Page 556 of 2939 results (0.031 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The collect_mounts function in fs/namespace.c in the Linux kernel before 4.0.5 does not properly consider that it may execute after a path has been unmounted, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call. La función collect_mounts en fs/namespace.c en el kernel de Linux en versiones anteriores a 4.0.5 no considera correctamente que se pueda ejecutar después de que una ruta sea desmontada, lo que permite a usuarios locales provocar una denegación de servicio (caída de sistema) aprovechando acceso root al espacio de nombres de usuario para una llamada de sistema MNT_DETACH umount2. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cd4a40174b71acd021877341684d8bb1dc8ea4ae http://openwall.com/lists/oss-security/2015/05/29/10 http://openwall.com/lists/oss-security/2015/05/29/5 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.5 http://www.openwall.com/lists/oss-security/2015/06/04/5 https://bugzilla.redhat.com/show_bug.cgi?id=1248486 https://github.com/torvalds/linux/commit/cd4a40174b71acd021877341684d8bb1dc8ea4ae •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1

The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program. El subsistema VFS en el kernel de Linux 3.x provee un conjunto incompleto de requerimientos para operaciones setattr que subespecifica eliminando atributos de extensión de privilegios, lo que permite a usuarios locales provocar una denegación de servicio (desprovisión de capacidad) a través de una invocación fallida of a system call, según lo demostrado usando chown para eliminar una capacidad una capacidad de ping o del programa dumpcap de Wireshark. • http://marc.info/?l=linux-kernel&m=142153722930533&w=2 http://www.openwall.com/lists/oss-security/2015/01/24/5 http://www.securityfocus.com/bid/76075 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492 https://bugzilla.redhat.com/show_bug.cgi?id=1185139 • CWE-552: Files or Directories Accessible to External Parties •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application. La implementación de signal en el Kernel de Linux en versiones anteriores a 4.3.5 sobre plataformas powerpc no verifica que exista un MSR con los bits S y T establecidos, lo que permite a usuarios locales provocar una denegación de servicio (excepción TM Bad Thing exception y pánico) a través de una aplicación manipulada. A flaw was found in the Linux kernel which could cause a kernel panic when restoring machine specific registers on the PowerPC platform. Incorrect transactional memory state registers could inadvertently change the call path on return from userspace and cause the kernel to enter an unknown state and crash. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d2b9d2a5ad5ef04ff978c9923d19730cb05efd55 http://rhn.redhat.com/errata/RHSA-2016-2574.html http://rhn.redhat.com/errata/RHSA-2016-2584.html http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.5 http://www.openwall.com/lists/oss-security/2016/04/13/1 http://www.securitytracker.com/id/1035594 https://bugzilla.redhat.com/show_bug.cgi?id=1326540 https://github.com/torvalds/linux/commit/d2b9d2a5ad5ef0 • CWE-20: Improper Input Validation CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0

The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted application, related to arch/s390/include/asm/mmu_context.h and arch/s390/include/asm/pgalloc.h. La implementación fork en el kernel de Linux en versiones anteriores a 4.5 en la plataforma s390 no maneja correctamente el caso de los cuatro niveles de la tabla de página, lo que permite a usuarios locales causar una denegación de servicio (caída de sistema) o posiblemente tener otro impacto no especificado a través de una aplicación manipulada, relacionado con arch/s390/include/asm/mmu_context.h y arch/s390/include/asm/pgalloc.h. It was reported that on s390x, the fork of a process with four page table levels will cause memory corruption with a variety of symptoms. All processes are created with three level page table and a limit of 4TB for the address space. If the parent process has four page table levels with a limit of 8PB, the function that duplicates the address space will try to copy memory areas outside of the address space limit for the child process. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3446c13b268af86391d06611327006b059b8bab1 http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html http://lists.opensuse.org • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.9EPSS: 0%CPEs: 9EXPL: 1

The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel before 4.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints. La función aiptek_probe en drivers/input/tablet/aiptek.c en el Kernel de Linux en versiones anteriores a 4.4 permite a atacantes físicamente próximos provocar una denegación de servicio (referencia a puntero NULL y caída de sistema) a través de un dispositivo USB manipulado que carece de dispositivos finales. • https://www.exploit-db.com/exploits/39544 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e20cf2bce122ce9262d6034ee5d5b76fbb92f96 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html http://www.debian.org/security/2016/dsa-3607 http://www.securityfocus.com/bid/84288 http://www.ubuntu.com/usn/USN • CWE-476: NULL Pointer Dereference •