CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4568 – Ubuntu Security Notice USN-3161-2
https://notcve.org/view.php?id=CVE-2016-4568
23 May 2016 — drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a crafted number of planes in a VIDIOC_DQBUF ioctl call. drivers/media/v4l2-core/videobuf2-v4l2.c en el kernel de Linux en versiones anteriores a 4.5.3 permite a usuarios locales provocar una denegación de servicio (operación de escritura en la memoria del kernel) o posiblemente tener otro impacto no especifica... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c1f6951a8a82e6de0d82b1158b5e493fc6c54ab • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2016-4951 – Ubuntu Security Notice USN-3016-4
https://notcve.org/view.php?id=CVE-2016-4951
23 May 2016 — The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kernel through 4.6 does not verify socket existence, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a dumpit operation. La función tipc_nl_publ_dump en net/tipc/socket.c en el kernel de Linux hasta la versión 4.6 no verifica la existencia del socket, lo que permite a usuarios locales provocar una denegación de servicio (referencia a puntero NULL y ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=45e093ae2830cd1264677d47ff9a95a71f5d9f9c •
CVSS: 6.2EPSS: 0%CPEs: 21EXPL: 0CVE-2016-4482 – Ubuntu Security Notice USN-3016-4
https://notcve.org/view.php?id=CVE-2016-4482
23 May 2016 — The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call. La función proc_connectinfo en drivers/usb/core/devio.c en el kernel de Linux hasta la versión 4.6 no inicializa una estructura de datos determinada, lo que permite a usuarios locales obtener información sensible del kernel de memoria de pila a tr... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=681fef8380eb818c0b845fca5d2ab1dcbab114ee • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 2CVE-2016-4578 – Linux Kernel 4.4 (Ubuntu 16.04) - 'snd_timer_user_ccallback()' Kernel Pointer Leak
https://notcve.org/view.php?id=CVE-2016-4578
23 May 2016 — sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions. sound/core/timer.c en el kernel de Linux hasta la versión 4.6 no inicializa determinadas estructuras de datos r1, lo que permite a usuarios locales obtener información sensible del kernel de memori... • https://packetstorm.news/files/id/152031 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2016-4565 – kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko
https://notcve.org/view.php?id=CVE-2016-4565
23 May 2016 — The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface. La memoria de pila InfiniBand (también conocida como IB) en el kernel de Linux en versiones anteriores a 4.5.3 confía incorrectamente en llamadas al sistema de escritura, lo que permite a usuarios locales provocar una denegación de servicio (operación de... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2016-4913 – kernel: Information leak when handling NM entries containing NUL
https://notcve.org/view.php?id=CVE-2016-4913
23 May 2016 — The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem. La función get_rock_ridge_filename en fs/isofs/rock.c en el kernel de Linux en versiones anteriores a 4.5.5 no maneja correctamente entradas NM (también conocidas como alternate name) que contienen caract... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99d825822eade8d827a1817357cbf3f889a552d6 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3713 – Ubuntu Security Notice USN-2979-2
https://notcve.org/view.php?id=CVE-2016-3713
16 May 2016 — The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash), via a crafted ioctl call. La función msr_mtrr_valid en arch/x86/kvm/mtrr.c en el kernel de Linux en versiones anteriores a 4.6.1 sostiene MSR 0x2f8, lo que permite a usuarios invitados del sistema operativo leer o escribir en la estruc... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9842df62004f366b9fed2423e24df10542ee0dc5 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2016-0758 – kernel: tags with indefinite length can corrupt pointers in asn1_find_indefinite_length()
https://notcve.org/view.php?id=CVE-2016-0758
12 May 2016 — Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data. Desbordamiento de entero en lib/asn1_decoder.c en el kernel de Linux en versiones anteriores a 4.6 permite a usuarios locales obtener privilegios a través de datos ASN.1 manipulados. A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 c... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0570
https://notcve.org/view.php?id=CVE-2015-0570
09 May 2016 — Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that uses a long WPS IE element. Desbordamiento de buffer basado en pila en la implementación de SET_WPS_IE IOCTL en wlan_hdd_hostapd.c en el controlador WLAN (también conocido como Wi-Fi) para... • http://source.android.com/security/bulletin/2016-05-01.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0571
https://notcve.org/view.php?id=CVE-2015-0571
09 May 2016 — The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to gain privileges via a crafted application, related to wlan_hdd_hostapd.c and wlan_hdd_wext.c. El controlador WLAN (también conocido como Wi-Fi) para el kernel de Linux 3.x y 4.x, según se utiliza en Qualcomm Innovation Center (QuIC) Android contributions for MSM... • http://source.android.com/security/bulletin/2016-05-01.html • CWE-862: Missing Authorization •