CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2016-9806 – kernel: netlink: double-free in netlink_dump
https://notcve.org/view.php?id=CVE-2016-9806
28 Dec 2016 — Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated. Condición de carrera en la función netlink_dump en net/netlink/af_netlink.c en el kernel de Linux en versiones anteriores a 4.6.3 permite a usuarios l... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=92964c79b357efd980812c4de5c1fd2ec8bb5520 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-415: Double Free CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9756 – Ubuntu Security Notice USN-3170-1
https://notcve.org/view.php?id=CVE-2016-9756
28 Dec 2016 — arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. arch/x86/kvm/emulate.c en el kernel de Linux en versiones anteriores a 4.8.12 no inicializa adecuadamente Code Segment (CS) en ciertos casos de error, lo que permite a usuarios locales obtener información sensible del kernel de memoria de pila a través de una aplicación mani... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2117d5398c81554fbf803f5fd1dc55eb78216c0c • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2012-6704
https://notcve.org/view.php?id=CVE-2012-6704
28 Dec 2016 — The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option. La función sock_setsockopt en net/core/sock.c en el kernel de Linux en versiones anteriores a 3.5 no maneja adecuadam... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82981930125abfd39d7c8378a9cfdf5e1be2002b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6213 – kernel: Overflowing kernel mount table using shared bind mount
https://notcve.org/view.php?id=CVE-2016-6213
20 Dec 2016 — fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service (memory consumption and deadlock) via MS_BIND mount system calls, as demonstrated by a loop that triggers exponential growth in the number of mounts. fs/namespace.c en el kernel de Linux en versiones anteriores a 4.9 no restringe la cantidad de montajes que pueden existir en un espacio de nombre del montaje, lo que permite a usuarios locales pr... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d29216842a85c7970c536108e093963f02714498 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8966 – Ubuntu Security Notice USN-3360-1
https://notcve.org/view.php?id=CVE-2015-8966
08 Dec 2016 — arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system call. arch/arm/kernel/sys_oabi-compat.c en el kernel de Linux en versiones anteriores a 4.4 permite a usuarios locales obtener privilegios a través de un comando (1) F_OFD_GETLK, (2) F_OFD_SETLK o (3) F_OFD_SETLKW manipulado en una llamada de sistema fcntl64. It was discovered that the Linux kernel did not prop... • http://source.android.com/security/bulletin/2016-12-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-9120
https://notcve.org/view.php?id=CVE-2016-9120
08 Dec 2016 — Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by calling ION_IOC_FREE on two CPUs at the same time. Condición de carrera en la función ion_ioctl en drivers/staging/android/ion/ion.c en el kernel de Linux en versiones anteriores a 4.6 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (uso después de liberación de memoria) llamand... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9590232bb4f4cc824f3425a6e1349afbe6d6d2b7 • CWE-264: Permissions, Privileges, and Access Controls CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2015-8967 – Ubuntu Security Notice USN-3360-1
https://notcve.org/view.php?id=CVE-2015-8967
08 Dec 2016 — arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileges, by leveraging write access. arch/arm64/kernel/sys.c en el kernel de Linux en versiones anteriores a 4.0 permiten a usuarios locales eludir el mecanismo de protección de "permisos de página estricta" y modificar la tabla de llamadas del sistema, y consecuentemente obtener privilegios, aprovechando el acceso d... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c623b33b4e9599c6ac5076f7db7369eb9869aa04 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-9919 – Ubuntu Security Notice USN-3170-2
https://notcve.org/view.php?id=CVE-2016-9919
08 Dec 2016 — The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet. La función icmp6_send en net/ipv6/icmp.c en el kernel de Linux hasta la versión 4.8.12 omite una cierta comprobación de la estructura de datos dst, lo que permite a atacantes remotos provocar una denegación de servicio (pánico) a través de un paquete IPv6 fragmentado. Andrey Konovalov di... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 10CVE-2016-8655 – Linux 4.4.0 < 4.4.0-53 - 'AF_PACKET chocobo_root' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-8655
06 Dec 2016 — Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions. Condición de carrera en net/packet/af_packet.c en el kernel de Linux hasta la versión 4.8.12 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (uso después de liberación de memoria) ap... • https://packetstorm.news/files/id/140063 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 10.0EPSS: 43%CPEs: 7EXPL: 0CVE-2016-9555 – kernel: Slab out-of-bounds access in sctp_sf_ootb()
https://notcve.org/view.php?id=CVE-2016-9555
28 Nov 2016 — The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data. La función sctp_sf_ootb en net/sctp/sm_statefuns.c en el kernel Linux en versiones anteriores a 4.8.8 carece de comprobación de longitud de fragmento para el primer fragmento, lo que permite a atacantes remotos provocar una d... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bf911e985d6bbaa328c20c3e05f4eb03de11fdd6 • CWE-125: Out-of-bounds Read •