Page 577 of 4921 results (0.037 seconds)

CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 1

CVE-2018-1000004 – kernel: Race condition in sound system can lead to denial of service

https://notcve.org/view.php?id=CVE-2018-1000004

In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition. En el kernel de Linux en versiones 4.12, 3.10, 2.6 y, probablemente, versiones anteriores, existe una vulnerabilidad en el sistema de sonido, lo que puede conducir a un deadlock y a una condición de denegación de servicio (DoS). In the Linux kernel versions 4.12, 3.10, 2.6, and possibly earlier, a race condition vulnerability exists in the sound system allowing for a potential deadlock and memory corruption due to use-after-free condition and thus denial of service. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely. • http://seclists.org/oss-sec/2018/q1/51 http://www.securityfocus.com/bid/104606 https://access.redhat.com/errata/RHSA-2018:0654 https://access.redhat.com/errata/RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:2390 https://access.redhat.com/errata/RHSA-2019:1483 https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 https://lists.debian.org/debian-lts-announce/ • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2018-5703

https://notcve.org/view.php?id=CVE-2018-5703

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via vectors involving TLS. La función tcp_v6_syn_recv_sock en net/ipv6/tcp_ipv6.c en el kernel de Linux, en versiones hasta la 4.14.11, permite que los atacantes provoquen una denegación de servicio (escritura fuera de límites del bloque) o, posiblemente, causen otros impactos no especificados mediante vectores relacionados con TLS. • https://groups.google.com/d/msg/syzkaller-bugs/0PBeVnSzfqQ/5eXAlM46BQAJ • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2017-15128

https://notcve.org/view.php?id=CVE-2017-15128

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG). Se encontró un error en la función hugetlb_mcopy_atomic_pte en mm/hugetlb.c en el kernel de Linux en versiones anteriores a la 4.13.12. La falta de comprobación de tamaño podría provocar una denegación de servicio (error). • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e3921471354244f70fe268586ff94a97a6dd4df https://access.redhat.com/security/cve/CVE-2017-15128 https://bugzilla.redhat.com/show_bug.cgi?id=1525222 https://github.com/torvalds/linux/commit/1e3921471354244f70fe268586ff94a97a6dd4df https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.12 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 2%CPEs: 1EXPL: 0

CVE-2017-15126 – kernel: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c

https://notcve.org/view.php?id=CVE-2017-15126

A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can lead to a situation where a fork event will be removed from an already freed list of events with userfaultfd_ctx_put(). Se ha encontrado un fallo de uso de memoria previamente liberada en fs/userfaultfd.c en el kernel de Linux en versiones anteriores a la 4.13.6. El problema se relaciona con la gestión del error de bifurcación al gestionar mensajes de evento. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=384632e67e0829deb8015ee6ad916b180049d252 http://www.securityfocus.com/bid/102516 https://access.redhat.com/errata/RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:1062 https://access.redhat.com/security/cve/CVE-2017-15126 https://bugzilla.redhat.com/show_bug.cgi?id=1523481 https://github.com/torvalds/linux/commit/384632e67e0829deb8015ee6ad916b180049d252 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2017-15127 – kernel: Improper error handling of VM_SHARED hugetlbfs mapping in mm/hugetlb.c

https://notcve.org/view.php?id=CVE-2017-15127

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG). Se encontró un error en la función hugetlb_mcopy_atomic_pte en mm/hugetlb.c en el kernel de Linux en versiones anteriores a la 4.13. Un desbloqueo superfluo implícito de página para la representación hugetlbfs de VM_SHARED podría desembocar una denegación de servicio local (error). A flaw was found in the Linux kernel when freeing pages in hugetlbfs. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5af10dfd0afc559bb4b0f7e3e8227a1578333995 http://www.securityfocus.com/bid/102517 https://access.redhat.com/errata/RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:1062 https://access.redhat.com/security/cve/CVE-2017-15127 https://bugzilla.redhat.com/show_bug.cgi?id=1525218 https://github.com/torvalds/linux/commit/5af10dfd0afc559bb4b0f7e3e8227a1578333995 • CWE-460: Improper Cleanup on Thrown Exception •