CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 3CVE-2014-8559 – kernel: fs: deadlock due to incorrect usage of rename_lock
https://notcve.org/view.php?id=CVE-2014-8559
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application. La función d_walk en fs/dcache.c en el kernel de Linux hasta 3.17.2 no mantiene debidamente la semántica de rename_lock, lo que permite a usuarios locales causar una denegación de servicio (bloqueo y cuelgue del sistema) a través de una aplicación manipulada. A flaw was found in the way the Linux kernel's VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system. • http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html http://rhn.redhat.com/errata/RHSA-2015-1976.html http:&# • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2014-3690 – kernel: kvm: vmx: invalid host cr4 handling across vm entries
https://notcve.org/view.php?id=CVE-2014-3690
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU. arch/x86/kvm/vmx.c en el subsistema KVM en el kernel de Linux anterior a 3.17.2 en los procesadores Intel no asegura que el valor en el registro de control CR4 queda igual después de una entrada VM, lo que permite a usuarios del sistema operativo anfitrión cancelar varios procesos o causar una denegación de servicio (interrupción del sistema) mediante el aprovechamiento del acceso a /dev/kvm, tal y como fue demostrado por llamadas a prctl PR_SET_TSC dentro de una copia modificada de QEMU. It was found that the Linux kernel's KVM implementation did not ensure that the host CR4 control register value remained unchanged across VM entries on the same virtual CPU. A local, unprivileged user could use this flaw to cause a denial of service on the system. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d974baa398f34393db76be45f7d4d04fbdbb4a0a http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html http://rhn.redhat.com/errata/RHSA-2015-0290.html http://rhn.redhat.com/errata/RHSA&# • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 90%CPEs: 21EXPL: 2CVE-2014-3673 – kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks
https://notcve.org/view.php?id=CVE-2014-3673
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and net/sctp/sm_statefuns.c. La implementación SCTP en el kernel de Linux hasta 3.17.2 permite a atacantes remotos causar una denegación de servicio (caída del sistema) a través de un chunk ASCONF malformado, relacionado con net/sctp/sm_make_chunk.c y net/sctp/sm_statefuns.c. A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled malformed Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9de7922bc709eee2f609cd01d98aaedc4cf5ea74 http://linux.oracle.com/errata/ELSA-2014-3087.html http://linux.oracle.com/errata/ELSA-2014-3088.html http://linux.oracle.com/errata/ELSA-2014-3089.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 0%CPEs: 73EXPL: 0CVE-2014-7207
https://notcve.org/view.php?id=CVE-2014-7207
A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6_select_ident function calls, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging (1) tun or (2) macvtap device access. Cierto parche de Debian a la implementación IPv6 en el kernel de Linux 3.2.x hasta 3.2.63 no valida debidamente los argumentos en llamadas a la función ipv6_select_ident, lo que permite a usuarios locales causar una denegación de servicio (referencia a puntero nulo y caída del sistema) mediante el aprovechamiento del acceso al dispositivo (1) tun o (2) macvtap. • http://www.debian.org/security/2014/dsa-3060 http://www.openwall.com/lists/oss-security/2014/11/02/1 http://www.securityfocus.com/bid/70867 http://www.ubuntu.com/usn/USN-2417-1 http://www.ubuntu.com/usn/USN-2418-1 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766195 •
CVSS: 7.1EPSS: 20%CPEs: 204EXPL: 1CVE-2014-3688 – kernel: net: sctp: remote memory pressure from excessive queueing
https://notcve.org/view.php?id=CVE-2014-3688
The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c. La implementación SCTP en el kernel de Linux anterior a 3.17.4 permite a atacantes remotos causar una denegación de servicio (consumo de memoria) mediante la provocación de un gran número de trozos (chunks) en la cola de salidas de una asociación, tal y como fue demostrado por sondas ASCONF, relacionado con net/sctp/inqueue.c y net/sctp/sm_statefuns.c. A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled the association's output queue. A remote attacker could send specially crafted packets that would cause the system to use an excessive amount of memory, leading to a denial of service. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26b87c7881006311828bb0ab271a551a62dcceb4 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html http://marc.info/?l=bugtraq&m=142722450701342&w=2 http://marc.info/?l=bugtraq& • CWE-399: Resource Management Errors •