CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 0CVE-2017-12153
https://notcve.org/view.php?id=CVE-2017-12153
A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash. Se descubrió un fallo de seguridad en la función nl80211_set_rekey_data() en net/wireless/nl80211.c en el kernel de Linux hasta la versión 4.13.3. La función no comprueba si los atributos requeridos están presentes en una petición Netlink. • http://seclists.org/oss-sec/2017/q3/437 http://www.debian.org/security/2017/dsa-3981 http://www.securityfocus.com/bid/100855 https://bugzilla.novell.com/show_bug.cgi?id=1058410 https://bugzilla.redhat.com/show_bug.cgi?id=1491046 https://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git/commit/?id=e785fa0a164aa11001cba931367c7f94ffaff888 https://marc.info/?t=150525503100001&r=1&w=2 https://usn.ubuntu.com/3583-1 https://usn.ubuntu.com/3583-2 • CWE-476: NULL Pointer Dereference •
CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12168
https://notcve.org/view.php?id=CVE-2017-12168
The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11 allows privileged KVM guest OS users to cause a denial of service (assertion failure and host OS crash) by accessing the Performance Monitors Cycle Count Register (PMCCNTR). La función access_pmu_evcntr en arch/arm64/kvm/sys_regs.c en el kernel Linux en versiones anteriores a la 4.8.11 permite que los usuarios KVM invitados del sistema operativo provoquen una denegación de servicio (fallo de aserción y cierre inesperado del sistema operativo del host) accediendo a Performance Monitors Cycle Count Register (PMCCNTR). • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9e3f7a29694049edd728e2400ab57ad7553e5aa9 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.11 https://bugzilla.redhat.com/show_bug.cgi?id=1492984 https://github.com/torvalds/linux/commit/9e3f7a29694049edd728e2400ab57ad7553e5aa9 • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-14497
https://notcve.org/view.php?id=CVE-2017-14497
The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel before 4.13 mishandles vnet headers, which might allow local users to cause a denial of service (buffer overflow, and disk and memory corruption) or possibly have unspecified other impact via crafted system calls. La función tpacket_rcv en net/packet/af_packet.c en el kernel de Linux en versiones anteriores a la 4.13 no gestiona correctamente cabeceras vnet, lo que podría permitir que usuarios locales provoquen una denegación de servicio (desbordamiento de búfer y corrupción de disco y de memoria) o, posiblemente, provoquen otro impacto sin especificar mediante llamadas del sistema manipuladas. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=edbd58be15a957f6a760c4a514cd475217eb97fd http://seclists.org/oss-sec/2017/q3/476 http://www.debian.org/security/2017/dsa-3981 http://www.securityfocus.com/bid/100871 http://www.securitytracker.com/id/1039371 http://www.securitytracker.com/id/1040106 https://bugzilla.redhat.com/show_bug.cgi?id=1492593 https://github.com/torvalds/linux/commit/edbd58be15a957f6a760c4a514cd475217eb97fd https://marc.info/?l=linux-kernel&m&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14340 – kernel: xfs: unprivileged user kernel oops
https://notcve.org/view.php?id=CVE-2017-14340
The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory. La macro XFS_IS_REALTIME_INODE en fs/xfs/xfs_linux.h en el kernel de Linux en versiones anteriores a la 4.13.2 no verifica que un sistema de archivos tenga un dispositivo realtime, lo que permite que usuarios locales provoquen una denegación de servicio (desreferencia de puntero NULL y OOPS) mediante vectores relacionados con la configuración de una marca RHINHERIT en un directorio. A flaw was found where the XFS filesystem code mishandles a user-settable inode flag in the Linux kernel prior to 4.14-rc1. This can cause a local denial of service via a kernel panic. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b31ff3cdf540110da4572e3e29bd172087af65cc http://seclists.org/oss-sec/2017/q3/436 http://www.debian.org/security/2017/dsa-3981 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.2 http://www.securityfocus.com/bid/100851 https://access.redhat.com/errata/RHSA-2017:2918 https://bugzilla.redhat.com/show_bug.cgi?id=1491344 https://github.com/torvalds/linux/commit/b31ff3cdf540110da4572e3e29bd172087af65cc https:&# • CWE-391: Unchecked Error Condition CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-14489 – Linux Kernel < 4.14.rc3 - Local Denial of Service
https://notcve.org/view.php?id=CVE-2017-14489
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation. La función iscsi_if_rx en drivers/scsi/scsi_transport_iscsi.c en el kernel de Linux hasta la versión 4.13.2 permite que usuarios locales provoquen una denegación de servicio (pánico) aprovechando que se realiza una validación de longitud incorrecta. Linux kernel versions prior to 4-14-rc3 suffer from a local denial of service vulnerability. • https://www.exploit-db.com/exploits/42932 http://www.debian.org/security/2017/dsa-3981 http://www.securityfocus.com/bid/101011 https://bugzilla.redhat.com/show_bug.cgi?id=1490421 https://patchwork.kernel.org/patch/9923803 https://usn.ubuntu.com/3583-1 https://usn.ubuntu.com/3583-2 • CWE-20: Improper Input Validation •