CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-7477 – kernel: net: Heap overflow in skb_to_sgvec in macsec.c
https://notcve.org/view.php?id=CVE-2017-7477
Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function. Un desbordamiento de buffer basado en memoria dinámica en drivers/net/macsec.c del módulo MACsec en el kernel del Linux hasta la versión 4.10.12, permitiría a los atacantes causar una denegación de servicio u otro tipo de impacto no especificado al aprovechar el uso de la propiedad MAX_SKB_FRAGS+1 junto con la propiedad NETIF_F_FRAGLIST, provocando un error en la función skb_to_sgvec. A flaw was found in the way Linux kernel allocates heap memory to build the scattergather list from a fragment list(skb_shinfo(skb)->frag_list) in the socket buffer(skb_buff). The heap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter and 'NETIF_F_FRAGLIST' feature are both used together. A remote user or process could use this flaw to potentially escalate their privilege on a system. • http://www.securityfocus.com/bid/98014 http://www.securitytracker.com/id/1038500 https://access.redhat.com/errata/RHSA-2017:1615 https://access.redhat.com/errata/RHSA-2017:1616 https://bugzilla.redhat.com/show_bug.cgi?id=1445207 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5294b83086cc1c35b4efeca03644cf9d12282e5b https://access.redhat.com/security/cve • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2010-5321
https://notcve.org/view.php?id=CVE-2010-5321
Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service (memory consumption) by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability than CVE-2007-6761. NOTE: as of 2016-06-18, this affects only 11 drivers that have not been updated to use videobuf2 instead of videobuf. La pérdida de memoria en drivers/media/video/videobuf-core.c en el subsistema videobuf en el kernel de Linux 2.6.x hasta la versión 4.x permite a usuarios locales causar una denegación de servicio (consumo de memoria) aprovechando el acceso /dev/video para una serie de llamadas mmap que requieren nuevas asignaciones, una vulnerabilidad diferente a CVE-2007-6761. NOTA: a partir de 18-06-2016, esto afecta sólo a 11 controladores que no se han actualizado para utilizar videobuf2 en lugar de videobuf. • http://linuxtv.org/irc/v4l/index.php?date=2010-07-29 http://www.openwall.com/lists/oss-security/2015/02/08/4 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827340 https://bugzilla.kernel.org/show_bug.cgi?id=120571 https://bugzilla.redhat.com/show_bug.cgi?id=620629 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2017-8070
https://notcve.org/view.php?id=CVE-2017-8070
drivers/net/usb/catc.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. drivers/net/usb/catc.c en el kernel de Linux 4.9.x en versiones anteriores a 4.9.11 interactúa incorrectamente con la opción CONFIG_VMAP_STACK, que permite a usuarios locales provocar una denegación de servicio (bloqueo del sistema o corrupción de memoria) o posiblemente tiene otro impacto no especificado aprovechando el uso de más de una página virtual para la lista de dispersión DMA. • http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11 http://www.openwall.com/lists/oss-security/2017/04/16/4 http://www.securityfocus.com/bid/98011 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2d6a0e9de03ee658a9adc3bfb2f0ca55dff1e478 https://github.com/torvalds/linux/commit/2d6a0e9de03ee658a9adc3bfb2f0ca55dff1e478 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-8062
https://notcve.org/view.php?id=CVE-2017-8062
drivers/media/usb/dvb-usb/dw2102.c in the Linux kernel 4.9.x and 4.10.x before 4.10.4 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. drivers/media/usb/dvb-usb/dw2102.c en el kernel de Linux 4.9.x y 4.10.x en versiones anteriores a 4.10.4 interactúa incorrectamente con la opción CONFIG_VMAP_STACK, que permite a usuarios locales provocar una denegación de servicio (bloqueo del sistema o corrupción de memoria) o posiblemente tiene otro impacto no especificado aprovechando el uso de más de una página virtual para la lista de dispersión DMA. • http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4 http://www.openwall.com/lists/oss-security/2017/04/16/4 http://www.securityfocus.com/bid/97973 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=606142af57dad981b78707234cfbd15f9f7b7125 https://github.com/torvalds/linux/commit/606142af57dad981b78707234cfbd15f9f7b7125 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2017-8068
https://notcve.org/view.php?id=CVE-2017-8068
drivers/net/usb/pegasus.c in the Linux kernel 4.9.x before 4.9.11 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist. drivers/net/usb/pegasus.c en el kernel de Linux 4.9.x en versiones anteriores a 4.9.11 interactúa incorrectamente con la opción CONFIG_VMAP_STACK, que permite a usuarios locales provocar una denegación de servicio (bloqueo del sistema o corrupción de memoria) o posiblemente tiene otro impacto no especificado aprovechando el uso de más de una página virtual para la lista de dispersión DMA. • http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11 http://www.openwall.com/lists/oss-security/2017/04/16/4 http://www.securityfocus.com/bid/98000 http://www.securityfocus.com/bid/98008 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5593523f968bc86d42a035c6df47d5e0979b5ace https://github.com/torvalds/linux/commit/5593523f968bc86d42a035c6df47d5e0979b5ace • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •