CVE-2015-7566 – Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - visor clie_5_attach Nullpointer Dereference
https://notcve.org/view.php?id=CVE-2015-7566
The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint. La función clie_5_attach en drivers/usb/serial/visor.c en el kernel de Linux hasta la versión 4.4.1 permite a atacantes físicamente próximos provocar una denegación de servicio (referencia a puntero NULL y caída del sistema) o posiblemente tener otro impacto no especificado insertando un dispositivo USB que carezca de un punto final de expansión. Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the visor (clie_5_attach) driver. • https://www.exploit-db.com/exploits/39540 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cb3232138e37129e88240a98a1d2aba2187ff57c http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html http://lists.opensuse.org/opensuse-sec •
CVE-2015-8550
https://notcve.org/view.php?id=CVE-2015-8550
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability. Xen, cuando se utiliza en un sistema que proporciona backends PV, permite a administradores locales del SO invitado causar una denegación de servicio (caída de SO anfitrión) o la obtención de privilegios escribiendo en la memoria compartida por el frontend y el backend, también conocida como una vulnerabilidad de doble recuperación. • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html http://www.debian.org/security/2016/dsa-3434 http://www.debian.org/security/2016/dsa-3471 http://www.debian.org/security/2016/dsa-3519 http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.securityfocus.com/bid/79592 http://ww • CWE-284: Improper Access Control •
CVE-2015-8552
https://notcve.org/view.php?id=CVE-2015-8552
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka "Linux pciback missing sanity checks." El controlador backend PCI en Xen, cuando se ejecuta en un sistema x86 y utiliza Linux 3.1.x hasta la versión 4.3.x como dominio de controlador, permite a administradores locales invitados generar un flujo continuo de mensajes WARN y provocar una denegación de servicio (consumo de disco) aprovechando un sistema con acceso a un dispositivo físico PCI capaz de pasar a través de MSI o MSI-X y operaciones XEN_PCI_OP_enable_msi, también conocido como "Lenux pciback missing sanity checks". • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html http://lists.opensuse.org/opensuse-security-announce/2016-08 • CWE-20: Improper Input Validation •
CVE-2015-7833
https://notcve.org/view.php?id=CVE-2015-7833
The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor. El controlador usbvision en el paquete del kernel de Linux 3.10.0-123.20.1.el7 hasta la versión 3.10.0-229.14.1.el7 en Red Hat Enterprise Linux (RHEL) 7.1 permite a atacantes físicamente próximos provocar una denegación de servicio (panic) a través de un valor bInterfaceNumber distinto de cero en un descriptor de dispositivo USB. • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html http://www.debian.org/security/2015/dsa-3396 http://www.debian.org/security/2015/dsa-3426 http://www.os-s.net/advisories/DOS-KernelCrashesOnInvalidUSBDeviceDescriptors-UsbvisionDriver.pdf http://www.securityfocus • CWE-17: DEPRECATED: Code •
CVE-2014-8559 – kernel: fs: deadlock due to incorrect usage of rename_lock
https://notcve.org/view.php?id=CVE-2014-8559
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application. La función d_walk en fs/dcache.c en el kernel de Linux hasta 3.17.2 no mantiene debidamente la semántica de rename_lock, lo que permite a usuarios locales causar una denegación de servicio (bloqueo y cuelgue del sistema) a través de una aplicación manipulada. A flaw was found in the way the Linux kernel's VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system. • http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html http://rhn.redhat.com/errata/RHSA-2015-1976.html http: • CWE-400: Uncontrolled Resource Consumption •