CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2015-8962
https://notcve.org/view.php?id=CVE-2015-8962
16 Nov 2016 — Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call. Vulnerabilidad de liberación doble en la función sg_common_write en drivers/scsi/sg.c en el kernel de Linux en versiones anteriores a 4.4 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (corrupción de memoria y ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3951a3709ff50990bf3e188c27d346792103432 • CWE-415: Double Free •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-7912
https://notcve.org/view.php?id=CVE-2016-7912
16 Nov 2016 — Use-after-free vulnerability in the ffs_user_copy_worker function in drivers/usb/gadget/function/f_fs.c in the Linux kernel before 4.5.3 allows local users to gain privileges by accessing an I/O data structure after a certain callback call. Vulnerabilidad de uso después de liberación de memoria en la función ffs_user_copy_worker en drivers/usb/gadget/function/f_fs.c en el kernel de Linux en versiones anteriores a 4.5.3 permite a usuarios locales obtener privilegios accediendo a una estructura de datos I/O d... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38740a5b87d53ceb89eb2c970150f6e94e00373a • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2016-7913 – kernel: media: use-after-free in [tuner-xc2028] media driver
https://notcve.org/view.php?id=CVE-2016-7913
16 Nov 2016 — The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure. La función xc2028_set_config en drivers/media/tuners/tuner-xc2028.c en el kernel de Linux en versiones anteriores a 4.6 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (uso después de liberación de memoria) ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8dfbcc4351a0b6d2f2d77f367552f48ffefafe18 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7915 – kernel: HID: core: prevent out-of-bound readings
https://notcve.org/view.php?id=CVE-2016-7915
16 Nov 2016 — The hid_input_field function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device, as demonstrated by a Logitech DJ receiver. La función hid_input_field en drivers/hid/hid-core.c en el kernel de Linux en versiones anteriores a 4.6 Permite que atacantes físicamente próximos obtengan información sensible de la memoria del núcleo o causen una dene... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=50220dead1650609206efe91f0cc116132d59b3f • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2016-7911
https://notcve.org/view.php?id=CVE-2016-7911
16 Nov 2016 — Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call. Condición de carrera en la función get_task_ioprio en block/ioprio.c en el kernel de Linux en versiones anteriores a 4.6.6 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (uso posterior a la llamada) mediante una llamada manipulada al sistema ioprio_get. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ba8682107ee2ca3347354e018865d8e1967c5f4 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7917
https://notcve.org/view.php?id=CVE-2016-7917
16 Nov 2016 — The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability. La función nfnetlink_rcv_batch en net / netfilter / nfnetlink.c en el kernel de Linux en versiones anteriores a 4.5 no comprueba si el campo de longitud de un me... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c58d6c93680f28ac58984af61d0a7ebf4319c241 • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7914 – kernel: assoc_array: don't call compare_object() on a node
https://notcve.org/view.php?id=CVE-2016-7914
16 Nov 2016 — The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an application that uses associative-array data structures, as demonstrated by the keyutils test suite. La función assoc_array_insert_into_terminal_node en lib/assoc_array.c en el kernel de Linux en versi... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8d4a2ec1e0b41b0cf9a0c5cd4511da7f8e4f3de2 • CWE-125: Out-of-bounds Read CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 70%CPEs: 41EXPL: 62CVE-2016-5195 – Linux Kernel Race Condition Vulnerability
https://notcve.org/view.php?id=CVE-2016-5195
20 Oct 2016 — Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW." La condición de carrera en mm / gup.c en el kernel de Linux 2.x a 4.x antes de 4.8.3 permite a los usuarios locales obtener privilegios aprovechando el manejo incorrecto de una función copy-on-write (COW) para escribir en un read- on... • https://github.com/dirtycow/dirtycow.github.io • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7097 – kernel: Setting a POSIX ACL via setxattr doesn't clear the setgid bit
https://notcve.org/view.php?id=CVE-2016-7097
16 Oct 2016 — The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. La implementación del sistema de archivos en el kernel de Linux hasta la versión 4.8.2 preserva el bit setgid durante una llamada setxattr, lo que permite a usuarios locales obtener privilegios de grupo aprovechando la existencia de un programa setgid con res... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073931017b49d9458aa351605b43a7e34598caef • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8658
https://notcve.org/view.php?id=CVE-2016-8658
16 Oct 2016 — Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket. Desbordamiento de búfer basado en pila en la función brcmf_cfg80211_start_ap en drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c en el kernel de Linux en versione... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ded89912156b1a47d940a0c954c43afbabd0c42c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •