CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 1CVE-2014-6410 – kernel: udf: Avoid infinite loop when processing indirect ICBs
https://notcve.org/view.php?id=CVE-2014-6410
28 Sep 2014 — The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UDF filesystem with a crafted inode. La función __udf_read_inode en fs/udf/inode.c en el kernel de Linux hasta 3.16.3 no restringe la cantidad de indirección ICB, lo que permite a atacantes físicamente próximos causar una denegación de servicio (bucle infinito o c... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c03aa9f6e1f938618e6db2e23afef0574efeeb65 • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3183
https://notcve.org/view.php?id=CVE-2014-3183
28 Sep 2014 — Heap-based buffer overflow in the logi_dj_ll_raw_request function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that specifies a large report size for an LED report. Desbordamiento de buffer basado en memoria dinámica en la función logi_dj_ll_raw_request en drivers/hid/hid-logitech-dj.c en el kernel de Linux anterior a 3.16.2 permite a atacantes físic... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=51217e69697fba92a06e07e16f55c9a52d8e8945 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 0%CPEs: 6EXPL: 0CVE-2014-3182 – Kernel: HID: logitech-dj OOB array access
https://notcve.org/view.php?id=CVE-2014-3182
28 Sep 2014 — Array index error in the logi_dj_raw_event function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (invalid kfree) via a crafted device that provides a malformed REPORT_TYPE_NOTIF_DEVICE_UNPAIRED value. Error en el indice del arry en la función logi_dj_raw_event en drivers/hid/hid-logitech-dj.c en el kernel de Linux anterior a 3.16.2 permite a atacantes físicamente próximos ejecutar código arbitr... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad3e14d7c5268c2e24477c6ef54bbdf88add5d36 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 0%CPEs: 6EXPL: 0CVE-2014-3181 – Kernel: HID: OOB write in magicmouse driver
https://notcve.org/view.php?id=CVE-2014-3181
28 Sep 2014 — Multiple stack-based buffer overflows in the magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with an event. Múltiples desbordamientos de buffer basado en pila en la función magicmouse_raw_event en drivers/hid/hid-magicmouse.c e... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c54def7bd64d7c0b6993336abcffb8444795bf38 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2012-6657 – Kernel: net: guard tcp_set_keepalive against crash
https://notcve.org/view.php?id=CVE-2012-6657
28 Sep 2014 — The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket. La función sock_setsockopt en net/core/sock.c en el kernel de Linux anterior a 3.5.7 no asegura que una acción keepalive está asociada con un socket de flujo, lo que permite a usuarios locales causar una denegación de servicio (caída de... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3e10986d1d698140747fcfc2761ec9cb64c1d582 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 2CVE-2014-0205 – kernel: futex: refcount issue in case of requeue
https://notcve.org/view.php?id=CVE-2014-0205
11 Sep 2014 — The futex_wait function in kernel/futex.c in the Linux kernel before 2.6.37 does not properly maintain a certain reference count during requeue operations, which allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that triggers a zero count. La función futex_wait en kernel/futex.c en el kernel de Linux anterior a 2.6.37 no mantiene debidamente cierta cuenta de referencias durante las operaciones de rehacer colas, lo que perm... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7ada876a8703f23befbb20a7465a702ee39b1704 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVSS: 7.8EPSS: 1%CPEs: 20EXPL: 2CVE-2014-3535 – Kernel: netdevice.h: NULL pointer dereference over VxLAN
https://notcve.org/view.php?id=CVE-2014-3535
11 Sep 2014 — include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdev_printk and its related logging implementation, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) by sending invalid packets to a VxLAN interface. include/linux/netdevice.h en el kernel de Linux anterior a 2.6.36 utiliza incorrectamente los macros para netdev_printk y su implementación de registro relacionada, lo que permite a atacantes remotos causar una denegac... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=256df2f3879efdb2e9808bdb1b54b16fbb11fa38 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 1CVE-2014-5472 – kernel: isofs: unbound recursion when processing relocated directories
https://notcve.org/view.php?id=CVE-2014-5472
01 Sep 2014 — The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (unkillable mount process) via a crafted iso9660 image with a self-referential CL entry. La función parse_rock_ridge_inode_internal en fs/isofs/rock.c en el kernel de Linux hasta 3.16.1 permite a usuarios locales causar una denegación de servicio (un proceso de montaje imparable) a través de un imagen iso9660 manipulado con una entrada CL de auto referencia. It w... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=410dd3cf4c9b36f27ed4542ee18b1af5e68645a4 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2014-3601 – kernel: kvm: invalid parameter passing in kvm_iommu_map_pages()
https://notcve.org/view.php?id=CVE-2014-3601
01 Sep 2014 — The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to (1) cause a denial of service (host OS memory corruption) or possibly have unspecified other impact by triggering a large gfn value or (2) cause a denial of service (host OS memory consumption) by triggering a small gfn value that leads to permanently pinned pages. La función kvm_iommu_map_pages en virt/kvm/iommu.c ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7 • CWE-189: Numeric Errors •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 1CVE-2014-5471 – kernel: isofs: unbound recursion when processing relocated directories
https://notcve.org/view.php?id=CVE-2014-5471
01 Sep 2014 — Stack consumption vulnerability in the parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (uncontrolled recursion, and system crash or reboot) via a crafted iso9660 image with a CL entry referring to a directory entry that has a CL entry. Vulnerabilidad de consumo de pila en la función parse_rock_ridge_inode_internal en fs/isofs/rock.c en el kernel de Linux hasta 3.16.1 permite a usuarios locales causar una denegació... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=410dd3cf4c9b36f27ed4542ee18b1af5e68645a4 • CWE-399: Resource Management Errors •