CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0CVE-2016-9644 – Ubuntu Security Notice USN-3161-4
https://notcve.org/view.php?id=CVE-2016-9644
28 Nov 2016 — The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 through 4.4.28 contains extended asm statements that are incompatible with the exception table, which allows local users to obtain root access on non-SMEP platforms via a crafted application. NOTE: this vulnerability exists because of incorrect backporting of the CVE-2016-9178 patch to older kernels. El macro __get_user_asm_ex en arch/x86/include/asm/uaccess.h en el kernel Linux 4.4.22 hasta la versión 4.4.28 contiene d... • http://www.openwall.com/lists/oss-security/2016/11/07/4 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9084 – kernel: Integer overflow when using kzalloc in vfio driver
https://notcve.org/view.php?id=CVE-2016-9084
28 Nov 2016 — drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file. drivers/vfio/pci/vfio_pci_intrs.c en el kernel Linux hasta la versión 4.8.11 usa de forma incorrecta la función kzalloc, lo que permite a usuarios locales provocar una denegación de servicio (desbordamiento de entero) o tener otro posible impacto no especific... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05692d7005a364add85c6e25a6c4447ce08f913a • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8646 – kernel: Oops in shash_async_export()
https://notcve.org/view.php?id=CVE-2016-8646
28 Nov 2016 — The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data. La función hash_accept en crypto/algif_hash.c en el kernel Linux en versiones anteriores a 4.3.6 permite a usuarios locales provocar una denegación de servicio (OOPS) intentando desencadenar el uso de algoritmos hash in-kernel para un enchufe que ha recibido cero byt... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4afa5f9617927453ac04b24b584f6c718dfb4f45 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8964 – Ubuntu Security Notice USN-3161-2
https://notcve.org/view.php?id=CVE-2015-8964
16 Nov 2016 — The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure. La función tty_set_termios_ldisc en drivers/tty/tty_ldisc.c enel kernel de Linux en versiones anteriores a 4.5 permite a los usuarios locales obtener información sensible de la memoria del kernel mediante la lectura de una estructura de datos tty. It was discovered that the Linux kernel did not properly initialize ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd42bf1197144ede075a9d4793123f7689e164bc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7914 – kernel: assoc_array: don't call compare_object() on a node
https://notcve.org/view.php?id=CVE-2016-7914
16 Nov 2016 — The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an application that uses associative-array data structures, as demonstrated by the keyutils test suite. La función assoc_array_insert_into_terminal_node en lib/assoc_array.c en el kernel de Linux en versi... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8d4a2ec1e0b41b0cf9a0c5cd4511da7f8e4f3de2 • CWE-125: Out-of-bounds Read CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 2CVE-2016-7910 – kernel: Use after free in seq file
https://notcve.org/view.php?id=CVE-2016-7910
16 Nov 2016 — Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed. Vulnerabilidad de uso después de liberación de memoria en la función disk_seqf_stop en block/genhd.c en el kernel de Linux en versiones anteriores a 4.7.1 permite a usuarios locales obtener privilegios aprovechando la ejecución de una cierta operación de... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77da160530dd1dc94f6ae15a981f24e5f0021e84 • CWE-416: Use After Free •
CVSS: 7.6EPSS: 0%CPEs: 4EXPL: 0CVE-2015-8963 – Ubuntu Security Notice USN-3360-1
https://notcve.org/view.php?id=CVE-2015-8963
16 Nov 2016 — Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation. Condición de carrera en la funcionalidad kernel/events/core.c en el kernel de Linux en versiones anteriores a 4.4 permite a los usuarios locales obtener privilegios o provocar una denegación de servicio al utilizar un manejo incorrecto de una estructura de datos de... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=12ca6ad2e3a896256f086497a7c7406a547ee373 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7915 – kernel: HID: core: prevent out-of-bound readings
https://notcve.org/view.php?id=CVE-2016-7915
16 Nov 2016 — The hid_input_field function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device, as demonstrated by a Logitech DJ receiver. La función hid_input_field en drivers/hid/hid-core.c en el kernel de Linux en versiones anteriores a 4.6 Permite que atacantes físicamente próximos obtengan información sensible de la memoria del núcleo o causen una dene... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=50220dead1650609206efe91f0cc116132d59b3f • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2016-7913 – kernel: media: use-after-free in [tuner-xc2028] media driver
https://notcve.org/view.php?id=CVE-2016-7913
16 Nov 2016 — The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure. La función xc2028_set_config en drivers/media/tuners/tuner-xc2028.c en el kernel de Linux en versiones anteriores a 4.6 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (uso después de liberación de memoria) ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8dfbcc4351a0b6d2f2d77f367552f48ffefafe18 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2015-8962 – Ubuntu Security Notice USN-3360-1
https://notcve.org/view.php?id=CVE-2015-8962
16 Nov 2016 — Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call. Vulnerabilidad de liberación doble en la función sg_common_write en drivers/scsi/sg.c en el kernel de Linux en versiones anteriores a 4.4 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (corrupción de memoria y ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3951a3709ff50990bf3e188c27d346792103432 • CWE-415: Double Free •