Page 504 of 2742 results (0.025 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent. La función mpi_powm en lib/mpi/mpi-pow.c en el kernel Linux hasta la versión 4.8.11 no se asegura que la memoria esté alojada para datos limb, lo que permite a usuarios locales provocar una denegación de servicio (corrupción de memoria de pila y pánico) a través de una llamada de sistema add_key para una llave RSA con un componente cero. A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5527fffff3f002b0a6b376163613b82f69de073 http://seclists.org/fulldisclosure/2016/Nov/76 http://www.openwall.com/lists/oss-security/2016/11/24/8 http://www.securityfocus.com/bid/94532 http://www.securitytracker.com/id/1037968 https://access.redhat.com/errata/RHSA-2017:0931 https://access.redhat.com/errata/RHSA-2017:0932 https://access.redhat.com/errata/RHSA-2017:0933 https://access.redhat.com/errata/RHSA- • CWE-20: Improper Input Validation CWE-399: Resource Management Errors CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data. La función hash_accept en crypto/algif_hash.c en el kernel Linux en versiones anteriores a 4.3.6 permite a usuarios locales provocar una denegación de servicio (OOPS) intentando desencadenar el uso de algoritmos hash in-kernel para un enchufe que ha recibido cero bytes de datos. A vulnerability was found in the Linux kernel. An unprivileged local user could trigger oops in shash_async_export() by attempting to force the in-kernel hashing algorithms into decrypting an empty data set. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4afa5f9617927453ac04b24b584f6c718dfb4f45 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.6 http://www.openwall.com/lists/oss-security/2016/11/15/2 http://www.securityfocus.com/bid/94309 https://access.redhat.com/errata/RHSA-2017:1297 https://access.redhat.com/errata/RHSA-2017:1298 https://access.redhat.com/errata/RHSA-2017:1308 https://bugzilla.redhat.com/show_bug.cgi?id=1388821 https: • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file. drivers/vfio/pci/vfio_pci_intrs.c en el kernel Linux hasta la versión 4.8.11 usa de forma incorrecta la función kzalloc, lo que permite a usuarios locales provocar una denegación de servicio (desbordamiento de entero) o tener otro posible impacto no especificado aprovechando el acceso al archivo de dispositivo vfio PCI. The use of a kzalloc with an integer multiplication allowed an integer overflow condition to be reached in vfio_pci_intrs.c. This combined with CVE-2016-9083 may allow an attacker to craft an attack and use unallocated memory, potentially crashing the machine. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05692d7005a364add85c6e25a6c4447ce08f913a http://rhn.redhat.com/errata/RHSA-2017-0386.html http://rhn.redhat.com/errata/RHSA-2017-0387.html http://www.openwall.com/lists/oss-security/2016/10/26/11 http://www.securityfocus.com/bid/93930 https://bugzilla.redhat.com/show_bug.cgi?id=1389259 https://github.com/torvalds/linux/commit/05692d7005a364add85c6e25a6c4447ce08f913a https://patchwork.kernel.org/patch/9373631 https:/&#x • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability. La función tipc_msg_build en net/tipc/msg.c en el kernel Linux hasta la versión 4.8.11 no valida la relación entre la longitud mínima de fragmento y el tamaño máximo de paquete, lo que permite a usuarios locales obtener privilegios o provocar una denegación de servicio (desbordamiento de búfer basado en memoria dinámica) aprovechando la capacidad CAP_NET_ADMIN. • http://www.openwall.com/lists/oss-security/2016/11/08/5 http://www.securityfocus.com/bid/94211 https://bugzilla.redhat.com/show_bug.cgi?id=1390832 https://www.mail-archive.com/netdev%40vger.kernel.org/msg133205.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application, as demonstrated by trinity. La implementación offline cgroup en el kernel Linux hasta la versión 4.8.11 maneja incorrectamente ciertas operaciones drain, lo que permite a usuarios locales provocar una denegación de servicio (colgado de sistema) aprovechando el acceso al contenedor de ambiente para ejecutar una aplicación manipulada, como es demostrado por trinity. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93362fa47fe98b62e4a34ab408c4a418432e7939 http://www.debian.org/security/2017/dsa-3791 http://www.openwall.com/lists/oss-security/2016/11/05/4 http://www.securityfocus.com/bid/94129 https://bugzilla.redhat.com/show_bug.cgi?id=1392439 https://github.com/torvalds/linux/commit/93362fa47fe98b62e4a34ab408c4a418432e7939 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03802en_us • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •