Page 550 of 2844 results (0.020 seconds)

CVSS: 4.9EPSS: 0%CPEs: 204EXPL: 0

The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the linux-clock-tests test suite. La función do_double_fault en arch/x86/kernel/traps.c en el kernel de Linux hasta 3.17.4 no maneja debidamente los fallos asociados con el registro de segmentos Stack Segment (SS), lo que permite a usuarios locales causar una denegación de servicio (pánico) a través de una llamada al sistema modify_ldt, tal y como fue demostrado por sigreturn_32 en el suite de pruebas 'linux-clock-tests'. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f442be2fb22be02cafa606f1769fa1e6f894441 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://secunia.com/advisories/62336 http://www.debian.org/security/2014/dsa-3093 http://www.openwall.com/lists/oss-security/2014/11/26/5 https:// • CWE-17: DEPRECATED: Code •

CVSS: 4.6EPSS: 0%CPEs: 204EXPL: 1

The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the entry for the other category, aka a "negative groups" issue, related to kernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c. El kernel de Linux hasta 3.17.4 no restringe debidamente la colocación de afiliaciones a grupos suplementarios en ciertos escenarios de espacios para nombres, lo que permite a usuarios locales evadir los permisos de ficheros mediante el aprovechamiento de un POSIX ACL que contiene una entrada para la categoría de grupo que está más restrictiva que la entrada para la otra categoría, también conocido como un problema de 'grupos negativos', relacionado con kernel/groups.c, kernel/uid16.c, y kernel/user_namespace.c. • http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147864.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147973.html http://thread.gmane.org/gmane.linux.man/7385 http://www.mandriva.com/security/advisories?name=MDVSA-2015:058 http://www.openwall.com/lists/oss-security/2014/11/20/4 http://www.securityfocus.com/bid/71154 http://www.ubuntu.com/usn/USN-2515-1 http://www.ubuntu.com/usn/USN-2516-1 http://www.ubuntu.com/usn/US • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.1EPSS: 0%CPEs: 204EXPL: 0

Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call. Desbordamiento de buffer basado en pila en la función ttusbdecfe_dvbs_diseqc_send_master_cmd en drivers/media/usb/ttusb-dec/ttusbdecfe.c en el kernel de Linux anterior a 3.17.4 permite a usuarios locales causar una denegación de servicio (caída del sistema) o posiblemente ganar privilegios a través de una longitud de mensaje grande en una llamada ioctl. A stack-based buffer overflow flaw was found in the TechnoTrend/Hauppauge DEC USB device driver. A local user with write access to the corresponding device could use this flaw to crash the kernel or, potentially, elevate their privileges on the system. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f2e323ec96077642d397bb1c355def536d489d16 http://rhn.redhat.com/errata/RHSA-2015-0290.html http://rhn.redhat.com/errata/RHSA-2015-0782.html http://rhn.redhat.com/errata/RHSA-2015-0864.html http://secunia.com/advisories/62305 http://www.debian.org/security/2014/dsa-3093 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4 http://www.openwall.com/lists/oss-security/2014/11/14/7 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

The __clear_user function in arch/arm64/lib/clear_user.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. La función __clear_user en arch/arm64/lib/clear_user.S en el kernel de Linux anterior a 3.17.4 en la plataforma ARM64 permite a usuarios locales causar una denegación de servicio (caída del sistema) mediante la lectura de un byte más allá del límite de página /dev/zero. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=97fc15436b36ee3956efad83e22a557991f7d19d http://secunia.com/advisories/62305 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4 http://www.openwall.com/lists/oss-security/2014/11/13/5 http://www.securityfocus.com/bid/71082 https://bugzilla.redhat.com/show_bug.cgi?id=1163744 https://github.com/torvalds/linux/commit/97fc15436b36ee3956efad83e22a557991f7d19d • CWE-17: DEPRECATED: Code •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets. La función ieee80211_fragment en net/mac80211/tx.c en el kernel de Linux anterior a 3.13.5 no mantiene debidamente cierto puntero de cola, lo que permite a atacantes remotos obtener información sensible en texto plano mediante la lectura de paquetes. An information leak flaw was found in the Linux kernel's IEEE 802.11 wireless networking implementation. When software encryption was used, a remote attacker could use this flaw to leak up to 8 bytes of plaintext. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=338f977f4eb441e69bb9a46eaa0ac715c931a67f http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html http://rhn.redhat.com/errata/RHSA-2015-0290.html http://rhn.redhat.com/errata/RHSA-2015-1272.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeL • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •