CVE-2017-5897
https://notcve.org/view.php?id=CVE-2017-5897
The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access. La función ip6gre_err en net/ipv6/ip6_gre.c en el kernel de Linux permite a atacantes remotos tener impacto no especificado a través de vectores involucrando indicadores GRE flags en un paquete IPv6, que desencadenan un acceso fuera de los límites. • http://www.debian.org/security/2017/dsa-3791 http://www.openwall.com/lists/oss-security/2017/02/07/2 http://www.securityfocus.com/bid/96037 http://www.securitytracker.com/id/1037794 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=7892032cfe67f4bde6fc2ee967e45a8fbaf33756 https://source.android.com/security/bulletin/2017-09-01 https://usn.ubuntu.com/3754-1 • CWE-125: Out-of-bounds Read •
CVE-2017-2618 – kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate)
https://notcve.org/view.php?id=CVE-2017-2618
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. Se ha encontrado un fallo en el manejo del kernel de Linux para borrar los atributos SELinux de los ficheros /proc/pid/attr en versiones anteriores a la 4.9.10. Una escritura vacía (null) en este archivo puede cerrar de manera inesperada el sistema haciendo que el sistema intente acceder a la memoria no mapeada del kernel. A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. • http://www.securityfocus.com/bid/96272 https://access.redhat.com/errata/RHSA-2017:0931 https://access.redhat.com/errata/RHSA-2017:0932 https://access.redhat.com/errata/RHSA-2017:0933 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2618 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=0c461cb727d146c9ef2d3e86214f498b78b7d125 https://marc.info/?l=selinux&m=148588165923772&w=2 https://www.debian.org/security/2017/dsa-3791 https://access.redhat. • CWE-193: Off-by-one Error CWE-682: Incorrect Calculation •
CVE-2017-6214 – kernel: ipv4/tcp: Infinite loop in tcp_splice_read()
https://notcve.org/view.php?id=CVE-2017-6214
The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag. La función tcp_splice_read en net/ipv4/tcp.c en el kernel de Linux en versiones anteriores a 4.9.11 permite a atacantes remotos provocar una denegación de servicio (bucle infinito y bloqueo débil) a través de vectores que involucran un paquete TCP con la bandera URG. A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice() and tcp_splice_read() functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82 http://www.debian.org/security/2017/dsa-3804 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11 http://www.securityfocus.com/bid/96421 http://www.securitytracker.com/id/1037897 https://access.redhat.com/errata/RHSA-2017:1372 https://access.redhat.com/errata/RHSA-2017:1615 https://access.redhat.com/errata/RHSA-2017:1616 https://access.redhat.com/errata& • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2016-8636
https://notcve.org/view.php?id=CVE-2016-8636
Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read request involving the "RDMA protocol over infiniband" (aka Soft RoCE) technology. Desbordamiento de entero en la función mem_check_range en drivers/infiniband/sw/rxe/rxe_mr.c en el kernel de Linux en versiones anteriores a 4.9.10 permite a usuarios locales provocar una denegación de servicio (corrupción de memoria), obtener información sensible desde la memoria del kernel, o posiblemente tener otro impacto no especificado a través de una petición de escritura o lectura involucrando a la tecnología "RDMA protocol over infiniband" (también conocida como Soft RoCE). • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=647bf3d8a8e5777319da92af672289b2a6c4dc66 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.10 http://www.openwall.com/lists/oss-security/2017/02/11/9 http://www.securityfocus.com/bid/96189 https://bugzilla.redhat.com/show_bug.cgi?id=1421981 https://eyalitkin.wordpress.com/2017/02/11/cve-publication-cve-2016-8636 https://github.com/torvalds/linux/commit/647bf3d8a8e5777319da92af672289b2a6c4dc66 • CWE-190: Integer Overflow or Wraparound •
CVE-2017-6001 – kernel: Race condition between multiple sys_perf_event_open() calls
https://notcve.org/view.php?id=CVE-2017-6001
Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786. Condición de carrera en kernel/events/core.c en el kernel de Linux en versiones anteriores a 4.9.7 permite a usuarios locales obtener privilegios a través de una aplicación manipulada que hace llamadas concurrentes al sistema perf_event_open para mover un grupo de software en un contexto hardware. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2016-6786. It was found that the original fix for CVE-2016-6786 was incomplete. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=321027c1fe77f892f4ea07846aeae08cefbbb290 http://www.debian.org/security/2017/dsa-3791 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7 http://www.openwall.com/lists/oss-security/2017/02/16/1 http://www.securityfocus.com/bid/96264 https://access.redhat.com/errata/RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2669 https://a • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •