Page 536 of 2939 results (0.024 seconds)

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0

The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c. La pila TCP en el kernel Linux en versiones anteriores a 4.8.10 maneja incorrectamente el truncamiento skb, lo que permite a usuarios locales provocar una denegación de servicio (caída de sistema) a través de una aplicación manipulada que hace llamadas de sistema sendto, relacionado con net/ipv4/tcp_ipv4.c y net/ipv6/tcp_ipv6.c. It was discovered that the Linux kernel since 3.6-rc1 with 'net.ipv4.tcp_fastopen' set to 1 can hit BUG() statement in tcp_collapse() function after making a number of certain syscalls leading to a possible system crash. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ac6e780070e30e4c35bd395acfe9191e6268bdd3 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.10 http://www.openwall.com/lists/oss-security/2016/11/11/3 http://www.openwall.com/lists/oss-security/2016/11/30/3 http://www.securityfocus.com/bid/94264 http://www.securitytracker.com/id/1037285 https://access.redhat.com/errata/RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:2077 https: • CWE-284: Improper Access Control CWE-617: Reachable Assertion •

CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0

Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call. Vulnerabilidad de liberación doble en la función sg_common_write en drivers/scsi/sg.c en el kernel de Linux en versiones anteriores a 4.4 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (corrupción de memoria y bloqueo del sistema) desvinculando un dispositivo durante una llamada ioctl SG_IO. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3951a3709ff50990bf3e188c27d346792103432 http://www.securityfocus.com/bid/94187 https://github.com/torvalds/linux/commit/f3951a3709ff50990bf3e188c27d346792103432 https://source.android.com/security/bulletin/2016-11-01.html • CWE-415: Double Free •

CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0

The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux kernel before 4.3.3 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging improper access to a certain error field. La función __ext4_journal_stop en fs / ext4 / ext4_jbd2.c en el kernel de Linux en versiones anteriores a 4.3.3 permite a usuarios locales obtener privilegios o provocar una denegación de servicio al utilizar un acceso incorrecto a un cierto campo de error. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6934da9238da947628be83635e365df41064b09b http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3 http://www.securityfocus.com/bid/94135 https://github.com/torvalds/linux/commit/6934da9238da947628be83635e365df41064b09b https://source.android.com/security/bulletin/2016-11-01.html • CWE-416: Use After Free •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability. La función nfnetlink_rcv_batch en net / netfilter / nfnetlink.c en el kernel de Linux en versiones anteriores a 4.5 no comprueba si el campo de longitud de un mensaje por lotes es lo suficientemente grande, lo que permite a los usuarios locales obtener información sensible de la memoria del kernel o provocar una denegación de servicio (bucle infinito o lectura fuera de rango) aprovechando la capacidad de CAP_NET_ADMIN. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c58d6c93680f28ac58984af61d0a7ebf4319c241 http://source.android.com/security/bulletin/2016-11-01.html http://www.securityfocus.com/bid/94147 https://github.com/torvalds/linux/commit/c58d6c93680f28ac58984af61d0a7ebf4319c241 • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0

Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call. Condición de carrera en la función get_task_ioprio en block/ioprio.c en el kernel de Linux en versiones anteriores a 4.6.6 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (uso posterior a la llamada) mediante una llamada manipulada al sistema ioprio_get. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ba8682107ee2ca3347354e018865d8e1967c5f4 http://source.android.com/security/bulletin/2016-11-01.html http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.6 http://www.securityfocus.com/bid/94135 https://github.com/torvalds/linux/commit/8ba8682107ee2ca3347354e018865d8e1967c5f4 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •