CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2015-7723
https://notcve.org/view.php?id=CVE-2015-7723
AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. AMD fglrx-driver anterior a la versión 15.7 permite a los usuarios locales obtener privilegios a través de un ataque de enlace simbólico. • http://packetstormsecurity.com/files/134121/AMD-fglrx-driver-14.4.2-Privilege-Escalation.html http://seclists.org/fulldisclosure/2015/Oct/104 http://www.securityfocus.com/archive/1/536783/100/0/threaded http://www.securityfocus.com/bid/77357 https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-7723 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2015-7724
https://notcve.org/view.php?id=CVE-2015-7724
AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. NOTE: This vulnerability exists due to an incomplete fix for CVE-2015-7723. AMD fglrx-driver anterior a la versión15.9 permite a los usuarios locales obtener privilegios a través de un ataque de enlace simbólico. NOTA: Esta vulnerabilidad existe debido a una corrección para CVE-2015-7723. • http://packetstormsecurity.com/files/134120/AMD-fglrx-driver-15.7-Privilege-Escalation.html http://seclists.org/fulldisclosure/2015/Oct/103 http://www.securityfocus.com/archive/1/536782/100/0/threaded http://www.securityfocus.com/bid/77361 https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-7724 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2013-6885 – hw: AMD CPU erratum may cause core hang
https://notcve.org/view.php?id=CVE-2013-6885
The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service (system hang) via a crafted application, aka the errata 793 issue. El microcode en AMD 16h 00h hasta procesadores 0Fh no maneja adecuadamente la interación entre instrucciones bloqueadas y tipos de memoria de escritura combinada, lo que permite a usuarios locales provocar una denegación de servicio (caída del sistema) a través de una aplicación manipulada, también conocido como problema 793. • http://lists.dragonflybsd.org/pipermail/kernel/2011-December/046594.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123553.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124195.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124199.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html http://lists.opensuse.org/opensuse-security-anno • CWE-399: Resource Management Errors CWE-1220: Insufficient Granularity of Access Control •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2008-3890
https://notcve.org/view.php?id=CVE-2008-3890
The kernel in FreeBSD 6.3 through 7.0 on amd64 platforms can make an extra swapgs call after a General Protection Fault (GPF), which allows local users to gain privileges by triggering a GPF during the kernel's return from (1) an interrupt, (2) a trap, or (3) a system call. El kernel de FreeBSD 6.3 hasta 7.0 en las plataformas de amd64 , puede hacer excesivas llamadas swapgs después de un Fallo General de Protección -General Protection Fault (GPF)-; esto permite a usuarios locales obtener privilegios provocando un Fallo General de Protección durante el regreso del kernel desde (1) una interrupción, (2) un paso del proceso de modo de usuario a modo kernel, o (3) una llamada al sistema. • http://secunia.com/advisories/31743 http://security.freebsd.org/advisories/FreeBSD-SA-08:07.amd64.asc http://www.securityfocus.com/bid/31003 http://www.securitytracker.com/id?1020815 https://exchange.xforce.ibmcloud.com/vulnerabilities/44905 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 0CVE-2008-1615 – kernel: ptrace: Unprivileged crash on x86_64 %cs corruption
https://notcve.org/view.php?id=CVE-2008-1615
Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls. El kernel de Linux versión 2.6.18 y posiblemente otras versiones, cuando corren bajo arquitecturas AMD64, permite a usuarios locales provocar una denegación de servicio (caída) a través de determinadas llamadas ptrace. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html http://secunia.com/advisories/30112 http://secunia.com/advisories/30252 http://secunia.com/advisories/30294 http://secunia.com • CWE-399: Resource Management Errors •