CVE-2015-2041
https://notcve.org/view.php?id=CVE-2015-2041
net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. net/llc/sysctl_net_llc.c en el kernel de Linux anterior a 3.19 utiliza un tipo de datos incorrecto en una tabla sysctl, lo que permite a usuarios locales obtener información sensible de la memoria del kernel o posiblemente tener otro impacto no especificado mediante el acceso a una entrada sysctl. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6b8d9117ccb4f81b1244aafa7bc70ef8fa45fc49 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html http://www.debian.org/security/2015/dsa-3237 http://www.openwall.com/lists/oss-secu • CWE-17: DEPRECATED: Code •
CVE-2015-0777
https://notcve.org/view.php?id=CVE-2015-0777
drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory via unspecified vectors. drivers/xen/usbback/usbback.c en linux-2.6.18-xen-3.4.0 (también conocido como los parches de soporte Xen 3.4.x para el kernel de Linux 2.6.18), utilizado en el kernel de Linux 2.6.x y 3.x en SUSE Linux distributions, permite a usuarios del sistema operativo invitado obtener información sensible de localizaciones no inicializadas en la memoria del kernel del sistema operativo anfitrión a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html http://www.securityfocus.com/bid/73921 https://bugzilla.novell.com/show_bug.cgi?id=917830 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-1465
https://notcve.org/view.php?id=CVE-2015-1465
The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service (memory consumption or system crash) via a flood of packets. La implementación IPv4 en el kernel de Linux anterior a 3.18.8 no considera correctamente la longitud del periodo de gracia de Read-Copy Update (RCU) para redirigir búsquedas en la ausencia de cacheo, lo que permite a atacantes remotos causar una denegación de servicio (corrupción de memoria o caída de sistema) a través de una inundación de paquetes. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=df4d92549f23e1c037e83323aff58a21b3de7fe0 http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.8 http://www.openwall.com/lists/oss-security/2015/02/03/13 http://www.securityfocus.com& • CWE-17: DEPRECATED: Code •
CVE-2015-2150
https://notcve.org/view.php?id=CVE-2015-2150
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response. Xen 3.3.x hasta la versión 4.5.x y en el kernel de Linux hasta la versión 3.19.1 no restringe adecuadamente el acceso al registro de comandos PCI, lo que podría permitir a usuarios locales del SO invitados provocar una denegación de servicio (interrupción no enmascarable y caída del host) deshabilitando (1) la memoria o (2) la descodificación I/O para un dispositivo PCI Express posteriormente accediendo al dispositivo, lo que desencadena una respuesta Unsupported Request (UR). • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=af6fc858a35b90e89ea7a7ee58e66628c55c776b http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152747.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00001.html http • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2014-8159 – kernel: infiniband: uverbs: unprotected physical memory access
https://notcve.org/view.php?id=CVE-2014-8159
The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by leveraging permissions on a uverbs device under /dev/infiniband/. La implementación InfiniBand (IB) en el paquete del kernel de Linux anterior a 2.6.32-504.12.2 en Red Hat Enterprise Linux (RHEL) 6 no restringe adecuadamente el uso de User Verbs para el registro de regiones de memoria, lo que permite a usaurios locales acceder de forma arbitraria a ubicaciones de la memoria física, y consecuentemente causar una denegación de servicio (caída del sistema) u obtener privilegios, aprovechando permisos en un dispositivo uverbs bajo /dev/infiniband/. It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152747.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg0001 • CWE-190: Integer Overflow or Wraparound CWE-264: Permissions, Privileges, and Access Controls •