Page 829 of 4180 results (0.019 seconds)

CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 0

udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, aka the "GRO packet of death" issue. udp_gro_receive_segment en net/ipv4/udp_offload.c en el kernel de Linux versiones desde la 5.x hasta la 5.0.13 permite a los atacantes remotos causar una denegación de servicio (corrupción de memoria fuera de límites) o posiblemente tener otro impacto no especificado a través de paquetes UDP con una carga útil de 0, debido a un manejo incorrecto de los paquetes de relleno, también conocido como el problema del "GRO packet of death". • http://www.openwall.com/lists/oss-security/2019/05/02/1 http://www.openwall.com/lists/oss-security/2019/05/05/4 http://www.securityfocus.com/bid/108142 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.13 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=4dd2b82d5adfbe0b1587ccad7a8f76d826120f37 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7CYLTCIRTKUB4R2TLLUYPZLDQL44OBG https://security.netapp.com/advisory/ • CWE-787: Out-of-bounds Write •

CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 4

The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c. La implementación del coredump en el kernel de Linux en versiones anteriores a 5.0.10, no utiliza mecanismos de bloqueo u otros mecanismos para evitar cambios en el layout de vma o en los flags vma mientras se ejecuta, lo que permite a los usuarios locales obtener información sensible, causar una denegación de servicio o posiblemente tener otro impacto no especificado al activar una condición de carrera con llamadas mmget_not_zero o get_task_mm. Esto está relacionado con fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, y drivers/infiniband/core/uverbs_main.c A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service (DoS), or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. • https://www.exploit-db.com/exploits/46781 http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html http://packetstormsecurity.com/files/152663/Linux-Missing-Lockdown.html http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.openwall.com/lists/oss-security/2019/04/29/1 http://www.openwall.com/lists/oss-security/2019/04/29/2 http://www& • CWE-667: Improper Locking •

CVSS: 7.7EPSS: 0%CPEs: 29EXPL: 0

An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario. Se encontró un problema de bucle infinito en el módulo del núcleo vhost_net en el kernel de Linux versiones anteriores a 5.1-rc6 inclusive, mientras manejaba los paquetes entrantes en handle_rx(). Puede ocurrir cuando un extremo envía los paquetes más rápido de lo que el otro extremo los procesa. • http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.securityfocus.com/bid/108076 https://access.redhat.com/errata/RHSA-2019:1973 https://access.redhat.com/errata/RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2043 https://access.redhat.com/errata/RHSA-2019:3220 https://access.redhat.com/errata/RHSA-2019:3309 https://access.redhat.com/errata/RHSA-2019:3517 https://access.redhat.com/errata/RHSA-2019:3836 http • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 2

The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests. El kernel de Linux, en versiones anteriores a 5.1-rc5, permite el desbordamiento de la cuenta de referencia de página->_refcount, con los consiguientes problemas de uso de memoria después de su liberación, si existen alrededor de 140 GiB de RAM. Esto está relacionado con fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, y mm/hugetlb.c. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html http://www.openwall.com/lists/oss-security/2019/04/29/1 http://www.securityfocus.com/bid/108054 https://access.redhat.com/errata/RHSA-2019:2703 https://access.redhat.com/errata/RHSA-2019:2741 https://access.redhat.com/errata/RHSA-2020:0174 https://bugs.chrom • CWE-416: Use After Free •

CVSS: 7.0EPSS: 0%CPEs: 17EXPL: 0

The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions. El controlador de disciplina de línea Siemens R3964 en drivers/tty/n_r3964.c en el kernel de Linux antes de la versión 5.0.8 tiene múltiples condiciones de carrera. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html http://www.openwall.com/lists/oss-security/2019/04/29/1 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169&# • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •