CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0275 – kernel: fs: ext4: fallocate zero range page size > block size BUG()
https://notcve.org/view.php?id=CVE-2015-0275
The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request. La función ext4_zero_range en fs/ext4/extents.c en el kernel de Linux en versiones anteriores a 4.1 permite a usuarios locales provocar una denegación de servicio (BUG) a través de una petición de rango cero a fallocate manipulada. A flaw was found in the way the Linux kernel's ext4 file system handled the "page size > block size" condition when the fallocate zero range functionality was used. A local attacker could use this flaw to crash the system. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2af21aae11972fa924374ddcf52e88347cf5a8 http://rhn.redhat.com/errata/RHSA-2015-1778.html http://rhn.redhat.com/errata/RHSA-2015-1787.html http://www.openwall.com/lists/oss-security/2015/02/23/14 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/75139 http://www.securitytracker.com/id/1034454 http://www.spinics.net/lists/linux-ext4/msg47193.html ht • CWE-17: DEPRECATED: Code •
CVSS: 9.0EPSS: 4%CPEs: 1EXPL: 0CVE-2015-4001
https://notcve.org/view.php?id=CVE-2015-4001
Integer signedness error in the oz_hcd_get_desc_cnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted packet. Error de signo de enteros en la función oz_hcd_get_desc_cnf en drivers/staging/ozwpan/ozhcd.c en el controlador OZWPAN en el kernel de Linux hasta 4.0.5 permite a atacantes remotos causar una denegación de servicio (caída de sistema) o posiblemente ejecutar código arbitrario a través de un paquete manipulado. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b1bb5b49373b61bf9d2c73a4d30058ba6f069e4c http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html http://openwall.com/lists/oss-security/2015/06/05/7 http://www.securityfocus.com/bid/74672 http://www.ubuntu.com/usn/USN-2665-1 http://www.ubuntu.com/usn/USN-2667-1 https://github.com/torvalds/linux/commit/b1bb5b49373b61bf9d2c73a4d30058ba6f069e4c • CWE-189: Numeric Errors •
CVSS: 8.5EPSS: 2%CPEs: 4EXPL: 1CVE-2015-4004
https://notcve.org/view.php?id=CVE-2015-4004
The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read and system crash) via a crafted packet. El controlador OZWPAN en el kernel de Linux hasta 4.0.5 depende de un campo de longitud no confiable durante el análisis sintáctico de paquetes, lo que permite a atacantes remotos obtener información sensible de la memoria del kernel o causar una denegación de servicio (lectura fuera de rango y caída de sistema) a través de un paquete manipulado. • http://openwall.com/lists/oss-security/2015/06/05/7 http://www.securityfocus.com/bid/74669 http://www.ubuntu.com/usn/USN-2989-1 http://www.ubuntu.com/usn/USN-2998-1 http://www.ubuntu.com/usn/USN-3000-1 http://www.ubuntu.com/usn/USN-3001-1 http://www.ubuntu.com/usn/USN-3002-1 http://www.ubuntu.com/usn/USN-3003-1 http://www.ubuntu.com/usn/USN-3004-1 https://lkml.org/lkml/2015/5/13/739 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 1%CPEs: 10EXPL: 0CVE-2015-4002
https://notcve.org/view.php?id=CVE-2015-4002
drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions. drivers/staging/ozwpan/ozusbsvc1.c en el controlador OZWPAN en el kernel de Linux hasta 4.0.5 no asegura que ciertas valores de longitud están lo suficientemente grandes, lo que permite a atacantes remotos causar una denegación de servicio (caída de sistema o bucle grande) o posiblemente ejecutar código arbitrario a través de un paquete manipulado, relacionado con las funciones (1) oz_usb_rx y (2) oz_usb_handle_ep_data. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html http://openwall.com/lists/oss-security/2015/06/05/7 http://www.securityfocus.com/bid/74668 http://www.ubuntu.com/usn/USN-2665-1 http://www.ubuntu.com/usn/USN-2667-1 https://github.com& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 7EXPL: 0CVE-2015-4003
https://notcve.org/view.php?id=CVE-2015-4003
The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via a crafted packet. La función oz_usb_handle_ep_data en drivers/staging/ozwpan/ozusbsvc1.c en el controlador OZWPAN en el kernel de Linux hasta 4.0.5 permite a atacantes remotos causar una denegación de servicio (un error de dividir por cero y caída de sistema) a través de un paquete manipulado. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04bf464a5dfd9ade0dda918e44366c2c61fce80b http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html http://openwall.com/lists/oss-security/2015/06/05/7 http://www.securityfocus.com/bid/74668 http://www.ubuntu.com/usn/USN-2665-1 http://www.ubuntu.com/usn/USN-2667-1 https://github.com/torvalds/linux/commit/04bf464a5dfd9ade0dda918e44366c2c61fce80b • CWE-189: Numeric Errors •