Page 568 of 3240 results (0.018 seconds)

CVSS: 7.8EPSS: 22%CPEs: 14EXPL: 0

The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood. Vulnerabilidad en las funciones (1) udp_recvmsg y (2) udpv6_recvmsg en el kernel de Linux en versiones anteriores a 4.0.6, no considera adecuadamente ceder un procesador, lo que permite a atacantes remotos causar una denegación de servicio (colgado del sistema) a través de sumas de comprobación incorrectas dentro de una inundación de paquetes UDP. A flaw was found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=beb39db59d14990e401e235faf66a6b9b31240b0 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html http://lists.opensuse.org/opensuse&# • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The tty_open function in drivers/tty/tty_io.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted access to a device file under the /dev/pts directory. La función tty_open en drivers/tty/tty_io.c en el kernel de Linux en versiones anteriores a 3.1.1 no maneja adecuadamente un fallo de búsqueda de controlador, lo que permite a usuarios locales provocar una denegación de servicio (referencia a puntero NULL y caída de sistema) o posiblemente tener otro impacto no especificado a través de acceso manipulado a un archivo de dispositivo bajo el directorio /dev/pts. A NULL pointer dereference flaw was found in the way the Linux kernel's virtual console implementation handled reference counting when accessing pseudo-terminal device files (/dev/pts/*). A local, unprivileged attacker could use this flaw to crash the system. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c290f8358acaeffd8e0c551ddcc24d1206143376 http://rhn.redhat.com/errata/RHSA-2015-1221.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.1 http://www.openwall.com/lists/oss-security/2015/03/13/17 https://bugzilla.redhat.com/show_bug.cgi?id=1201887 https://github.com/torvalds/linux/commit/c290f8358acaeffd8e0c551ddcc24d1206143376 https://access.redhat.com/security/cve/CVE-2011-5321 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler. Vulnerabilidad en la función bpf_int_jit_compile en arch/x86/net/bpf_jit_comp.c en el kernel de Linux en versiones anteriores a 4.0.6, permite a usuarios locales causar una denegación de servicio (caída del sistema) mediante la creación de un filtro de paquetes y después cargando instrucciones BPF manipuladas que desencadenan la convergencia tardía por el compilador JIT. A flaw was found in the kernel's implementation of the Berkeley Packet Filter (BPF). A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly optimize the JIT image on the last pass. This would lead to the CPU executing instructions that were not part of the JIT code. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3f7352bf21f8fd7ba3e2fcef9488756f188e12be http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html http://lists.opensuse.org • CWE-17: DEPRECATED: Code CWE-665: Improper Initialization •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The nft_flush_table function in net/netfilter/nf_tables_api.c in the Linux kernel before 3.18.5 mishandles the interaction between cross-chain jumps and ruleset flushes, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability. La función nft_flush_table en net/netfilter/nf_tables_api.c en el kernel de Linux en versiones anteriores a 3.18.5 no maneja adecuadamente la interacción entre saltos cross-chain y borrado de conjuntos de reglas, lo que permite a usuarios locales provocar una denegación de servicio (pánico) aprovechando la capacidad CAP_NET_ADMIN. A flaw was found in the way the nft_flush_table() function of the Linux kernel's netfilter tables implementation flushed rules that were referencing deleted chains. A local user who has the CAP_NET_ADMIN capability could use this flaw to crash the system. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a2f18db0c68fec96631c10cad9384c196e9008ac http://rhn.redhat.com/errata/RHSA-2015-1137.html http://rhn.redhat.com/errata/RHSA-2015-1138.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.5 http://www.openwall.com/lists/oss-security/2015/02/10/13 http://www.securityfocus.com/bid/72552 https://bugzilla.redhat.com/show_bug.cgi?id=1190966 https://github.com/torvalds/linux/commit/a2f18db0c68fec9 • CWE-19: Data Processing Errors CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 7

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace. La implementación de overlayfs en el paquete linux (también conocido como kernel Linux) en versiones anteriores a 3.19.0-21.21 en Ubuntu hasta la versión 15.04 no comprueba adecuadamente permisos para la creación de archivos en el directorio de sistema de archivos upper, lo que permite a usuarios locales obtener acceso de root aprovechando una configuración donde overlayfs es permitido en un espacio de nombre de montaje arbitrario. • https://www.exploit-db.com/exploits/40688 https://www.exploit-db.com/exploits/37293 https://www.exploit-db.com/exploits/37292 https://github.com/elit3pwner/CVE-2015-1328-GoldenEye https://github.com/notlikethis/CVE-2015-1328 https://github.com/SR7-HACKING/LINUX-VULNERABILITY-CVE-2015-1328 http://seclists.org/oss-sec/2015/q2/717 http://www.exploit-db.com/exploits/40688 http://www.securityfocus.com/bid/75206 https://people.canonical.com/~ubuntu-security/cve/2015/CVE • CWE-264: Permissions, Privileges, and Access Controls •