Page 496 of 2515 results (0.029 seconds)

CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 2

CVE-2020-12826 – kernel: possible to send arbitrary signals to a privileged (suidroot) parent process

https://notcve.org/view.php?id=CVE-2020-12826

A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary signal to a parent process in a different security domain. Exploitation limitations include the amount of elapsed time before an integer overflow occurs, and the lack of scenarios where signals to a parent process present a substantial operational threat. Se detectó un problema de control de acceso de señal en el kernel de Linux versiones anteriores a 5.6.5, se conoce como CID-7395ea4e65c2. • https://bugzilla.redhat.com/show_bug.cgi?id=1822077 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.5 https://github.com/torvalds/linux/commit/7395ea4e65c2a00d23185a3f63ad315756ba9cef https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://lists.openwall.net/linux-kernel/2020/03/24/1803 https://security.netapp.com/advisory/ntap-20200608-0001 https://usn.ubuntu.com/4367-1 https://u • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-190: Integer Overflow or Wraparound •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2020-12768

https://notcve.org/view.php?id=CVE-2020-12768

An issue was discovered in the Linux kernel before 5.6. svm_cpu_uninit in arch/x86/kvm/svm.c has a memory leak, aka CID-d80b64ff297e. NOTE: third parties dispute this issue because it's a one-time leak at the boot, the size is negligible, and it can't be triggered at will ** EN DISPUTA ** Se detectó un problema en el kernel de Linux versiones anteriores a 5.6. La función svm_cpu_uninit en el archivo arch/x86/kvm/svm.c, presenta una pérdida de memoria, también se conoce como CID-d80b64ff297e. NOTA: terceras partes disputan este asunto porque es una fuga única en el arranque, el tamaño es insignificante, y no se puede disparar a voluntad. • https://bugzilla.suse.com/show_bug.cgi?id=1171736#c3 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d80b64ff297e40c2b6f7d7abc1b3eba70d22a068 https://usn.ubuntu.com/4411-1 https://usn.ubuntu.com/4412-1 https://usn.ubuntu.com/4413-1 https://www.debian.org/security/2020/dsa-4699 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 6.7EPSS: 0%CPEs: 44EXPL: 0

CVE-2020-12770 – kernel: sg_write function lacks an sg_remove_request call in a certain failure case

https://notcve.org/view.php?id=CVE-2020-12770

An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040. Se detectó un problema en el kernel de Linux versiones hasta 5.6.11. La función sg_write, carece de una llamada a sg_remove_request en un determinado caso de fallo, también se conoce como CID-83c6f2390040. A vulnerability was found in sg_write in drivers/scsi/sg.c in the SCSI generic (sg) driver subsystem. This flaw allows an attacker with local access and special user or root privileges to cause a denial of service if the allocated list is not cleaned with an invalid (Sg_fd * sfp) pointer at the time of failure, also possibly causing a kernel internal information leak problem. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=83c6f2390040f188cc25b270b4befeb5628c1aee https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ES5C6ZCMALBEBMKNNCTBSLLSYGFZG3FF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 41EXPL: 1

CVE-2020-12771

https://notcve.org/view.php?id=CVE-2020-12771

An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails. Se detectó un problema en el kernel de Linux versiones hasta 5.6.11. La función btree_gc_coalesce en el archivo drivers/md/bcache/btree.c, presenta un punto muerto si se produce un fallo de la operación de coalescencia. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00071.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html https://lkml.org/lkml/2020/4/26/87 https://security.netapp.com/advisory/ntap-20200608-0001 https://usn.ubuntu.com/4462-1 https: • CWE-667: Improper Locking •

CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 2

CVE-2019-20794

https://notcve.org/view.php?id=CVE-2019-20794

An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion. Se detectó un problema en el kernel de Linux versiones 4.18 hasta 5.6.11, cuando los espacios de nombre de un usuario no privilegiado están permitidos. • http://www.openwall.com/lists/oss-security/2020/08/24/1 https://github.com/sargun/fuse-example https://security.netapp.com/advisory/ntap-20200608-0001 https://sourceforge.net/p/fuse/mailman/message/36598753 • CWE-772: Missing Release of Resource after Effective Lifetime •