Page 715 of 4812 results (0.060 seconds)

CVSS: 7.1EPSS: 7%CPEs: 8EXPL: 3

net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor. net/ceph/auth_x.c en Ceph, utilizado en el kernel de Linux anterior a 3.16.3, no valida debidamente las respuestas de autor válidas, lo que permite a atacantes remotos causar una denegación de servicio (caída del sistema) o posiblemente tener otro impacto no especificado a través de datos manipulados de la dirección IP de un monitor Ceph. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c27a3e4d667fdcad3db7b104f75659478e0c68d8 http://tracker.ceph.com/issues/8979 http://tracker.ceph.com/issues/9561 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3 http://www.openwall.com/lists/oss-security/2014/09/15/7 http://www.ubuntu.com/usn/USN-2376-1 http://www.ubuntu.com/usn/USN-2377-1 http://www.ubuntu.com/usn/USN-2378-1 http://www.ubuntu.com/usn/USN • CWE-399: Resource Management Errors •

CVSS: 6.9EPSS: 0%CPEs: 8EXPL: 0

Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that sends a large report. Desbordamiento de buffer en la función picolcd_raw_event en devices/hid/hid-picolcd_core.c en el controlador de dispositivos PicoLCD HID en el kernel de Linux hasta 3.16.3, utilizado en Android en los dispositivos Nexus 7, permite a atacantes físicamente próximos causar una denegación de servicio (caída del sistema) o posiblemente ejecutar código arbitrario a través de un dispositivo manipulado que envía un informe grande. A buffer overflow flaw was found in the way the Minibox PicoLCD driver handled Human Interface Device (HID) reports with an invalid size. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=844817e47eef14141cf59b8d5ac08dd11c0a9189 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://www.openwall.com/lists/oss-security/2014/09/11/22 http://www.securityfocus.com/bid/69763 http://www.ubuntu.com/usn/USN-2376-1 http://www.ubuntu.com/usn/USN-2377-1 http://www.ubuntu.com/usn/USN-2378- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0

Multiple stack-based buffer overflows in the magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with an event. Múltiples desbordamientos de buffer basado en pila en la función magicmouse_raw_event en drivers/hid/hid-magicmouse.c en el controlador Magic Mouse HID en el kernel de Linux hasta 3.16.3 permiten a atacantes físicamente próximos causar una denegación de servicio (caída del sistema) o posiblemente ejecutar código arbitrario a través de un dispositivo que proporciona una cantidad grande de datos (1) EHCI o (2) XHCI asociados con un evento. An out-of-bounds write flaw was found in the way the Apple Magic Mouse/Trackpad multi-touch driver handled Human Interface Device (HID) reports with an invalid size. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c54def7bd64d7c0b6993336abcffb8444795bf38 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://rhn.redhat.com/errata/RHSA-2014-1318.html http://www.openwall.com/lists/oss-security/2014/09/11/21 http://www.securityfocus.com/bid/69779 http://www.ubuntu.com/usn/USN-2376-1 http://www.ubuntu.com/usn/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0

Heap-based buffer overflow in the logi_dj_ll_raw_request function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that specifies a large report size for an LED report. Desbordamiento de buffer basado en memoria dinámica en la función logi_dj_ll_raw_request en drivers/hid/hid-logitech-dj.c en el kernel de Linux anterior a 3.16.2 permite a atacantes físicamente próximos causar una denegación de servicio (caída del sistema) o posiblemente ejecutar código arbitrario a través de un dispositivo manipulado que especifica un tamaño de informe grande para un informe LED. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=51217e69697fba92a06e07e16f55c9a52d8e8945 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.2 http://www.openwall.com/lists/oss-security/2014/09/11/21 https://bugzilla.redhat.com/show_bug.cgi?id=1141344 https://code.google.com/p/google-security-research/issues/detail?id=90 https://github.com/torvalds/linux/commit/51217e69697fba92a06e07e16f55c9a52d8e8945 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals. La función SMB2_tcon en fs/cifs/smb2pdu.c en el kernel de Linux anterior a 3.16.3 permite a servidores remotos CIFS causar una denegación de servicio (referencia a puntero nulo y caída del sistema cliente) o posiblemente tener otro impacto no especificado mediante la eliminación de el compartido IPC$ durante la resolución de las referencias DFS. A NULL pointer dereference flaw was found in the way the Linux kernel's Common Internet File System (CIFS) implementation handled mounting of file system shares. A remote attacker could use this flaw to crash a client system that would mount a file system share from a malicious server. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=18f39e7be0121317550d03e267e3ebd4dbfbb3ce http://rhn.redhat.com/errata/RHSA-2015-0102.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3 http://www.openwall.com/lists/oss-security/2014/09/22/4 http://www.securityfocus.com/bid/69867 http://www.ubuntu.com/usn/USN-2394-1 https://github.com/torvalds/linux/commit/18f39e7be0121317550d03e267e3ebd4dbfbb3ce https://access.redhat.com/security/cve& • CWE-399: Resource Management Errors CWE-476: NULL Pointer Dereference •