CVSS: 6.1EPSS: 0%CPEs: 204EXPL: 0CVE-2014-8884 – kernel: usb: buffer overflow in ttusb-dec
https://notcve.org/view.php?id=CVE-2014-8884
Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call. Desbordamiento de buffer basado en pila en la función ttusbdecfe_dvbs_diseqc_send_master_cmd en drivers/media/usb/ttusb-dec/ttusbdecfe.c en el kernel de Linux anterior a 3.17.4 permite a usuarios locales causar una denegación de servicio (caída del sistema) o posiblemente ganar privilegios a través de una longitud de mensaje grande en una llamada ioctl. A stack-based buffer overflow flaw was found in the TechnoTrend/Hauppauge DEC USB device driver. A local user with write access to the corresponding device could use this flaw to crash the kernel or, potentially, elevate their privileges on the system. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f2e323ec96077642d397bb1c355def536d489d16 http://rhn.redhat.com/errata/RHSA-2015-0290.html http://rhn.redhat.com/errata/RHSA-2015-0782.html http://rhn.redhat.com/errata/RHSA-2015-0864.html http://secunia.com/advisories/62305 http://www.debian.org/security/2014/dsa-3093 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4 http://www.openwall.com/lists/oss-security/2014/11/14/7 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2014-7843
https://notcve.org/view.php?id=CVE-2014-7843
The __clear_user function in arch/arm64/lib/clear_user.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary. La función __clear_user en arch/arm64/lib/clear_user.S en el kernel de Linux anterior a 3.17.4 en la plataforma ARM64 permite a usuarios locales causar una denegación de servicio (caída del sistema) mediante la lectura de un byte más allá del límite de página /dev/zero. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=97fc15436b36ee3956efad83e22a557991f7d19d http://secunia.com/advisories/62305 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4 http://www.openwall.com/lists/oss-security/2014/11/13/5 http://www.securityfocus.com/bid/71082 https://bugzilla.redhat.com/show_bug.cgi?id=1163744 https://github.com/torvalds/linux/commit/97fc15436b36ee3956efad83e22a557991f7d19d • CWE-17: DEPRECATED: Code •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 3CVE-2014-8559 – kernel: fs: deadlock due to incorrect usage of rename_lock
https://notcve.org/view.php?id=CVE-2014-8559
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application. La función d_walk en fs/dcache.c en el kernel de Linux hasta 3.17.2 no mantiene debidamente la semántica de rename_lock, lo que permite a usuarios locales causar una denegación de servicio (bloqueo y cuelgue del sistema) a través de una aplicación manipulada. A flaw was found in the way the Linux kernel's VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system. • http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html http://rhn.redhat.com/errata/RHSA-2015-1976.html http:&# • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 2CVE-2014-8369 – kernel: kvm: excessive pages un-pinning in kvm_iommu_map error path
https://notcve.org/view.php?id=CVE-2014-8369
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to cause a denial of service (host OS page unpinning) or possibly have unspecified other impact by leveraging guest OS privileges. NOTE: this vulnerability exists because of an incorrect fix for CVE-2014-3601. La función kvm_iommu_map_pages en virt/kvm/iommu.c en el kernel de Linux hasta 3.17.2 calcula mal el número de páginas durante el manejo de fallo en el mapeo, lo que permite a usuarios del sistema operativo invitado causar una denegación de servicio ( liberación de página del sistema operativo anfitrión) o posiblemente tener otro impacto no especificado mediante el aprovechamiento de los privilegios del sistema operativo invitado. NOTA: esta vulnerabilidad existe debido a una solución incorrecta para CVE-2014-3601. It was found that the fix for CVE-2014-3601 was incomplete: the Linux kernel's kvm_iommu_map_pages() function still handled IOMMU mapping failures incorrectly. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3d32e4dbe71374a6780eaf51d719d76f9a9bf22f http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html http://rhn.redhat.com/errata/RHSA-2015-0674.html http://secunia.com/advisories/62326 http://secunia.com/advisories/62336 http://www.debian.org/security/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 2CVE-2014-8481
https://notcve.org/view.php?id=CVE-2014-8481
The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8480. El decodificador de instrucciones en arch/x86/kvm/emulate.c en el subsistema KVM en el kernel de Linux anterior a 3.18-rc2 no maneja debidamente las instrucciones inválidas, lo que permite a usuarios del sistema operativo invitado causar una denegación de servicio (referencia a puntero nulo y caída del sistema operativo anfitrión) a través de una aplicación manipulada que provoca (1) una instrucción traída indebidamente o (2) una instrucción que ocupa demasiados bytes. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-8480. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a430c9166312e1aa3d80bce32374233bdbfeba32 http://secunia.com/advisories/62042 http://thread.gmane.org/gmane.comp.emulators.kvm.devel/128427 http://www.openwall.com/lists/oss-security/2014/10/23/7 https://bugzilla.redhat.com/show_bug.cgi?id=1156615 https://github.com/torvalds/linux/commit/a430c9166312e1aa3d80bce32374233bdbfeba32 • CWE-399: Resource Management Errors •