Page 509 of 2891 results (0.022 seconds)

CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32872662. • http://www.securityfocus.com/bid/96047 http://www.securitytracker.com/id/1037798 https://source.android.com/security/bulletin/2017-02-01.html https://www.codeaurora.org/possible-integer-overflow-buffer-overflow-qcanl80211vendorsubcmdextscansetsignificantchange-cve-2017 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call. La función aio_mount en fs/aio.c en el kernel de Linux en versiones anteriores a 4.7.7 no restringe adecuadamente el acceso de ejecución, lo que facilita a usuarios locales eludir restricciones de política destinadas SELinux W^X, y consecuentemente obtener privilegios, a través de una llamada de sistema io_setup. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=22f6b4d34fcf039c63a94e7670e0da24f8575a5a http://source.android.com/security/bulletin/2017-02-01.html http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.7 http://www.securityfocus.com/bid/96122 http://www.securitytracker.com/id/1037798 https://github.com/torvalds/linux/commit/22f6b4d34fcf039c63a94e7670e0da24f8575a5a • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0

The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097. La función simple_set_acl en fs/posix_acl.c en el kernel de Linux en versiones anteriores a 4.9.6 preserva el bit setgid durante una llamada setxattr que implica un sistema de archivos tmpfs, lo que permite a usuarios locales obtener privilegios de grupo aprovechando la existencia de un programa setgid con restricciones sobre los permisos de ejecución. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2016-7097. A vulnerability was found in the Linux kernel in 'tmpfs' file system. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=497de07d89c1410d76a15bec2bb41f24a2a89f31 http://www.debian.org/security/2017/dsa-3791 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.6 http://www.openwall.com/lists/oss-security/2017/01/21/3 http://www.securityfocus.com/bid/95717 http://www.securitytracker.com/id/1038053 https://bugzilla.redhat.com/show_bug.cgi?id=1416126 https://github.com/torvalds/linux/commit/497de07d89c1410d76a15bec2bb41f24a2a89f31 • CWE-287: Improper Authentication •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references. La función nested_vmx_check_vmptr en arch/x86/kvm/vmx.c en el kernel de Linux hasta la versión 4.9.8 emula indebidamente la instrucción VMXON, lo que permite a usuarios del SO invitado KVM L1 provocar una denegación de servicio (consumo de memoria del SO anfitrión) aprovechando el manejo incorrecto de referencia de páginas. Linux kernel built with the KVM visualization support (CONFIG_KVM), with nested visualization(nVMX) feature enabled(nested=1), is vulnerable to host memory leakage issue. It could occur while emulating VMXON instruction in 'handle_vmon'. An L1 guest user could use this flaw to leak host memory potentially resulting in DoS. • http://www.debian.org/security/2017/dsa-3791 http://www.openwall.com/lists/oss-security/2017/01/31/4 http://www.securityfocus.com/bid/95878 https://access.redhat.com/errata/RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:2077 https://bugzilla.redhat.com/show_bug.cgi?id=1417812 https://access.redhat.com/security/cve/CVE-2017-2596 • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel before 4.9.5 places uninitialized heap-memory contents into a log entry upon a failure to read the line status, which allows local users to obtain sensitive information by reading the log. La función klsi_105_get_line_state en drivers/usb/serial/kl5kusb105.c en el kernel de Linux en versiones anteriores a 4.9.5 coloca los contenidos de memoria de pila no inicializados en una entrada de registro sobre un fallo para leer el estado de la línea, lo que permite a usuarios locales obtener información sensible leyendo el registro. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=146cc8a17a3b4996f6805ee5c080e7101277c410 http://www.debian.org/security/2017/dsa-3791 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5 http://www.openwall.com/lists/oss-security/2017/01/21/3 http://www.securityfocus.com/bid/95715 https://bugzilla.redhat.com/show_bug.cgi?id=1416114 https://github.com/torvalds/linux/commit/146cc8a17a3b4996f6805ee5c080e7101277c410 https://usn.ubuntu.com/3754-1 • CWE-532: Insertion of Sensitive Information into Log File •