CVE-2015-5327
https://notcve.org/view.php?id=CVE-2015-5327
Out-of-bounds memory read in the x509_decode_time function in x509_cert_parser.c in Linux kernels 4.3-rc1 and after. Existe una lectura de memoria fuera de límites en la función x509_decode_time en x509_cert_parser.c en los kernels de Linux 4.3-rc1 y posteriores. • http://www.openwall.com/lists/oss-security/2015/11/27/1 https://bugzilla.redhat.com/show_bug.cgi?id=1278978 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc25b994acfbc901429da682d0f73c190e960206 • CWE-125: Out-of-bounds Read •
CVE-2017-12153
https://notcve.org/view.php?id=CVE-2017-12153
A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash. Se descubrió un fallo de seguridad en la función nl80211_set_rekey_data() en net/wireless/nl80211.c en el kernel de Linux hasta la versión 4.13.3. La función no comprueba si los atributos requeridos están presentes en una petición Netlink. • http://seclists.org/oss-sec/2017/q3/437 http://www.debian.org/security/2017/dsa-3981 http://www.securityfocus.com/bid/100855 https://bugzilla.novell.com/show_bug.cgi?id=1058410 https://bugzilla.redhat.com/show_bug.cgi?id=1491046 https://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git/commit/?id=e785fa0a164aa11001cba931367c7f94ffaff888 https://marc.info/?t=150525503100001&r=1&w=2 https://usn.ubuntu.com/3583-1 https://usn.ubuntu.com/3583-2 • CWE-476: NULL Pointer Dereference •
CVE-2017-12168
https://notcve.org/view.php?id=CVE-2017-12168
The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11 allows privileged KVM guest OS users to cause a denial of service (assertion failure and host OS crash) by accessing the Performance Monitors Cycle Count Register (PMCCNTR). La función access_pmu_evcntr en arch/arm64/kvm/sys_regs.c en el kernel Linux en versiones anteriores a la 4.8.11 permite que los usuarios KVM invitados del sistema operativo provoquen una denegación de servicio (fallo de aserción y cierre inesperado del sistema operativo del host) accediendo a Performance Monitors Cycle Count Register (PMCCNTR). • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9e3f7a29694049edd728e2400ab57ad7553e5aa9 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.11 https://bugzilla.redhat.com/show_bug.cgi?id=1492984 https://github.com/torvalds/linux/commit/9e3f7a29694049edd728e2400ab57ad7553e5aa9 • CWE-617: Reachable Assertion •
CVE-2017-14497
https://notcve.org/view.php?id=CVE-2017-14497
The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel before 4.13 mishandles vnet headers, which might allow local users to cause a denial of service (buffer overflow, and disk and memory corruption) or possibly have unspecified other impact via crafted system calls. La función tpacket_rcv en net/packet/af_packet.c en el kernel de Linux en versiones anteriores a la 4.13 no gestiona correctamente cabeceras vnet, lo que podría permitir que usuarios locales provoquen una denegación de servicio (desbordamiento de búfer y corrupción de disco y de memoria) o, posiblemente, provoquen otro impacto sin especificar mediante llamadas del sistema manipuladas. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=edbd58be15a957f6a760c4a514cd475217eb97fd http://seclists.org/oss-sec/2017/q3/476 http://www.debian.org/security/2017/dsa-3981 http://www.securityfocus.com/bid/100871 http://www.securitytracker.com/id/1039371 http://www.securitytracker.com/id/1040106 https://bugzilla.redhat.com/show_bug.cgi?id=1492593 https://github.com/torvalds/linux/commit/edbd58be15a957f6a760c4a514cd475217eb97fd https://marc.info/?l=linux-kernel&m • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-14340 – kernel: xfs: unprivileged user kernel oops
https://notcve.org/view.php?id=CVE-2017-14340
The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory. La macro XFS_IS_REALTIME_INODE en fs/xfs/xfs_linux.h en el kernel de Linux en versiones anteriores a la 4.13.2 no verifica que un sistema de archivos tenga un dispositivo realtime, lo que permite que usuarios locales provoquen una denegación de servicio (desreferencia de puntero NULL y OOPS) mediante vectores relacionados con la configuración de una marca RHINHERIT en un directorio. A flaw was found where the XFS filesystem code mishandles a user-settable inode flag in the Linux kernel prior to 4.14-rc1. This can cause a local denial of service via a kernel panic. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b31ff3cdf540110da4572e3e29bd172087af65cc http://seclists.org/oss-sec/2017/q3/436 http://www.debian.org/security/2017/dsa-3981 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.2 http://www.securityfocus.com/bid/100851 https://access.redhat.com/errata/RHSA-2017:2918 https://bugzilla.redhat.com/show_bug.cgi?id=1491344 https://github.com/torvalds/linux/commit/b31ff3cdf540110da4572e3e29bd172087af65cc https: • CWE-391: Unchecked Error Condition CWE-476: NULL Pointer Dereference •