Page 499 of 2776 results (0.018 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code. La implementación SAS (Serial Attached SCSI) en el kernel de Linux, hasta la versión 4.15.9, gestiona de manera incorrecta un mutex en libsas. Esto permite que usuarios locales provoquen una denegación de servicio (deadlock) desencadenando cierto código de gestión de errores. The Serial Attached SCSI (SAS) implementation in the Linux kernel mishandles a mutex within libsas. This allows local users to cause a denial of service (deadlock) by triggering certain error-handling code. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0558f33c06bb910e2879e355192227a8e8f0219d http://www.securityfocus.com/bid/103423 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://github.com/torvalds/linux/commit/0558f33c06bb910e2879e355192227a8e8f0219d https://usn.ubuntu.com/4163-1 https://usn.ubuntu.com/4163-2 https://www.debian.org/security/2018/dsa-4187 https://access.redhat.com/security/cve/CVE-2017-18232 • CWE-833: Deadlock •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0

Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case. Fuga de memoria en la función hwsim_new_radio_nl en drivers/net/wireless/mac80211_hwsim.c en el kernel de Linux hasta la versión 4.15.9 permite que usuarios locales provoquen una denegación de servicio (consumo de memoria) desencadenando un caso de error fuera de array. The Linux kernel is vulnerable to a memory leak in the drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() function. An attacker could exploit this to cause a potential denial of service. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ddcff49b672239dda94d70d0fcf50317a9f4b51 http://www.securityfocus.com/bid/103397 https://access.redhat.com/errata/RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2043 https://github.com/torvalds/linux/commit/0ddcff49b672239dda94d70d0fcf50317a9f4b51 https://usn.ubuntu.com/3676-1 https://usn.ubuntu.com/3676-2 https://usn.ubuntu.com/3677-1 https://usn.ubuntu.com/3677-2 https://usn.ubuntu.com/3678-1 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0

In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field. En el kernel de Linux, en versiones anteriores a la 4.15, fs/ocfs2/aops.c omite el uso de un semáforo y, por consiguiente, tiene una condición de carrera al acceder al árbol extent durante las operaciones de lectura en modo DIRECT. Esto permite que usuarios locales provoquen una denegación de servicio (bug) modificando cierto campo e_cpos. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f http://www.securityfocus.com/bid/103353 https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f https://www.debian.org/security/2018/dsa-4188 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference). La función unimac_mdio_probe en drivers/net/phy/mdio-bcm-unimac.c en el kernel de Linux hasta la versión 4.15.8 no valida la disponibilidad de ciertos recursos. Esto permite que usuarios locales provoquen una denegación de servicio (desreferencia de puntero NULL). • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=297a6961ffb8ff4dc66c9fbf53b924bd1dda05d5 http://www.securitytracker.com/id/1040749 https://github.com/torvalds/linux/commit/297a6961ffb8ff4dc66c9fbf53b924bd1dda05d5 https://usn.ubuntu.com/3619-1 https://usn.ubuntu.com/3619-2 https://usn.ubuntu.com/3630-1 https://usn.ubuntu.com/3630-2 https://usn.ubuntu.com/3632-1 • CWE-476: NULL Pointer Dereference •

CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0

Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a /sys/devices/system/machinecheck/machinecheck<cpu number> directory. NOTE: a third party has indicated that this report is not security relevant ** EN DISPUTA ** Condición de carrera en la función store_int_with_restart() en arch/x86/kernel/cpu/mcheck/mce.c en el kernel de Linux hasta la versión 4.15.7 permite que los usuarios locales provoquen una denegación de servicio (pánico) aprovechándose del acceso root de escritura en el archivo check_interval en un directorio /sys/devices/system/machinecheck/machinecheck<número de cpu> NOTA: un tercero ha indicado que este informe no es relevante para la seguridad: • http://www.securityfocus.com/bid/103356 https://bugzilla.suse.com/show_bug.cgi?id=1084755 https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b3b7c4795ccab5be71f080774c45bbbcc75c2aaf https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html https://lkml.org/lkml/2018/3/2/970 https://usn.ubuntu.com/3654-1 https://usn.ubuntu.com/3654-2 https://usn.ubuntu.com/3656-1 https://www.debian.org/security/2018/dsa-4187 https://www.debian • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •