CVSS: 4.7EPSS: 0%CPEs: 269EXPL: 1CVE-2013-6431 – kernel: net: fib: fib6_add: potential NULL pointer dereference
https://notcve.org/view.php?id=CVE-2013-6431
The fib6_add function in net/ipv6/ip6_fib.c in the Linux kernel before 3.11.5 does not properly implement error-code encoding, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability for an IPv6 SIOCADDRT ioctl call. La función fib6_add en net/ipv6/ip6_fib.c en el kernel de Linux anterior a 3.11.5 no implementa correctamente la codificación de código de error, lo que permite a usuarios locales provocar una denegación de servicio (referencia a un puntero NULL y caída del sistema) mediante el aprovechamiento de la capacidad CAP_NET_ADMIN de una llamada IPv6 SIOCADDRT ioctl. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ae7b4e1f213aa659aedf9c6ecad0bf5f0476e1e2 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html http://rhn.redhat.com/errata/RHSA-2014-0100.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.5 http://www.openwall.com/lists/oss-security/2013/12/06/5 https://bugzilla.redhat.com/show_bug.cgi?id=1039054 https://github.com/torvalds/linux/commit/ae7b4e1f213aa659aedf9c6ecad0bf5f0476e1e2& • CWE-264: Permissions, Privileges, and Access Controls CWE-476: NULL Pointer Dereference •
CVSS: 4.6EPSS: 0%CPEs: 284EXPL: 1CVE-2013-6432
https://notcve.org/view.php?id=CVE-2013-6432
The ping_recvmsg function in net/ipv4/ping.c in the Linux kernel before 3.12.4 does not properly interact with read system calls on ping sockets, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging unspecified privileges to execute a crafted application. La función ping_recvmsg en net/ipv4/ping.c en Linux kernel anterior a v3.12.4 no interactúa correctamente con la syscall read en socket ping, lo que permite a usuarios locales provocar una denegación de servicio (referencia a un puntero NULL y caída del sistema) aprovechando privilegios no especificados para ejecutar una aplicación manipulada. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cf970c002d270c36202bd5b9c2804d3097a52da0 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4 http://www.openwall.com/lists/oss-security/2013/12/06/6 http://www.ubuntu.com/usn/USN-2113-1 http://www.ubuntu.com/usn/USN-2117-1 https://bugzilla.redhat.com/show_bug.cgi?id=1039046 https://github.com/torvalds/ •
CVSS: 3.3EPSS: 0%CPEs: 274EXPL: 0CVE-2013-2929 – kernel: exec/ptrace: get_dumpable() incorrect tests
https://notcve.org/view.php?id=CVE-2013-2929
The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h. El kernel Linux anterior a 3.12.2 no utiliza apropiadamente la función get_dumpable, lo que permite a usuarios locales sortear restricciones ptrace u obtener información sensible de los registros IA64 a través de una aplicación manipulada, relacionado con kernel/ptrace.c y arch/ia64/include/asm/processor.h A flaw was found in the way the get_dumpable() function return value was interpreted in the ptrace subsystem of the Linux kernel. When 'fs.suid_dumpable' was set to 2, a local, unprivileged local user could use this flaw to bypass intended ptrace restrictions and obtain potentially sensitive information. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d049f74f2dbe71354d43d393ac3a188947811348 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://rhn.redhat.com/errata/RHSA-2014-0100.html http://rhn.redhat.com/errata/RHSA-2014-0159.html http://rhn.redhat.com/errata/RHSA-2014-0285.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2 http: • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.7EPSS: 0%CPEs: 269EXPL: 1CVE-2013-4270 – kernel: net: permissions flaw in /proc/sys/net
https://notcve.org/view.php?id=CVE-2013-4270
The net_ctl_permissions function in net/sysctl_net.c in the Linux kernel before 3.11.5 does not properly determine uid and gid values, which allows local users to bypass intended /proc/sys/net restrictions via a crafted application. La función net_ctl_permissions en net/sysctl_net.c en el kernel Linux anteriores a 3.11.5 no determina apropiadamente valores uid y gid, lo que permite a usuarios locales franquear restricciones /proc/sys/net a traves de una aplicación manipulada. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2433c8f094a008895e66f25bd1773cdb01c91d01 http://rhn.redhat.com/errata/RHSA-2014-0100.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.11.5 http://www.ubuntu.com/usn/USN-2049-1 https://bugzilla.redhat.com/show_bug.cgi?id=1027752 https://github.com/torvalds/linux/commit/2433c8f094a008895e66f25bd1773cdb01c91d01 https://access.redhat.com/security/cve/CVE-2013-4270 • CWE-20: Improper Input Validation •
CVSS: 4.0EPSS: 0%CPEs: 274EXPL: 1CVE-2013-6382
https://notcve.org/view.php?id=CVE-2013-6382
Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c. Múltiples desbordamientos de búfer en la implementación XFS del kernel de Linux hasta la versión 3.12.1 permite a usuarios locales provocar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto sin especificar mediante el aprovechamiento de la capacidad CAP_SYS_ADMIN para una llamada ioctl en (1) XFS_IOC_ATTRLIST_BY_HANDLE o (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 con un valor de longitud manipulado, relacionado con la función xfs_attrlist_by_handle en fs/xfs/xfs_ioctl.c y la función xfs_compat_attrlist_by_handle en fs/xfs/xfs_ioctl32.c. • http://www.openwall.com/lists/oss-security/2013/11/22/5 http://www.securityfocus.com/bid/63889 http://www.spinics.net/lists/xfs/msg23343.html http://www.ubuntu.com/usn/USN-2109-1 http://www.ubuntu.com/usn/USN-2110-1 http://www.ubuntu.com/usn/USN-2113-1 http://www.ubuntu.com/usn/USN-2117-1 http://www.ubuntu.com/usn/USN-2128-1 http://www.ubuntu.com/usn/USN-2129-1 http://www.ubuntu.com/usn/USN-2135-1 http://www.ubuntu.com/u • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •