Page 11 of 162 results (0.020 seconds)

CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 2

CVE-2010-3858 – Linux Kernel 2.6.37 - 'setup_arg_pages()' Denial of Service

https://notcve.org/view.php?id=CVE-2010-3858

The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240. La función setup_arg_pages en fs/exec.c en el kernel de Linux anterior a v2.6.36, cuando se utiliza CONFIG_STACK_GROWSDOWN, no restringe adecuadamente el consumo de memoria de pila de (1) los argumentos y (2) las variables de entorno para una aplicación de 32 bits en un plataforma de 64 bits, lo que permite a usuarios locales causar una denegación de servicio (mediante caída del sistema) a través de una system call debidamente modificada. Se trata de un problema relacionado con la CVE-2010-2240. • https://www.exploit-db.com/exploits/15619 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1b528181b2ffa14721fb28ad1bd539fe1732c583 http://grsecurity.net/~spender/64bit_dos.c http://secunia.com/advisories/42758 http://secunia.com/advisories/42789 http://secunia.com/advisories/46397 http://www.debian.org/security/2010/dsa-2126 http://www.exploit-db.com/exploits/15619 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36 http:/ • CWE-400: Uncontrolled Resource Consumption •

CVSS: 1.9EPSS: 0%CPEs: 15EXPL: 0

CVE-2010-4072 – kernel: ipc/shm.c: reading uninitialized stack memory

https://notcve.org/view.php?id=CVE-2010-4072

The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface." La función copy_shmid_to_user de ipc/shm.c del kernel de Linux en versiones anteriores a la 2.6.37-rc1 no inicializa una determinada estructura, lo que permite a usuarios locales obtener información potencialmente confidencial de la memoria de la pila a través de vectores de ataque relacionados con la llamada del sistema shmctl y el interfaz shm antigua. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3af54c9bd9e6f14f896aac1bb0e8405ae0bc7a44 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html http://lkml.or • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 8.3EPSS: 0%CPEs: 9EXPL: 0

CVE-2010-3705 – kernel: sctp memory corruption in HMAC handling

https://notcve.org/view.php?id=CVE-2010-3705

The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array. La función sctp_auth_asoc_get_hmac en net/sctp/auth.c en el kernel de Linux anteriores a v2.6.36 no valida correctamente la matriz hmac_ids de un par SCTP, lo cual permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y panic) a través de un valor manipulado en el último elemento de esta matriz. • http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=51e97a12bef19b7e43199fc153cf9bd5f2140362 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html http://marc.info/?l=linux-kernel&m=128596992418814&w=2 http://secunia.com/advisories/42745 http://www.debian.org/security/2010/dsa-2126 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36 http://www.mandriva.com/security/advisories?name=MDVSA-2011:029 http://www.openwall.c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0

CVE-2010-2962 – kernel: arbitrary kernel memory write via i915 GEM ioctl

https://notcve.org/view.php?id=CVE-2010-2962

drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via crafted use of the ioctl interface, related to (1) pwrite and (2) pread operations. drivers/gpu/drm/i915/i915_gem.c en el Graphics Execution Manager (GEM) en el controlador Intel i915 en el subsistema Direct Rendering Manager (DRM) en el kernel de Linux anterior a v2.6.36 no valida correctamente los punteros a los bloques de la memoria, lo cual permite a usuarios locales escribir en ubicaciones de memoria del núcleo a su elección, y por consiguiente obtener privilegios, mediante el uso de la interfaz ioctl manipulada, relacionado con (1) pwrite y (2) operaciones pread. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ce9d419dbecc292cc3e06e8b1d6d123d3fa813a4 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://secunia.com/advisories/42745 http://secunia.com/advisories/42758 http:/&#x • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 1%CPEs: 10EXPL: 0

CVE-2010-3432 – kernel: sctp: do not reset the packet during sctp_packet_config

https://notcve.org/view.php?id=CVE-2010-3432

The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic. La función sctp_packet_config en net/sctp/output.c en el kernel de Linux anterior a v2.6.35.6, realiza un inicialización extraña de la estructura de paquetes de datos, lo que permite a atacantes remotos provocar una denegación de servicio (caída) a través de una determinada secuencia de tráfico SCTP. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4bdab43323b459900578b200a4b8cf9713ac8fab http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://marc.info/?l=linux-netdev&m=128453869227715&w=3 http://marc.info/?l=oss-security&m=128534569803598&w=2 http://marc.info/?l=oss-security&m=128537701808336&w=2 http://secunia.com/advisories/42400 http://secunia&# • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •