Page 480 of 2741 results (0.023 seconds)

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG). Se encontró un error en la función hugetlb_mcopy_atomic_pte en mm/hugetlb.c en el kernel de Linux en versiones anteriores a la 4.13.12. La falta de comprobación de tamaño podría provocar una denegación de servicio (error). • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e3921471354244f70fe268586ff94a97a6dd4df https://access.redhat.com/security/cve/CVE-2017-15128 https://bugzilla.redhat.com/show_bug.cgi?id=1525222 https://github.com/torvalds/linux/commit/1e3921471354244f70fe268586ff94a97a6dd4df https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.12 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG). Se encontró un error en la función hugetlb_mcopy_atomic_pte en mm/hugetlb.c en el kernel de Linux en versiones anteriores a la 4.13. Un desbloqueo superfluo implícito de página para la representación hugetlbfs de VM_SHARED podría desembocar una denegación de servicio local (error). A flaw was found in the Linux kernel when freeing pages in hugetlbfs. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5af10dfd0afc559bb4b0f7e3e8227a1578333995 http://www.securityfocus.com/bid/102517 https://access.redhat.com/errata/RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:1062 https://access.redhat.com/security/cve/CVE-2017-15127 https://bugzilla.redhat.com/show_bug.cgi?id=1525218 https://github.com/torvalds/linux/commit/5af10dfd0afc559bb4b0f7e3e8227a1578333995 • CWE-460: Improper Cleanup on Thrown Exception •

CVSS: 10.0EPSS: 91%CPEs: 66EXPL: 0

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. La función tcpmss_mangle_packet en net/netfilter/xt_TCPMSS.c en el kernel de Linux, en versiones anteriores a la 4.11 y en versiones 4.9.x anteriores a la 4.9.36, permite que atacantes remotos provoquen una denegación de servicio (uso de memoria previamente liberada y corrupción de memoria) o, posiblemente, otro tipo de impacto sin especificar aprovechando la presencia de xt_TCPMSS en una acción iptables. The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901 http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00038.html http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00047.html http://lists.opensuse.org • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure. Uso de memoria previamente liberada en la función usbtv_probe en drivers/media/usb/usbtv/usbtv-core.c en el kernel de Linux hasta la versión 4.14.10 permite que atacantes provoquen una denegación de servicio (cierre inesperado del sistema) o, posiblemente, causen otro tipo de impacto sin especificar desencadenando un error de registro de audio. Esto se debe a que un kfree de la estructura de datos usbtv ocurre durante una llamada usbtv_video_free, pero el código de la etiqueta usbtv_video_fail intenta acceder y liberar esta estructura de datos. • http://linuxtesting.org/pipermail/ldv-project/2017-November/001008.html http://www.securityfocus.com/bid/102330 https://usn.ubuntu.com/3653-1 https://usn.ubuntu.com/3653-2 https://usn.ubuntu.com/3654-1 https://usn.ubuntu.com/3654-2 https://usn.ubuntu.com/3656-1 https://usn.ubuntu.com/3657-1 https://www.debian.org/security/2018/dsa-4188 • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service. kernel/bpf/verifier.c en el kernel de Linux hasta la versión 4.14.8 ignora el código inalcanzable, incluso aunque sea procesado por compiladores en tiempo de ejecución o JIT. Este comportamiento, que también se considera un problema de lógica de poda de ramas incorrecta, podría ser utilizado por usuarios locales para provocar una denegación de servicio (DoS). • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c131187db2d3fa2f8bf32fdf4e9a4ef805168467 http://www.securityfocus.com/bid/102325 http://www.securitytracker.com/id/1040057 https://anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-fix-branch-pruning-logic.patch?h=stretch-security https://github.com/torvalds/linux/commit/c131187db2d3fa2f8bf32fdf4e9a4ef805168467 https://usn.ubuntu.com/3619-1 https://usn.ubuntu.com/3619-2 https://usn.ubuntu.com/usn/ • CWE-20: Improper Input Validation •