CVE-2013-4343 – Kernel: net: use-after-free TUNSETIFF
https://notcve.org/view.php?id=CVE-2013-4343
Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAP_NET_ADMIN capability and providing an invalid tuntap interface name in a TUNSETIFF ioctl call. Vulnerabilidad de uso despues de liberación en drivers/net/tun.c en el kernel Linux 3.11.1 permite a usuarios locales obtener privilegios aprovechado CAP_NET_ADMIN e introduciendo un nombre de interfaz tuntap inválido en una llamada TUNSETIFF ioctl. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html http://marc.info/?l=linux-kernel&m=137889490510745&w=2 http://rhn.redhat.com/errata/RHSA-2013-1490.html http://www.openwall.com/lists/oss-security/2013/09/12/3 http://www.spinics.net/lists/netdev/msg250066.html http://www.ubuntu.com/usn/USN-2020-1 http • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVE-2013-2058 – Kernel: usb: chipidea: Allow disabling streaming not just in udc mode
https://notcve.org/view.php?id=CVE-2013-2058
The host_start function in drivers/usb/chipidea/host.c in the Linux kernel before 3.7.4 does not properly support a certain non-streaming option, which allows local users to cause a denial of service (system crash) by sending a large amount of network traffic through a USB/Ethernet adapter. La función host_start en drivers/usb/Chipidea/host.c en el kernel de Linux anterior a la versión 3.7.4 no soporta adecuadamente una determinada opción no-streaming, que permite a usuarios locales provocar una denegación de servicio (caída del sistema) mediante el envío de un gran cantidad de tráfico de red a través de un adaptador USB/Ethernet. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=929473ea05db455ad88cdc081f2adc556b8dc48f http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.4 http://www.openwall.com/lists/oss-security/2013/05/05/2 https://bugzilla.redhat.com/show_bug.cgi?id=959210 https://github.com/torvalds/linux/commit/929473ea05db455ad88cdc081f2adc556b8dc48f https://access.redhat.com/security/cve/CVE-2013-2058 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-2894
https://notcve.org/view.php?id=CVE-2013-2894
drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LENOVO_TPKBD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device. El driver en el subsistema del Interfaz de Dispositivo Humano (HID) en el núcleo de Linux hasta 3.11 cuando es habilitada CONFIG_HID_LENOVO_TPKBD permite a atacantes físicos causar denegación de servicio (escritura fuera de rango en memoria dinámica) a través de un servicio manipulado • http://marc.info/?l=linux-input&m=137772187514628&w=1 http://openwall.com/lists/oss-security/2013/08/28/13 http://www.ubuntu.com/usn/USN-2020-1 http://www.ubuntu.com/usn/USN-2023-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-2888 – Kernel: HID: memory corruption flaw
https://notcve.org/view.php?id=CVE-2013-2888
Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID. Multiples indices de array en drivers/hid/hid-core.c del subsistema Dispositivo de Interfaz Humano (HID) en el núcleo de Linux hasta 3.11, permite a atacantes físicos ejecutar código arbitrario o causar denegación de servicio (corrupción de memoria dinámica) a través de un dispositivo manipulado que proporcione un Report ID inválido • http://marc.info/?l=linux-input&m=137772180514608&w=1 http://openwall.com/lists/oss-security/2013/08/28/13 http://rhn.redhat.com/errata/RHSA-2013-1490.html http://rhn.redhat.com/errata/RHSA-2013-1645.html http://www.debian.org/security/2013/dsa-2766 http://www.ubuntu.com/usn/USN-1976-1 http://www.ubuntu.com/usn/USN-1977-1 http://www.ubuntu.com/usn/USN-1995-1 http://www.ubuntu.com/usn/USN-1998-1 http://www.ubuntu.com/usn/USN-2019- • CWE-20: Improper Input Validation •
CVE-2013-2896 – Kernel: HID: ntrig: NULL pointer dereference
https://notcve.org/view.php?id=CVE-2013-2896
drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device. drivers/hid/hid-ntrig.c en el subsistema Human Interface Device (HID) del kernel Linux hasta 3.11, cuando CONFIG_HID_NTRIG es activado, permite a atacantes con acceso físico causar una denegación de servicio (referencia a puntero nulo y OOPS) a través de un dispositivo manipulado. • http://marc.info/?l=linux-input&m=137772189314633&w=1 http://openwall.com/lists/oss-security/2013/08/28/13 http://rhn.redhat.com/errata/RHSA-2013-1490.html http://www.ubuntu.com/usn/USN-1995-1 http://www.ubuntu.com/usn/USN-1998-1 http://www.ubuntu.com/usn/USN-2019-1 http://www.ubuntu.com/usn/USN-2021-1 http://www.ubuntu.com/usn/USN-2022-1 http://www.ubuntu.com/usn/USN-2024-1 http://www.ubuntu.com/usn/USN-2038-1 http:/ • CWE-476: NULL Pointer Dereference •