Page 529 of 2716 results (0.024 seconds)

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-1093

https://notcve.org/view.php?id=CVE-2018-1093

The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers. La función ext4_valid_block_bitmap en fs/ext4/balloc.c en el kernel de Linux hasta la versión 4.15.15 permite que los atacantes provoquen un denegación de servicio (lectura fuera de límites y cierre inesperado del sistema) mediante una imagen ext4 manipulada dado que balloc.c y ialloc.c no validan los números de los bloques de mapa de bits. • http://openwall.com/lists/oss-security/2018/03/29/1 https://bugzilla.kernel.org/show_bug.cgi?id=199181 https://bugzilla.redhat.com/show_bug.cgi?id=1560782 https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=7dac4a1726a9c64a517d595c40e95e2d0d135f6f https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html https:// • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0

CVE-2018-8822

https://notcve.org/view.php?id=CVE-2018-8822

Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the kernel or execute code. Manipulación incorrecta de longitud de búfer en la función ncp_read_kernel en fs/ncpfs/ncplib_kernel.c en el kernel de Linux hasta la versión 4.15.11 y en drivers/staging/ncpfs/ncplib_kernel.c en el kernel de Linux 4.16-rc hasta 4.16-rc6 podría ser explotada por servidores NCPFS maliciosos para cerrar inesperadamente el kernel o ejecutar código. • http://www.openwall.com/lists/oss-security/2022/12/27/3 http://www.securityfocus.com/bid/103476 https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html https://usn.ubuntu.com/3653-1 https://usn.ubuntu.com/3653-2 https://usn.ubuntu.com/3654-1 https://usn.ubuntu.com/3654-2 https://usn.ubuntu.com/3655-1 https://usn.ubuntu.com/3655-2 https://usn.ubuntu.com/3656-1 https://usn.ubuntu.com/3657-1 https://www.debian.org/security/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.1EPSS: 0%CPEs: 23EXPL: 0

CVE-2018-1068 – kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c

https://notcve.org/view.php?id=CVE-2018-1068

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory. Se ha encontrado un error en la implementación de la interfaz syscall de 32 bits para puentes de red (bridging) en el kernel de las versiones 4.x de Linux. Esto permitía que un usuario privilegiado escribiese de forma arbitraria en un rango limitado de memoria del kernel. A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging. • http://www.securityfocus.com/bid/103459 https://access.redhat.com/errata/RHSA-2018:1318 https://access.redhat.com/errata/RHSA-2018:1355 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1190 https://access.redhat.com/errata/RHSA-2019:4159 https://bugzilla.redhat.com/show_bug.cgi?id=1552048 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b71812168571fa55 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18232 – kernel: Mishandling mutex within libsas allowing local Denial of Service

https://notcve.org/view.php?id=CVE-2017-18232

The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code. La implementación SAS (Serial Attached SCSI) en el kernel de Linux, hasta la versión 4.15.9, gestiona de manera incorrecta un mutex en libsas. Esto permite que usuarios locales provoquen una denegación de servicio (deadlock) desencadenando cierto código de gestión de errores. The Serial Attached SCSI (SAS) implementation in the Linux kernel mishandles a mutex within libsas. This allows local users to cause a denial of service (deadlock) by triggering certain error-handling code. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0558f33c06bb910e2879e355192227a8e8f0219d http://www.securityfocus.com/bid/103423 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://github.com/torvalds/linux/commit/0558f33c06bb910e2879e355192227a8e8f0219d https://usn.ubuntu.com/4163-1 https://usn.ubuntu.com/4163-2 https://www.debian.org/security/2018/dsa-4187 https://access.redhat.com/security/cve/CVE-2017-18232 • CWE-833: Deadlock •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2018-8087 – kernel: Memory leak in drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() can lead to potential denial of service

https://notcve.org/view.php?id=CVE-2018-8087

Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case. Fuga de memoria en la función hwsim_new_radio_nl en drivers/net/wireless/mac80211_hwsim.c en el kernel de Linux hasta la versión 4.15.9 permite que usuarios locales provoquen una denegación de servicio (consumo de memoria) desencadenando un caso de error fuera de array. The Linux kernel is vulnerable to a memory leak in the drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() function. An attacker could exploit this to cause a potential denial of service. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ddcff49b672239dda94d70d0fcf50317a9f4b51 http://www.securityfocus.com/bid/103397 https://access.redhat.com/errata/RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2043 https://github.com/torvalds/linux/commit/0ddcff49b672239dda94d70d0fcf50317a9f4b51 https://usn.ubuntu.com/3676-1 https://usn.ubuntu.com/3676-2 https://usn.ubuntu.com/3677-1 https://usn.ubuntu.com/3677-2 https://usn.ubuntu.com/3678-1 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •