CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5340
https://notcve.org/view.php?id=CVE-2016-5340
07 Aug 2016 — The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name. La función is_ashmem_file en drivers/staging/android/ashmem.c en un cierto parche Qualcomm Innovation Center (QuIC) Android para el kernel de Linux 3.x no maneja adecuadamente validac... • http://source.android.com/security/bulletin/2016-10-01.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2064
https://notcve.org/view.php?id=CVE-2016-2064
07 Aug 2016 — sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted application that makes an ioctl call specifying many commands. sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c en el controlador de audio MSM QDSP6 para el kernel de Linux 3.x, como se... • http://www.securityfocus.com/bid/92375 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-0568
https://notcve.org/view.php?id=CVE-2015-0568
07 Aug 2016 — Use-after-free vulnerability in the msm_set_crop function in drivers/media/video/msm/msm_camera.c in the MSM-Camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (memory corruption) via an application that makes a crafted ioctl call. Vulnerabilidad de uso después de liberación de memoria en la función msm_set_crop en drivers/media/video/msm/msm_camera.c e... • https://github.com/betalphafai/CVE-2015-0568 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9410
https://notcve.org/view.php?id=CVE-2014-9410
07 Aug 2016 — The vfe31_proc_general function in drivers/media/video/msm/vfe/msm_vfe31.c in the MSM-VFE31 driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate a certain id value, which allows attackers to gain privileges or cause a denial of service (memory corruption) via an application that makes a crafted ioctl call. La función vfe31_proc_general en drivers/media/video/msm/vfe/msm_vfe31.c en el controlador MSM-VFE31 pa... • https://www.codeaurora.org/security-advisory/multiple-issues-in-camera-drivers-cve-2014-9410-cve-2015-0568 • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5400 – Ubuntu Security Notice USN-3070-1
https://notcve.org/view.php?id=CVE-2016-5400
06 Aug 2016 — Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumption) via a crafted USB device that emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV devices and performs many connect and disconnect operations. Pérdida de memoria en la función airspy_probe en drivers/media/usb/airspy/airspy.c en el controlador USB airspy en el kernel de Linux en versiones anteriores a 4.7 permite ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa93d1fee85c890a34f2510a310e55ee76a27848 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6162
https://notcve.org/view.php?id=CVE-2016-6162
06 Aug 2016 — net/core/skbuff.c in the Linux kernel 4.7-rc6 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via certain IPv6 socket operations. net/core/skbuff.c en el kernel de Linux 4.7-rc6 permite a usuarios locales provocar una denegación de servicio (pánico) o posiblemente tener otro impacto no especificado a través de ciertas operaciones socket IPv6. • http://www.openwall.com/lists/oss-security/2016/07/05/8 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2016-6187 – Linux Kernel < 4.5.1 - Off-By-One (PoC)
https://notcve.org/view.php?id=CVE-2016-6187
06 Aug 2016 — The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor setprocattr hook. La función apparmor_setprocattr en security/apparmor/lsm.c en el kernel de Linux en versiones anteriores a 4.6.5 no valida el tamaño de búfer, lo que permite a usuarios locales obtener privilegios desencadenando un gancho AppArmor setprocattr. • https://www.exploit-db.com/exploits/44301 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-6197 – kernel: overlayfs: missing upper dentry verification before unlink and rename
https://notcve.org/view.php?id=CVE-2016-6197
06 Aug 2016 — fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink. fs/overlayfs/dir.c en la implementación del sistema de archivos OverlayFS en el kernel de Linux en versiones anteriores a 4.6 no verifica adecuadamente la dentry superior antes de proced... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185 • CWE-20: Improper Input Validation CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.8EPSS: 0%CPEs: 4EXPL: 5CVE-2016-5696 – kernel: challenge ACK counter information disclosure.
https://notcve.org/view.php?id=CVE-2016-5696
06 Aug 2016 — net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack. net/ipv4/tcp_input.c en el kernel de Linux en versiones anteriores a 4.7 no determina adecuadamente la tasa de segmentos de desafío ACK, lo que facilita a atacantes remotos secuestrar sesiones TCP a través de un ataque ciego en ventana. It was found that the RFC 5961 challenge ACK rate limiting as i... • https://github.com/Gnoxter/mountain_goat • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2016-3841 – kernel: use-after-free via crafted IPV6 sendmsg for raw / tcp / udp / l2tp sockets.
https://notcve.org/view.php?id=CVE-2016-3841
06 Aug 2016 — The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call. La pila IPv6 en el kernel de Linux en versiones anteriores a 4.3.3 no maneja adecuadamente datos de las opciones, lo que permite a usuarios locales obtener privilegios o provocar una denegación de servicio (uso después de liberación y caída de sistema) a través de una llamada al sistema sendmsg m... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=45f6fad84cc305103b28d73482b344d7f5b76f39 • CWE-264: Permissions, Privileges, and Access Controls CWE-416: Use After Free CWE-667: Improper Locking •