CVSS: 8.4EPSS: 0%CPEs: 6EXPL: 0CVE-2014-3182 – Kernel: HID: logitech-dj OOB array access
https://notcve.org/view.php?id=CVE-2014-3182
28 Sep 2014 — Array index error in the logi_dj_raw_event function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (invalid kfree) via a crafted device that provides a malformed REPORT_TYPE_NOTIF_DEVICE_UNPAIRED value. Error en el indice del arry en la función logi_dj_raw_event en drivers/hid/hid-logitech-dj.c en el kernel de Linux anterior a 3.16.2 permite a atacantes físicamente próximos ejecutar código arbitr... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3e14d7c5268c2e24477c6ef54bbdf88add5d36 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3183
https://notcve.org/view.php?id=CVE-2014-3183
28 Sep 2014 — Heap-based buffer overflow in the logi_dj_ll_raw_request function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that specifies a large report size for an LED report. Desbordamiento de buffer basado en memoria dinámica en la función logi_dj_ll_raw_request en drivers/hid/hid-logitech-dj.c en el kernel de Linux anterior a 3.16.2 permite a atacantes físic... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=51217e69697fba92a06e07e16f55c9a52d8e8945 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3184 – Kernel: HID: off by one error in various _report_fixup routines
https://notcve.org/view.php?id=CVE-2014-3184
28 Sep 2014 — The report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c. Las funciones report_fixup en el subsistema HID en el kernel de Linux anterior a ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ab25786c87eb20857bbb715c3ae34ec8fd6a214 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error •
CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0CVE-2014-3185 – Kernel: USB serial: memory corruption flaw
https://notcve.org/view.php?id=CVE-2014-3185
28 Sep 2014 — Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response. Múltiples desbordamientos de buffer en la función command_port_read_callback en drivers/usb/serial/... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6817ae225cd650fb1c3295d769298c38b1eba818 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2014-3186 – Kernel: HID: memory corruption via OOB write
https://notcve.org/view.php?id=CVE-2014-3186
28 Sep 2014 — Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that sends a large report. Desbordamiento de buffer en la función picolcd_raw_event en devices/hid/hid-picolcd_core.c en el controlador de dispositivos PicoLCD HID en el kernel de Li... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=844817e47eef14141cf59b8d5ac08dd11c0a9189 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2012-6657 – Kernel: net: guard tcp_set_keepalive against crash
https://notcve.org/view.php?id=CVE-2012-6657
28 Sep 2014 — The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket. La función sock_setsockopt en net/core/sock.c en el kernel de Linux anterior a 3.5.7 no asegura que una acción keepalive está asociada con un socket de flujo, lo que permite a usuarios locales causar una denegación de servicio (caída de... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3e10986d1d698140747fcfc2761ec9cb64c1d582 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2014-7145 – Kernel: cifs: NULL pointer dereference in SMB2_tcon
https://notcve.org/view.php?id=CVE-2014-7145
28 Sep 2014 — The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals. La función SMB2_tcon en fs/cifs/smb2pdu.c en el kernel de Linux anterior a 3.16.3 permite a servidores remotos CIFS causar una denegación de servicio (referencia a puntero nulo y caída del sistema cliente) o posiblemente t... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=18f39e7be0121317550d03e267e3ebd4dbfbb3ce • CWE-399: Resource Management Errors CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 1CVE-2014-6410 – kernel: udf: Avoid infinite loop when processing indirect ICBs
https://notcve.org/view.php?id=CVE-2014-6410
28 Sep 2014 — The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UDF filesystem with a crafted inode. La función __udf_read_inode en fs/udf/inode.c en el kernel de Linux hasta 3.16.3 no restringe la cantidad de indirección ICB, lo que permite a atacantes físicamente próximos causar una denegación de servicio (bucle infinito o c... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c03aa9f6e1f938618e6db2e23afef0574efeeb65 • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 2%CPEs: 8EXPL: 3CVE-2014-6416
https://notcve.org/view.php?id=CVE-2014-6416
28 Sep 2014 — Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a long unencrypted auth ticket. Desbordamiento de buffer en net/ceph/auth_x.c en Ceph, utilizado en el kernel de Linux anterior a 3.16.3, permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y panic) o posiblemente tener otro impacto no especificado a través de ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c27a3e4d667fdcad3db7b104f75659478e0c68d8 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 3%CPEs: 5EXPL: 1CVE-2014-6417
https://notcve.org/view.php?id=CVE-2014-6417
28 Sep 2014 — net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly consider the possibility of kmalloc failure, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a long unencrypted auth ticket. net/ceph/auth_x.c en Ceph, utilizado en el kernel de Linux anterior a 3.16.3, no considera debidamente la posibilidad de fallos de kmalloc, lo que permite a atacantes remotos causar una denegación de servicio (caída del sistema... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c27a3e4d667fdcad3db7b104f75659478e0c68d8 • CWE-399: Resource Management Errors •