linux/kernel/v2.6/ChangeLog-2.6.35 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5547
https://notcve.org/view.php?id=CVE-2017-5547
06 Feb 2017 — drivers/hid/hid-corsair.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. drivers/hid/hid-corsair.c en el kernel de Linux 4.9.x antes 4.9.6 interactúa incorrectamente con la opción CONFIG_VMAP_STACK, lo que permite a usuarios locales provocar una denegación de ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6d104af38b570d37aa32a5803b04c354f8ed513d • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5546
https://notcve.org/view.php?id=CVE-2017-5546
06 Feb 2017 — The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service (duplicate freelist entries and system crash) or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a large value for a random number. La característica de freelist-randomization en mm/slab.c en el kernel 4.8.x de Linux y 4.9.x en versiones anteriores a 4.9.5 permite a usuarios locales provocar una denegación de ser... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c4e490cf148e85ead0d1b1c2caaba833f1d5b29f •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10208 – kernel: EXT4 memory corruption / SLAB out-of-bounds read
https://notcve.org/view.php?id=CVE-2016-10208
06 Feb 2017 — The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image. La función ext4_fill_super en fs/ext4/super.c en el kernel de Linux hasta la versión 4.9.8 no valida correctamente los grupos de bloque meta, lo que permite a atacantes físicamente próximos provocar una denegación de servicio (lectura fuera de lím... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3a4b77cd47bb837b8557595ec7425f281f2ca1fe • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5577
https://notcve.org/view.php?id=CVE-2017-5577
06 Feb 2017 — The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call. La función vc4_get_bcl en drivers/gpc/drm/vc4/vc4_gem.c en el controlador VideoCore DRM en el kernel de Linux en versiones anteriores a 4.9.7 no establece un valor errno sobre ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b8ac63847bc2f958dd93c09edc941a0118992d9 • CWE-388: 7PK - Errors •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2016-10153
https://notcve.org/view.php?id=CVE-2016-10153
06 Feb 2017 — The crypto scatterlist API in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging reliance on earlier net/ceph/crypto.c code. La API criptográfica de la lista de dispersión en el kernel de Linux 4.9.x en versiones anteriores a 4.9.6 interactúa incorrectamente con la opción CONFIG_VMAP_STACK, lo que permite a usuarios locale... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a45f795c65b479b4ba107b6ccde29b896d51ee98 • CWE-399: Resource Management Errors •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2583 – Kernel: Kvm: vmx/svm potential privilege escalation inside guest
https://notcve.org/view.php?id=CVE-2017-2583
06 Feb 2017 — The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application. La implementación de load_segment_descriptor en arc/x86/kvm/emulate.c en el kernel de Linux en versiones anteriores a 4.9.5 emula indebidamente una instrucción "MOV SS, NULL selector", lo que permite a usuarios del SO invi... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=33ab91103b3415e12457e3104f0e4517ce12d0f3 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2017-5548
https://notcve.org/view.php?id=CVE-2017-5548
06 Feb 2017 — drivers/net/ieee802154/atusb.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. drivers/net/ieee802154/atusb.c en el kernel de Linux 4.9.x en versiones anteriores a 4.9.6 interactúa incorrectamente con la opción CONFIG_VMAP_STACK, lo que permite a usuarios local... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05a974efa4bdf6e2a150e3f27dc6fcf0a9ad5655 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •