CVSS: 7.5EPSS: 3%CPEs: 15EXPL: 2CVE-2014-7284
https://notcve.org/view.php?id=CVE-2014-7284
13 Oct 2014 — The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by leveraging the predictability of TCP sequence numbers, TCP and UDP port numbers, and IP ID values. La implementación net_get_random_once en net/core/utils.c en el kernel de Linux 3.13.x y 3.14.x anterior a 3.14.5... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3d4405226d27b3a215e4d03cfa51f536244e5de7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 3CVE-2014-7283 – kernel: xfs: directory hash ordering denial of service
https://notcve.org/view.php?id=CVE-2014-7283
13 Oct 2014 — The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service (filesystem corruption, and OOPS or panic) via operations on directories that have hash collisions, as demonstrated by rmdir operations. La función xfs_da3_fixhashpath en fs/xfs/xfs_da_btree.c en la implementación xfs en el kernel de Linux anterior a 3.14.2 no compara debidamente los valores de... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c88547a8119e3b581318ab65e9b72f27f23e641d • CWE-399: Resource Management Errors •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2014-3186 – Kernel: HID: memory corruption via OOB write
https://notcve.org/view.php?id=CVE-2014-3186
28 Sep 2014 — Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that sends a large report. Desbordamiento de buffer en la función picolcd_raw_event en devices/hid/hid-picolcd_core.c en el controlador de dispositivos PicoLCD HID en el kernel de Li... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=844817e47eef14141cf59b8d5ac08dd11c0a9189 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3184 – Kernel: HID: off by one error in various _report_fixup routines
https://notcve.org/view.php?id=CVE-2014-3184
28 Sep 2014 — The report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c. Las funciones report_fixup en el subsistema HID en el kernel de Linux anterior a ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ab25786c87eb20857bbb715c3ae34ec8fd6a214 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 5CVE-2014-3631 – Linux Kernel 3.16.3 - Associative Array Garbage Collection Crash (PoC)
https://notcve.org/view.php?id=CVE-2014-3631
28 Sep 2014 — The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple "keyctl newring" operations followed by a "keyctl timeout" operation. La función assoc_array_gc en la implementación associative-array en lib/assoc_array.c en el kernel de Linux anterior a... • https://packetstorm.news/files/id/130591 •
CVSS: 7.8EPSS: 3%CPEs: 5EXPL: 1CVE-2014-6417 – Ubuntu Security Notice USN-2379-1
https://notcve.org/view.php?id=CVE-2014-6417
28 Sep 2014 — net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly consider the possibility of kmalloc failure, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a long unencrypted auth ticket. net/ceph/auth_x.c en Ceph, utilizado en el kernel de Linux anterior a 3.16.3, no considera debidamente la posibilidad de fallos de kmalloc, lo que permite a atacantes remotos causar una denegación de servicio (caída del sistema... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c27a3e4d667fdcad3db7b104f75659478e0c68d8 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2014-7145 – Kernel: cifs: NULL pointer dereference in SMB2_tcon
https://notcve.org/view.php?id=CVE-2014-7145
28 Sep 2014 — The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals. La función SMB2_tcon en fs/cifs/smb2pdu.c en el kernel de Linux anterior a 3.16.3 permite a servidores remotos CIFS causar una denegación de servicio (referencia a puntero nulo y caída del sistema cliente) o posiblemente t... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=18f39e7be0121317550d03e267e3ebd4dbfbb3ce • CWE-399: Resource Management Errors CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 2%CPEs: 8EXPL: 3CVE-2014-6416 – Ubuntu Security Notice USN-2379-1
https://notcve.org/view.php?id=CVE-2014-6416
28 Sep 2014 — Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a long unencrypted auth ticket. Desbordamiento de buffer en net/ceph/auth_x.c en Ceph, utilizado en el kernel de Linux anterior a 3.16.3, permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y panic) o posiblemente tener otro impacto no especificado a través de ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c27a3e4d667fdcad3db7b104f75659478e0c68d8 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0CVE-2014-3185 – Kernel: USB serial: memory corruption flaw
https://notcve.org/view.php?id=CVE-2014-3185
28 Sep 2014 — Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response. Múltiples desbordamientos de buffer en la función command_port_read_callback en drivers/usb/serial/... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6817ae225cd650fb1c3295d769298c38b1eba818 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 4%CPEs: 8EXPL: 3CVE-2014-6418 – Ubuntu Security Notice USN-2379-1
https://notcve.org/view.php?id=CVE-2014-6418
28 Sep 2014 — net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor. net/ceph/auth_x.c en Ceph, utilizado en el kernel de Linux anterior a 3.16.3, no valida debidamente las respuestas de autor válidas, lo que permite a atacantes remotos causar una denegación de servicio (caída del sistema) o posib... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c27a3e4d667fdcad3db7b104f75659478e0c68d8 • CWE-399: Resource Management Errors •