CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5547
https://notcve.org/view.php?id=CVE-2017-5547
06 Feb 2017 — drivers/hid/hid-corsair.c in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. drivers/hid/hid-corsair.c en el kernel de Linux 4.9.x antes 4.9.6 interactúa incorrectamente con la opción CONFIG_VMAP_STACK, lo que permite a usuarios locales provocar una denegación de ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6d104af38b570d37aa32a5803b04c354f8ed513d • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5549 – Ubuntu Security Notice USN-3208-2
https://notcve.org/view.php?id=CVE-2017-5549
06 Feb 2017 — The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel before 4.9.5 places uninitialized heap-memory contents into a log entry upon a failure to read the line status, which allows local users to obtain sensitive information by reading the log. La función klsi_105_get_line_state en drivers/usb/serial/kl5kusb105.c en el kernel de Linux en versiones anteriores a 4.9.5 coloca los contenidos de memoria de pila no inicializados en una entrada de registro sobre un fallo para le... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=146cc8a17a3b4996f6805ee5c080e7101277c410 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5577 – Ubuntu Security Notice USN-3333-1
https://notcve.org/view.php?id=CVE-2017-5577
06 Feb 2017 — The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call. La función vc4_get_bcl en drivers/gpc/drm/vc4/vc4_gem.c en el controlador VideoCore DRM en el kernel de Linux en versiones anteriores a 4.9.7 no establece un valor errno sobre ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b8ac63847bc2f958dd93c09edc941a0118992d9 • CWE-388: 7PK - Errors •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2596 – Kernel: kvm: page reference leakage in handle_vmon
https://notcve.org/view.php?id=CVE-2017-2596
06 Feb 2017 — The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references. La función nested_vmx_check_vmptr en arch/x86/kvm/vmx.c en el kernel de Linux hasta la versión 4.9.8 emula indebidamente la instrucción VMXON, lo que permite a usuarios del SO invitado KVM L1 provocar una denegación de servicio (consu... • http://www.debian.org/security/2017/dsa-3791 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2010-5328
https://notcve.org/view.php?id=CVE-2010-5328
06 Feb 2017 — include/linux/init_task.h in the Linux kernel before 2.6.35 does not prevent signals with a process group ID of zero from reaching the swapper process, which allows local users to cause a denial of service (system crash) by leveraging access to this process group. include/linux/init_task.h en el kernel de Linux en versiones anteriores a 2.6.35 no impide que las señales con un ID de grupo de proceso de cero alcancen el proceso swapper, lo que permite a usuarios locales provocar una denegación de servicio (ca... • http://ftp.naist.jp/pub/linux/kernel/v2.6/ChangeLog-2.6.35 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10154
https://notcve.org/view.php?id=CVE-2016-10154
06 Feb 2017 — The smbhash function in fs/cifs/smbencrypt.c in the Linux kernel 4.9.x before 4.9.1 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a scatterlist. La función smbhash en fs/cifs/smbencrypt.c en el kernel de Linux 4.9.x en versiones anteriores a 4.9.1 interactúa incorrectamente con la opción CONFIG_VMAP_STACK, que permi... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=06deeec77a5a689cc94b21a8a91a76e42176685d • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10208 – kernel: EXT4 memory corruption / SLAB out-of-bounds read
https://notcve.org/view.php?id=CVE-2016-10208
06 Feb 2017 — The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image. La función ext4_fill_super en fs/ext4/super.c en el kernel de Linux hasta la versión 4.9.8 no valida correctamente los grupos de bloque meta, lo que permite a atacantes físicamente próximos provocar una denegación de servicio (lectura fuera de lím... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3a4b77cd47bb837b8557595ec7425f281f2ca1fe • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2016-10153
https://notcve.org/view.php?id=CVE-2016-10153
06 Feb 2017 — The crypto scatterlist API in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging reliance on earlier net/ceph/crypto.c code. La API criptográfica de la lista de dispersión en el kernel de Linux 4.9.x en versiones anteriores a 4.9.6 interactúa incorrectamente con la opción CONFIG_VMAP_STACK, lo que permite a usuarios locale... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a45f795c65b479b4ba107b6ccde29b896d51ee98 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5576 – Ubuntu Security Notice USN-3361-1
https://notcve.org/view.php?id=CVE-2017-5576
06 Feb 2017 — Integer overflow in the vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call. Desbordamiento de enteros en la función vc4_get_bcl en drivers/gpu/drm/vc4/vc4_gem.c en el controlador de VideoCore DRM en el kernel de Linux en versiones anteriores a 4.9.7 permite a usuarios locales provocar una denegación de... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2ff82e11c86c05d051cae32b58226392d33bbf • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5550 – Ubuntu Security Notice USN-3361-1
https://notcve.org/view.php?id=CVE-2017-5550
06 Feb 2017 — Off-by-one error in the pipe_advance function in lib/iov_iter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized heap-memory locations in opportunistic circumstances by reading from a pipe after an incorrect buffer-release decision. Error por un paso en la función pipe_advance en lib/iov_iter.c en el kernel de Linux en versiones anteriores a 4.9.5 permite a usuarios locales obtener información sensible de posiciones de memoria dinámica no inicializadas e... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9dc6f65bc5e232d1c05fe34b5daadc7e8bbf1fb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •