Page 489 of 4392 results (0.014 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to the USB_DT_INTERFACE_ASSOCIATION descriptor. drivers/usb/core/config.c en el kernel de Linux, en versiones anteriores a la 4.13.6, permite que los usuarios locales provoquen una denegación de servicio (lectura fuera de límites y cierre inesperado del sistema) o, posiblemente, causen otros impactos no especificados mediante llamadas del sistema manipuladas que utilizan un descriptor USB_DT_INTERFACE_ASSOCIATION. • http://www.securityfocus.com/bid/102025 https://github.com/torvalds/linux/commit/bd7a3fe770ebd8391d1c7d072ff88e9e76d063eb https://groups.google.com/d/msg/syzkaller/hP6L-m59m_8/Co2ouWeFAwAJ https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html https://usn.ubuntu.com/3754-1 https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The altivec_unavailable_exception function in arch/powerpc/kernel/traps.c in the Linux kernel before 2.6.19 on 64-bit systems mishandles the case where CONFIG_ALTIVEC is defined and the CPU actually supports Altivec, but the Altivec support was not detected by the kernel, which allows local users to cause a denial of service (panic) by triggering execution of an Altivec instruction. La función altivec_unavailable_exception en arch/powerpc/kernel/traps.c en el kernel de Linux en versiones anteriores a la 2.6.19 en sistemas de 64 bits gestiona de manera incorrecta el caso en el que se define CONFIG_ALTIVEC y la CPU es compatible con Altivec, pero esa compatibilidad no la detecta el kernel, lo que hace que los usuarios locales provoquen una denegación de servicio (pánico) desencadenando la ejecución de una instrucción de Altivec. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6c4841c2b6c32a134f9f36e5e08857138cc12b10 http://www.linuxgrill.com/anonymous/kernel/v2.6/ChangeLog-2.6.19 https://bugzilla.suse.com/show_bug.cgi?id=213229 https://github.com/torvalds/linux/commit/6c4841c2b6c32a134f9f36e5e08857138cc12b10 • CWE-19: Data Processing Errors •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2

net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346. net/packet/af_packet.c en versiones anteriores a la 4.13.6 del kernel de Linux permite que usuarios locales obtengan privilegios mediante llamadas manipuladas al sistema que dan lugar a una gestión incorrecta de las estructuras de datos packet_fanout. Esto se debe a una condición de carrera (que afecta a fanout_add y packet_do_bind) que da lugar a un uso de memoria previamente liberada. Esta vulnerabilidad es diferente de CVE-2017-6346. It was found that fanout_add() in 'net/packet/af_packet.c' in the Linux kernel, before version 4.13.6, allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free bug. • https://www.exploit-db.com/exploits/44053 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=008ba2a13f2d04c947adc536d19debb8fe66f110 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4971613c1639d8e5f102c4e797c3bf8f83a5a69e http://patchwork.ozlabs.org/patch/813945 http://patchwork.ozlabs.org/patch/818726 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.6 http://www.securityfocus.com/bid/101573 https://access.redhat.com/errata/RHSA- • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace() or rt_sigreturn() system call, allowing local users to read the FPU registers of other processes on the system, related to arch/x86/kernel/fpu/regset.c and arch/x86/kernel/fpu/signal.c. El subsistema x86/fpu (Floating Point Unit) en el kernel de Linux en versiones anteriores a la 4.13.5, cuando un procesador soporta la característica xsave pero no la xsaves, no gestiona correctamente los intentos de establecer bits reservados en la cabecera xstate mediante las llamadas de sistema ptrace() o rt_sigreturn(), lo que permite que usuarios locales lean los registros FPU de otros procesos en el sistema, relacionado con arch/x86/kernel/fpu/regset.c y arch/x86/kernel/fpu/signal.c. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=814fb7bb7db5433757d76f4c4502c96fc53b0b5e http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.5 https://github.com/torvalds/linux/commit/814fb7bb7db5433757d76f4c4502c96fc53b0b5e https://source.android.com/security/bulletin/pixel/2018-01-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0

Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c. Condición de carrera en el subsistema ALSA en el kernel de Linux en versiones anteriores a la 4.13.8 permite que usuarios locales provoquen una denegación de servicio (uso de memoria previamente liberada) o posiblemente otro impacto mediante llamadas ioctl /dev/snd/seq ioctl manipuladas. Esto está relacionado con sound/core/seq/seq_clientmgr.c y sound/core/seq/seq_ports.c. A use-after-free vulnerability was found when issuing an ioctl to a sound device. This could allow a user to exploit a race condition and create memory corruption or possibly privilege escalation. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026 http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8 http://www.openwall.com/lists/oss-security/2017/10/11/3 http://www.securityfocus.com/bid/101288 http://www.securitytracker.com/id/1039561 https://access.redhat.com/errata/RHSA-2018:0676 https://access.redhat.com/errata/RHSA-201 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •