CVE-2016-8658
https://notcve.org/view.php?id=CVE-2016-8658
Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket. Desbordamiento de búfer basado en pila en la función brcmf_cfg80211_start_ap en drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c en el kernel de Linux en versiones anteriores a 4.7.5 permite a usuarios locales provocar una denegación de servicio (caída de sistema) o tener otro posible impacto no especificado a través de un SSID Information Element largo en un comando a un socket Netlink. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ded89912156b1a47d940a0c954c43afbabd0c42c http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.5 http://www.openwall.com/lists/oss-security/2016/10/13/1 http://www.securityfocus.com/bid/93541 http://www.ubuntu.com/usn/USN-3145-1 http://www.ubuntu.com/usn/USN-3145-2 http://www.ubuntu.com/usn/USN-3146-1 http://www.ubuntu.com/usn/USN-3146-2 https://bugzilla.redhat.com/show_b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-3288 – kernel: zero page memory arbitrary modification
https://notcve.org/view.php?id=CVE-2015-3288
mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero. mm/memory.c en el kernel de Linux en versiones anteriores a 4.1.4 no maneja adecuadamente páginas anónimas, lo que permite a usuarios locales obtener privilegios o provocar una denegación de servicio (adulteración de página) a través de una aplicación manipulada que desencadena escribir a la página cero. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4 http://www.securityfocus.com/bid/93591 https://bugzilla.redhat.com/show_bug.cgi?id=1333830 https://github.com/torvalds/linux/commit/6b7339f4c31ad69c8e9c0b2859276e22cf72176d https://security-tracker.debian.org/tracker/CVE-2015-3288 https://source.android.com/security/bulletin/2017-01-01.html https://access.redhat.com/security& • CWE-20: Improper Input Validation CWE-391: Unchecked Error Condition •
CVE-2015-8952
https://notcve.org/view.php?id=CVE-2015-8952
The mbcache feature in the ext2 and ext4 filesystem implementations in the Linux kernel before 4.6 mishandles xattr block caching, which allows local users to cause a denial of service (soft lockup) via filesystem operations in environments that use many attributes, as demonstrated by Ceph and Samba. La funcionalidad mbcache en las implementaciones del sistema de archivos ext2 y ext4 en el kernel de Linux en versiones anteriores a 4.6 no maneja adecuadamente bloque de almacenamiento en caché xattr, lo que permite a usuarios locales provocar una denegación de servicio (bloqueo débil) a través de operaciones de sistema de archivos en entornos que usan muchos atributos, como se demuestra por Ceph y Samba. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82939d7999dfc1f1998c4b1c12e2f19edbdff272 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=be0726d33cb8f411945884664924bed3cb8c70ee http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f9a61eb4e2471c56a63cd804c7474128138c38ac http://www.openwall.com/lists/oss-security/2016/08/22/2 http://www.openwall.com/lists/oss-security/2016/08/25/4 https://bugzilla.kernel.org/show_bug.cgi?id=10 • CWE-19: Data Processing Errors •
CVE-2016-8666 – kernel: Remotely triggerable recursion in GRE code leading to kernel crash
https://notcve.org/view.php?id=CVE-2016-8666
The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039. La pila IP en el kernel de Linux en versiones anteriores a 4.6 permite a atacantes remotos provocar una denegación de servicio (consumo de pila y pánico) o tener otro posible impacto no especificado desencadenando uso de la ruta GRO para paquetes con apilamiento en túnel, como se demuestra por cabeceras IPv4 y cabeceras GRE intercaladas, un problema relacionado con CVE-2016-7039. A flaw was found in the way the Linux kernel's networking subsystem handled offloaded packets with multiple layers of encapsulation in the GRO (Generic Receive Offload) code path. A remote attacker could use this flaw to trigger unbounded recursion in the kernel that could lead to stack corruption, resulting in a system crash. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fac8e0f579695a3ecbc4d3cac369139d7f819971 http://rhn.redhat.com/errata/RHSA-2016-2047.html http://rhn.redhat.com/errata/RHSA-2016-2107.html http://rhn.redhat.com/errata/RHSA-2016-2110.html http://rhn.redhat.com/errata/RHSA-2017-0004.html http://www.openwall.com/lists/oss-security/2016/10/13/11 http://www.securityfocus.com/bid/93562 https://access.redhat.com/errata/RHSA-2017:0372 https://bto.bluec • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •
CVE-2015-8953
https://notcve.org/view.php?id=CVE-2015-8953
fs/overlayfs/copy_up.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service (dentry reference leak) via filesystem operations on a large file in a lower overlayfs layer. fs/overlayfs/copy_up.c en el kernel de Linux en versiones anteriores a 4.2.6 utiliza una ruta de código de limpieza incorrecta, lo que permite a usuarios locales provocar una denegación de servicio (fuga de referencia dentry) a través de operaciones de sistema de archivos en un archivo grande en una capa overlayfs inferior. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ab79efab0a0ba01a74df782eb7fa44b044dae8b5 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.6 http://www.openwall.com/lists/oss-security/2016/08/23/9 http://www.securityfocus.com/bid/92611 https://bugzilla.redhat.com/show_bug.cgi?id=1367814 https://github.com/torvalds/linux/commit/ab79efab0a0ba01a74df782eb7fa44b044dae8b5 • CWE-399: Resource Management Errors •