Page 558 of 4921 results (0.014 seconds)

CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0

CVE-2018-5873

https://notcve.org/view.php?id=CVE-2018-5873

An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05. Debido a una condición de carrera al acceder a los archivos en todas las distribuciones de Android de CAF (Android for MSM, Firefox OS for MSM y QRD Android) que utilizan el kernel de Linux antes del parche de seguridad de nivel del 05/07/2018, puede ocurrir una condición de uso de memoria previamente liberada en el kernel. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073c516ff73557a8f7315066856c04b50383ac34 https://github.com/torvalds/linux/commit/073c516ff73557a8f7315066856c04b50383ac34 https://source.android.com/security/bulletin/2018-07-01 https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=34742aaf7cb16c95edba4a7afed6d2c4fa7e434b https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 92EXPL: 1

CVE-2018-13405 – Linux (Ubuntu) - Other Users coredumps Can Be Read via setgid Directory and killpriv Bypass

https://notcve.org/view.php?id=CVE-2018-13405

The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID. La función inode_init_owner en fs/inode.c en el kernel de Linux hasta la versión 3.16 permite a los usuarios locales crear archivos con una propiedad de grupo no deseada, en un escenario donde un directorio es SGID a un cierto grupo y es escribible por un usuario que no es miembro de ese grupo. • https://www.exploit-db.com/exploits/45033 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7 http://openwall.com/lists/oss-security/2018/07/13/2 http://www.securityfocus.com/bid/106503 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2019:0717 https://access.redhat.com/errata/RHSA- • CWE-269: Improper Privilege Management CWE-284: Improper Access Control •

CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0

CVE-2018-13406

https://notcve.org/view.php?id=CVE-2018-13406

An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used. Un desbordamiento de enteros en la función uvesafb_setcmap en drivers/video/fbdev/uvesafb.c en el kernel de Linux en versiones anteriores a la 4.17.4 podría resultar en que los atacantes locales puedan cerrar inesperadamente el kernel o elevar privilegios debido a que no se emplea kmalloc_array. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9f645bcc566a1e9f921bdae7528a01ced5bc3713 http://www.securityfocus.com/bid/104685 http://www.securitytracker.com/id/1041355 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.4 https://github.com/torvalds/linux/commit/9f645bcc566a1e9f921bdae7528a01ced5bc3713 https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html https://usn.ubuntu.com/3752-1 https://usn.ubuntu.com/3752-2 https://usn.ubuntu.com& • CWE-190: Integer Overflow or Wraparound •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-13093 – kernel: NULL pointer dereference in lookup_slow function

https://notcve.org/view.php?id=CVE-2018-13093

An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation. Se ha descubierto un problema en fs/xfs/xfs_icache.c en el kernel de Linux hasta la versión 4.17.3. Existe una desreferencia de puntero NULL y pánico en lookup_slow() en un puntero NULL inode->i_ops cuando se navega por rutas en una imagen xfs corrupta. • https://access.redhat.com/errata/RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2043 https://bugzilla.kernel.org/show_bug.cgi?id=199367 https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=afca6c5b2595fc44383919fba740c194b0b76aff https://github.com/torvalds/linux/commit/afca6c5b2595fc44383919fba740c194b0b76aff https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://usn.ubuntu.com/4094-1 https://usn.ubuntu.com/4118-1 https://access.re • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1

CVE-2018-13094 – kernel: NULL pointer dereference in xfs_da_shrink_inode function

https://notcve.org/view.php?id=CVE-2018-13094

An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp. Se ha descubierto un problema en fs/xfs/libxfs/xfs_attr_leaf.c en el kernel de Linux hasta la versión 4.17.3. Puede ocurrir un OOPS para una imagen xfs corrupta después de que se llame a xfs_da_shrink_inode() con un bp NULL. An issue was discovered in the XFS filesystem in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel. • https://access.redhat.com/errata/RHSA-2019:0831 https://access.redhat.com/errata/RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2043 https://bugzilla.kernel.org/show_bug.cgi?id=199969 https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=bb3d48dcf86a97dc25fe9fc2c11938e19cb4399a https://github.com/torvalds/linux/commit/bb3d48dcf86a97dc25fe9fc2c11938e19cb4399a https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://usn.ubuntu.com/3752-1 https • CWE-476: NULL Pointer Dereference •