CVE-2018-12931 – kernel: stack-based out-of-bounds write in ntfs_attr_find in the ntfs.ko
https://notcve.org/view.php?id=CVE-2018-12931
ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem. ntfs_attr_find en el controlador en el sistema de archivos ntfs.ko en el kernel de Linux 4.15.0 permite que los atacantes desencadenen una escritura fuera de límites basada en la pila de memoria y provoquen una denegación de servicio (OOPS o pánico del kernel) o, posiblemente, provoquen otro impacto no especificado mediante un sistema de archivos ntfs manipulado. A flaw was found in ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel. This allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service or possibly have unspecified other impact via a crafted ntfs filesystem image. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely. • http://www.securityfocus.com/bid/104588 https://access.redhat.com/errata/RHSA-2019:0641 https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403 https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2 https://access.redhat.com/security/cve/CVE-2018-12931 https://bugzilla.redhat.com/show_bug.cgi?id=1597843 • CWE-787: Out-of-bounds Write •
CVE-2018-12929 – kernel: use-after-free in ntfs_read_locked_inode in the ntfs.ko
https://notcve.org/view.php?id=CVE-2018-12929
ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem. ntfs_read_locked_inode en el controlador en el sistema de archivos ntfs.ko en el kernel de Linux 4.15.0 permite que los atacantes desencadenen una lectura de uso de memoria previamente liberada y, posiblemente, provoquen una denegación de servicio (OOPS o pánico del kernel) mediante un sistema de archivos ntfs manipulado. A flaw was found in ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel. This allows attackers to trigger a use-after-free read and possibly cause a denial of service via a crafted ntfs filesystem. • http://www.securityfocus.com/bid/104588 https://access.redhat.com/errata/RHSA-2019:0641 https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403 https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2 https://access.redhat.com/security/cve/CVE-2018-12929 https://bugzilla.redhat.com/show_bug.cgi?id=1597831 • CWE-416: Use After Free •
CVE-2018-12930 – kernel: stack-based out-of-bounds write in ntfs_end_buffer_async_read in the ntfs.ko
https://notcve.org/view.php?id=CVE-2018-12930
ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem. ntfs_end_buffer_async_read en el controlador en el sistema de archivos ntfs.ko en el kernel de Linux 4.15.0 permite que los atacantes desencadenen una escritura fuera de límites basada en la pila de memoria y provoquen una denegación de servicio (OOPS o pánico del kernel) o, posiblemente, provoquen otro impacto no especificado mediante un sistema de archivos ntfs manipulado. A flaw was found in ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel. This allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service or possibly have unspecified other impact via a crafted ntfs filesystem. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely. • http://www.securityfocus.com/bid/104588 https://access.redhat.com/errata/RHSA-2019:0641 https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403 https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2 https://access.redhat.com/security/cve/CVE-2018-12930 https://bugzilla.redhat.com/show_bug.cgi?id=1597837 • CWE-787: Out-of-bounds Write •
CVE-2018-12928
https://notcve.org/view.php?id=CVE-2018-12928
In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem. En el kernel de Linux 4.15.0, se ha descubierto una desreferencia de puntero NULL en hfs_ext_read_extent en hfs.ko. Esto puede ocurrir cuando se monta un sistema de archivos hfs manipulado. • http://www.securityfocus.com/bid/104593 https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763384 https://marc.info/?l=linux-fsdevel&m=152407263325766&w=2 • CWE-476: NULL Pointer Dereference •
CVE-2018-12904 – KVM (Nested Virtualization) - L1 Guest Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-12904
In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL. En arch/x86/kvm/vmx.c en el kernel de Linux en versiones anteriores a la 4.17.2, cuando se emplea la virtualización anidada, los atacantes locales podrían hacer que los invitados L1 KVM realizasen un VMEXIT, permitiendo escalados de privilegios y ataques de denegación de servicio (DoS) debido a la falta de comprobación de CPL. • https://www.exploit-db.com/exploits/44944 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=727ba748e110b4de50d142edca9d6a9b7e6111d8 https://bugs.chromium.org/p/project-zero/issues/detail?id=1589 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.2 https://github.com/torvalds/linux/commit/727ba748e110b4de50d142edca9d6a9b7e6111d8 https://usn.ubuntu.com/3752-1 https://usn.ubuntu.com/3752-2 https://usn.ubuntu.com/3752-3 •