CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6327 – kernel: infiniband: Kernel crash by sending ABORT_TASK command
https://notcve.org/view.php?id=CVE-2016-6327
drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an ABORT_TASK command to abort a device write operation. drivers/infiniband/ulp/srpt/ib_srpt.c en el kernel de Linux en versiones anteriores a 4.5.1 permite a usuarios locales provocar una denegación de servicio (referencia a puntero NULL y caída de sistema) usando un comando ABORT_TASK para abortar una operación de escritura de dispositivo. System using the infiniband support module ib_srpt were vulnerable to a denial of service by system crash by a local attacker who is able to abort writes to a device using this initiator. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=51093254bf879bc9ce96590400a87897c7498463 http://rhn.redhat.com/errata/RHSA-2016-2574.html http://rhn.redhat.com/errata/RHSA-2016-2584.html http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1 http://www.openwall.com/lists/oss-security/2016/08/19/5 http://www.securityfocus.com/bid/92549 https://bugzilla.redhat.com/show_bug.cgi?id=1354525 https://github.com/torvalds/linux/commit/51093254bf879bc9c • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8952
https://notcve.org/view.php?id=CVE-2015-8952
The mbcache feature in the ext2 and ext4 filesystem implementations in the Linux kernel before 4.6 mishandles xattr block caching, which allows local users to cause a denial of service (soft lockup) via filesystem operations in environments that use many attributes, as demonstrated by Ceph and Samba. La funcionalidad mbcache en las implementaciones del sistema de archivos ext2 y ext4 en el kernel de Linux en versiones anteriores a 4.6 no maneja adecuadamente bloque de almacenamiento en caché xattr, lo que permite a usuarios locales provocar una denegación de servicio (bloqueo débil) a través de operaciones de sistema de archivos en entornos que usan muchos atributos, como se demuestra por Ceph y Samba. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82939d7999dfc1f1998c4b1c12e2f19edbdff272 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=be0726d33cb8f411945884664924bed3cb8c70ee http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f9a61eb4e2471c56a63cd804c7474128138c38ac http://www.openwall.com/lists/oss-security/2016/08/22/2 http://www.openwall.com/lists/oss-security/2016/08/25/4 https://bugzilla.kernel.org/show_bug.cgi?id=10 • CWE-19: Data Processing Errors •
CVSS: 7.8EPSS: 8%CPEs: 5EXPL: 0CVE-2016-8666 – kernel: Remotely triggerable recursion in GRE code leading to kernel crash
https://notcve.org/view.php?id=CVE-2016-8666
The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039. La pila IP en el kernel de Linux en versiones anteriores a 4.6 permite a atacantes remotos provocar una denegación de servicio (consumo de pila y pánico) o tener otro posible impacto no especificado desencadenando uso de la ruta GRO para paquetes con apilamiento en túnel, como se demuestra por cabeceras IPv4 y cabeceras GRE intercaladas, un problema relacionado con CVE-2016-7039. A flaw was found in the way the Linux kernel's networking subsystem handled offloaded packets with multiple layers of encapsulation in the GRO (Generic Receive Offload) code path. A remote attacker could use this flaw to trigger unbounded recursion in the kernel that could lead to stack corruption, resulting in a system crash. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fac8e0f579695a3ecbc4d3cac369139d7f819971 http://rhn.redhat.com/errata/RHSA-2016-2047.html http://rhn.redhat.com/errata/RHSA-2016-2107.html http://rhn.redhat.com/errata/RHSA-2016-2110.html http://rhn.redhat.com/errata/RHSA-2017-0004.html http://www.openwall.com/lists/oss-security/2016/10/13/11 http://www.securityfocus.com/bid/93562 https://access.redhat.com/errata/RHSA-2017:0372 https://bto.bluec • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •
CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0CVE-2015-8955
https://notcve.org/view.php?id=CVE-2015-8955
arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW PMUs. arch/arm64/kernel/perf_event.c en el kernel de Linux en versiones anteriores a 4.1 en plataformas arm64 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (puntero de referencia no valido) a través de vectores relacionados con eventos que son manejados incorrectamente durante un lapso de múltiples HW PMUs. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8fff105e13041e49b82f92eef034f363a6b1c071 http://source.android.com/security/bulletin/2016-10-01.html http://www.securityfocus.com/bid/93314 https://github.com/torvalds/linux/commit/8fff105e13041e49b82f92eef034f363a6b1c071 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0572
https://notcve.org/view.php?id=CVE-2015-0572
Multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c in the ADSPRPC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (zero-value write) or possibly have unspecified other impact via a COMPAT_FASTRPC_IOCTL_INVOKE_FD ioctl call. Múltiples condiciones de carrera en drivers/char/adsprpc.c y drivers/char/adsprpc_compat.c en el driver ADSPRPC para el kernel de Linux 3.x, como es usado en contribuciones Qualcomm Innovation Center (QuIC) Android para dispositivos MSM y otros productos, permiten a atacantes provocar una denegación de servicio (escritura de valor cero) o tener otro posible impacto no especificado a través de una llamada ioctl COMPAT_FASTRPC_IOCTL_INVOKE_FD. • http://source.android.com/security/bulletin/2016-10-01.html http://www.securityfocus.com/bid/93312 https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=34ad3d34fbff11b8e1210b9da0dac937fb956b61 https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=8fb32c3a8147b82e2bb159b3f70d803c9e68899b https://www.codeaurora.org/race-condition-leading-arbitrary-null-write-adsp-using-ioctl-compatfastrpcioctlinvokefd-cve-2015 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •