Page 765 of 4812 results (0.022 seconds)

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0

Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death. Condicion de carrera en la funcionalidad ptrace en el kernel de Linux anterior a v3.7.5 permite a usuarios locales ganar privilegios de administrador mediante una llamada PTRACE_SETREGS ptrace en una aplicación manipulada, como se demostró con ptrace_death. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9899d11f654474d2d54ea52ceaa2a1f4db3abd68 http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html http://rhn.redhat.com/errata/RHSA-2013-0567.html http://rhn.redhat.com/errata/RHSA-2013-0661.html http://rhn.redhat.com/errata/RHSA-2013-0662.html http& • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 6.2EPSS: 0%CPEs: 167EXPL: 1

The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c. La funcion msr_open en arch/x86/kernel/msr.c en el kernel de Linux anterior a v3.7.6 permite a usuarios locales eludir las capacidades de restricción mediante la ejecución de una aplicación manipulada como root, como se demostró con msr32.c. • https://www.exploit-db.com/exploits/27297 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c903f0456bc69176912dee6dd25c6a66ee1aed00 http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.6 http://www.openwall.com/lists/oss-security/2013/02/07/12 https://bugzilla.redhat.com/show_bug.cgi?id=908693 http • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.2EPSS: 0%CPEs: 170EXPL: 1

The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption. La funcionalidad Xen netback en el kernel de Linux anterior a v3.7.8 permite a usuarios invitados del OS generar una denegación de servicio (bucle) mediante una corrupción de puntero. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=48856286b64e4b66ec62b94e504d0b29c1ade664 http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.8 http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 http://www.openwall.com/li • CWE-20: Improper Input Validation •

CVSS: 5.2EPSS: 0%CPEs: 170EXPL: 0

Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (memory consumption) by triggering certain error conditions. Fuga de memoria (memory leaks) en drivers/net/xen-netback/netback.c en la funcionalidad Xen netback en el kernel de Linux anterior a v3.7.8 permite a usuarios invitados generar una denegación de servicio (corrupción de memoria) cuando se producen determinados errores de condición. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7d5145d8eb2b9791533ffe4dc003b129b9696c48 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.8 http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 http://www.openwall.com/lists/oss-security/2013/02/05/12 https://bugzilla.redhat.com/show_bug.cgi?id=910883 https://github.com/torvalds/linux/commit/7d5145d8eb2b9791533ffe4dc003b129b9696c48 • CWE-399: Resource Management Errors •

CVSS: 5.2EPSS: 0%CPEs: 11EXPL: 0

The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information. La función pciback_enable_msi en el controlador PCI backend (drivers/xen/pciback/conf_space_capability_msi.c) en Xen para Linux kernel v2.6.18 y v3.8, permite que los usuarios de los sistemas operativos huésped (guest) puedan provocar una denegación de servicio a través de un número elevado de mensajes de log del kernel. NOTA: algunos de estos detalles han sido obtenidos a partir de información de terceros. • http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html http://osvdb.org/89903 http://secunia.com/advisories/52059 http://www.debian.org/security/2013/dsa-2632 http://www.openwall.com/lists/oss-security/2013/02/05/9 http://www.securityfocus.com/bid/57740 https://exchange.xforce.ibmcloud.com/vulnerabilities/81923 https& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •