CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2012-6689 – libmnl: incorrect validation of netlink message origin allows attackers to spoof netlink messages
https://notcve.org/view.php?id=CVE-2012-6689
The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux kernel before 3.5.5 does not validate the dst_pid field, which allows local users to have an unspecified impact by spoofing Netlink messages. La función netlink_sendmsg en net/netlink/af_netlink.c en el kernel de Linux en versiones anteriores a 3.5.5 no valida el campo dst_pid, lo que permite a usuarios locales tener un impacto no especificado suplantando mensajes Netlink. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=20e1db19db5d6b9e4e83021595eab0dc8f107bef http://marc.info/?l=linux-netdev&m=134522422125983&w=2 http://marc.info/?l=linux-netdev&m=134522422925986&w=2 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.5 http://www.openwall.com/lists/oss-security/2015/02/22/10 http://www.securityfocus.com/bid/72739 https://bugzilla.redhat.com/show_bug.cgi?id=848949 https://github.com/torvalds/linux/com • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4178
https://notcve.org/view.php?id=CVE-2015-4178
The fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call, related to fs/fs_pin.c and include/linux/fs_pin.h. La implementación de fs_pin en el kernel de Linux en versiones anteriores a 4.0.5 no asegura la consistencia interna de una determinada estructura de datos de lista, lo que permite a usuarios locales provocar una denegación de servicio (caída de sistema) aprovechando acceso root al espacio de nombres de usuario para una llamada de sistema MNT_DETACH umount2, relacionado con fs/fs_pin.c y include/linux/fs_pin.h. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=820f9f147dcce2602eefd9b575bbbd9ea14f0953 http://openwall.com/lists/oss-security/2015/05/29/10 http://openwall.com/lists/oss-security/2015/05/29/5 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.5 http://www.openwall.com/lists/oss-security/2015/06/04/5 https://bugzilla.redhat.com/show_bug.cgi?id=1249849 https://github.com/torvalds/linux/commit/820f9f147dcce2602eefd9b575bbbd9ea14f0953 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2003-1604
https://notcve.org/view.php?id=CVE-2003-1604
The redirect_target function in net/ipv4/netfilter/ipt_REDIRECT.c in the Linux kernel before 2.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending packets to an interface that has a 0.0.0.0 IP address, a related issue to CVE-2015-8787. La función redirect_target en net/ipv4/netfilter/ipt_REDIRECT.c en el kernel de Linux en versiones anteriores a 2.6.0 permite a atacantes remotos to provocar una denegación de servicio (referencia a puntero NULL y OOPS) enviando paquetes a una interfaz que tiene una dirección IP 0.0.0.0, un problema relacionado con CVE-2015-8787. • http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html http://marc.info/?l=netfilter-devel&m=106668497403047&w=2 http://www.openwall.com/lists/oss-security/2016/01/27/9 https://bugzilla.redhat.com/show_bug.cgi?id=1303072 •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-2070
https://notcve.org/view.php?id=CVE-2016-2070
The tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via crafted TCP traffic. La función tcp_cwnd_reduction en net/ipv4/tcp_input.c en el kernel de Linux en versiones anteriores a 4.3.5 permite a atacantes remotos provocar una denegación de servicio (error de división por cero y caída de sistema) a través de tráfico TCP manipulado. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8b8a321ff72c785ed5e8b4cf6eda20b35d427390 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.5 http://www.openwall.com/lists/oss-security/2016/01/25/5 https://bugzilla.redhat.com/show_bug.cgi?id=1302219 https://github.com/torvalds/linux/commit/8b8a321ff72c785ed5e8b4cf6eda20b35d427390 • CWE-189: Numeric Errors •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8324 – kernel: Null pointer dereference when mounting ext4
https://notcve.org/view.php?id=CVE-2015-8324
The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a crafted USB device, related to the ext4_fill_super function. La implementación de ext4 en el kernel de Linux en versiones anteriores a 2.6.34 no rastrea correctamente la inicalización de determinadas estructuras de datos, lo que permite a atacantes físicamente próximos provocar una denegación de servicio (referencia a puntero NULL y pánico) a través de un dispositivo USB manipulado, relacionado con la función ext4_fill_super. A NULL pointer dereference flaw was found in the way the Linux kernel's ext4 file system driver handled certain corrupted file system images. An attacker with physical access to the system could use this flaw to crash the system. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=744692dc059845b2a3022119871846e74d4f6e11 http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.34 http://rhn.redhat.com/errata/RHSA-2016-0855.html http://www.openwall.com/lists/oss-security/2015/11/23/2 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html https://bugzilla.redhat.com/show_bug.cgi?id=1267261 https://github.com/torvalds/linux/commit/744692dc059845b2a3022119871846e74d4f6e11 https • CWE-476: NULL Pointer Dereference •