Page 541 of 4761 results (0.030 seconds)

CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0

CVE-2018-5803 – kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service

https://notcve.org/view.php?id=CVE-2018-5803

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash. En el kernel de Linux en versiones anteriores a la 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51 y 3.2.102, un error en la función "_sctp_make_chunk()" (net/sctp/sm_make_chunk.c) al gestionar el tamaño de paquetes SCTP puede explotarse para provocar un cierre inesperado del kernel. An error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP, packet length can be exploited by a malicious local user to cause a kernel crash and a DoS. • https://access.redhat.com/errata/RHSA-2018:1854 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2019:0641 https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.102 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.51 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25 https://cdn.kernel.org/p • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18208 – kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service

https://notcve.org/view.php?id=CVE-2017-18208

The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping. La función madvise_willneed en mm/madvise.c en el kernel de Linux, en versiones anteriores a la 4.14.4, permite que usuarios locales provoquen una denegación de servicio (bucle infinito) desencadenando el uso de MADVISE_WILLNEED para un mapeo DAX. The madvise_willneed function in the Linux kernel allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2019:3967 https://access.redhat.com/errata/RHSA-2019:4057 https://access.redhat.com/errata/RHSA-2019:4058 https://github.com/torvalds/linux/commit/6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91 https://usn.u • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18203 – kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service

https://notcve.org/view.php?id=CVE-2017-18203

The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices. La función dm_get_from_kobject en drivers/md/dm.c en el kernel de Linux, en versiones anteriores a la 4.14.3, permite que usuarios locales provoquen una denegación de servicio (bug) aprovechando una condición de carrera en __dm_destroy durante la creación y eliminación de dispositivos DM. The Linux kernel, before version 4.14.3, is vulnerable to a denial of service in drivers/md/dm.c:dm_get_from_kobject() which can be caused by local users leveraging a race condition with __dm_destroy() during creation and removal of DM devices. Only privileged local users (with CAP_SYS_ADMIN capability) can directly perform the ioctl operations for dm device creation and removal and this would typically be outside the direct control of the unprivileged attacker. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9a41d21dceadf8104812626ef85dc56ee8a60ed http://www.securityfocus.com/bid/103184 https://access.redhat.com/errata/RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1854 https://access.redhat.com/errata/RHSA-2019:4154 https://github.com/torvalds/linux/commit/b9a41d21dceadf8104812626ef85dc56ee8a60ed https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html https: • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2017-18202 – kernel: Infoleak/use-after-free in __oom_reap_task_mm function in mm/oom_kill.c

https://notcve.org/view.php?id=CVE-2017-18202

The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) or possibly have unspecified other impact by triggering a copy_to_user call within a certain time window. La función __oom_reap_task_mm en mm/oom_kill.c en el kernel de Linux, en versiones anteriores a la 4.14.4, gestiona de manera incorrecta las operaciones de recopilación. Esto permite que los atacantes provoquen una denegación de servicio (filtrado de entrada TLB o uso de memoria previamente liberada) u otro tipo de impacto sin especificar desencadenando una llamada copy_to_user en un periodo de tiempo determinado. The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel, before 4.14.4, mishandles gather operations. This allows attackers to cause a denial of service (TLB entry leak or use-after-free) or possibly have unspecified other impact by triggering a copy_to_user call within a certain time window. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=687cb0884a714ff484d038e9190edc874edcf146 http://www.securityfocus.com/bid/103161 https://access.redhat.com/errata/RHSA-2018:2772 https://github.com/torvalds/linux/commit/687cb0884a714ff484d038e9190edc874edcf146 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4 https://access.redhat.com/security/cve/CVE-2017-18202 https://bugzilla.redhat.com/show_bug.cgi?id=1549621 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1

CVE-2018-7492

https://notcve.org/view.php?id=CVE-2018-7492

A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST. Se ha encontrado una desreferencia de puntero NULL en la función net/rds/rdma.c __rds_rdma_map() en el kernel de Linux, en versiones anteriores a la 4.14.7, que permite que atacantes locales provoquen un error en el sistema y una denegación de servicio (DoS). Esto se relaciona con RDS_GET_MR y RDS_GET_MR_FOR_DEST. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3069c6d33f6ae63a1668737bc78aaaa51bff7ca http://www.securityfocus.com/bid/103185 https://bugzilla.redhat.com/show_bug.cgi?id=1527393 https://github.com/torvalds/linux/commit/f3069c6d33f6ae63a1668737bc78aaaa51bff7ca https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html https://patchwork.kernel.org/patch/10096441 https://usn.ubuntu.com/3619-1 https://usn.ubuntu.com/3619-2 https://usn.ubuntu.com/3674-1 https • CWE-476: NULL Pointer Dereference •