CVSS: 2.1EPSS: 0%CPEs: 316EXPL: 1CVE-2009-0028 – Linux Kernel 2.6.x - Cloned Process 'CLONE_PARENT' Local Origin Validation
https://notcve.org/view.php?id=CVE-2009-0028
The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit. La llamada al sistema clone en el kernel de Linux v2.6.28 y anteriores, permite a usuarios locales enviar señales arbitrarias a un proceso padre desde un proceso hijo sin privilegios mediante el envío de un proceso hijo adicional con la bandera CLONE_PARENT, y entonces dejando que este nuevo proceso salga. • https://www.exploit-db.com/exploits/32815 http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html http://osvdb.org/52204 http://rhn.redhat.com/errata/RHSA-2009-0459.html http://scary.beasts.org/security/CESA-2009-002.html http://scarybeastsecurity.blogspot.com/2009/02/linux-kernel-minor-signal-vulnerability.html http://s • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 2.1EPSS: 0%CPEs: 322EXPL: 0CVE-2009-0675 – kernel: skfp_ioctl inverted logic flaw
https://notcve.org/view.php?id=CVE-2009-0675
The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before 2.6.28.6 permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an "inverted logic" issue. La funcion skfp_ioctl en drivers/net/skfp/skfddi.c en el kernel de Linux anterior a v2.6.28.6 permite peticiones SKFP_CLR_STATS solo cuando la capacidad CAP_NET_ADMIN esta ausente, en cambio cuando esta capacidad esta presente, lo que permite a usuarios locales borrar las estadísticas de driver, relacionado con el hecho "lógica inversa". • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c25b9abbc2c2c0da88e180c3933d6e773245815a http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html http://lists.openwall.net/netdev/2009/01/28/90 http://openwall.com/lists/oss-security/2009/02/20/2 http://secunia.com/advisories/33758 http://secunia.com/advisories/33938 http://secunia.com/advisories/34394 http://secunia.com/advisories/34502 http://secunia.com/advisories/34680 http:/ • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 2.1EPSS: 0%CPEs: 325EXPL: 1CVE-2009-0676 – Linux Kernel 2.6.x - 'sock.c' SO_BSDCOMPAT Option Information Disclosure
https://notcve.org/view.php?id=CVE-2009-0676
The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request. La función sock_getsockopt en net/core/sock.c en el kernel de Linux anterior a v2.6.28.6 no inicializa un miembro de cierta estructura, lo que permite a usuarios locales obtener información sensible de la memoria del kernel a través de una petición SO_BSDCOMPAT getsockopt. • https://www.exploit-db.com/exploits/32805 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=df0bca049d01c0ee94afb7cd5dfd959541e6c8da http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html http://lkml.org/lkml/2009/2/12/123 http://marc.info/?l=linux-kernel&m=123540732700371&w=2 http://o • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.9EPSS: 0%CPEs: 323EXPL: 0CVE-2009-0605
https://notcve.org/view.php?id=CVE-2009-0605
Stack consumption vulnerability in the do_page_fault function in arch/x86/mm/fault.c in the Linux kernel before 2.6.28.5 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via unspecified vectors that trigger page faults on a machine that has a registered Kprobes probe. Vulnerabilidad de agotamiento de pila en la función do_page_fault en arch/x86/mm/fault.c en el kernel de Linux anterior a v2.6.28.5 permite a usuarios locales provocar una denegación de servicio (corrupción de memoria) o posiblemente obtener privilegios a través de vectores no especificados que lanza fallos de página en la máquina que ha registrado una prueba Kprobes. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=9be260a646bf76fa418ee519afa10196b3164681 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28.5 http://www.securityfocus.com/bid/33758 http://www.ubuntu.com/usn/usn-751-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 111EXPL: 0CVE-2009-0031 – kernel: local denial of service in keyctl_join_session_keyring
https://notcve.org/view.php?id=CVE-2009-0031
Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree." Fuga de memoria en la función keyctl_join_session_keyring (security/keys/keyctl.c) en el kernel de Linux 2.6.29-rc2 y anteriores permite a usuarios locales provocar una denegación de servicio(agotamiento de memoria del núcleo) a través de vectores desconocidos relacionados con "kfree perdido." • http://git2.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0d54ee1c7850a954026deec4cd4885f331da35cc http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html http://osvdb.org/51501 http://rhn.redhat.com/errata/RHSA-2009-0264.html http://secunia.com/advisories/33858 http://secunia.com/advisories/34252 http://secunia.com/advisories/34394 http://secunia.com/advisories/34502 http://secunia.com/advisories/34762 http://secunia.com/advisories/34981 http • CWE-399: Resource Management Errors •