CVE-2009-0031 – kernel: local denial of service in keyctl_join_session_keyring
https://notcve.org/view.php?id=CVE-2009-0031
Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree." Fuga de memoria en la función keyctl_join_session_keyring (security/keys/keyctl.c) en el kernel de Linux 2.6.29-rc2 y anteriores permite a usuarios locales provocar una denegación de servicio(agotamiento de memoria del núcleo) a través de vectores desconocidos relacionados con "kfree perdido." • http://git2.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0d54ee1c7850a954026deec4cd4885f331da35cc http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html http://osvdb.org/51501 http://rhn.redhat.com/errata/RHSA-2009-0264.html http://secunia.com/advisories/33858 http://secunia.com/advisories/34252 http://secunia.com/advisories/34394 http://secunia.com/advisories/34502 http://secunia.com/advisories/34762 http://secunia.com/advisories/34981 http • CWE-399: Resource Management Errors •
CVE-2008-4307 – Kernel BUG() in locks_remove_flock
https://notcve.org/view.php?id=CVE-2008-4307
Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call that leads to a stray FL_POSIX lock, related to improper handling of a race between fcntl and close in the EINTR case. Condición de carrera en la función do_setlk en fs/nfs/file.c del kernel de Linux versiones anteriores a v2.6.26 permite a usuarios locales provocar una denegación de servicio (caída) mediante vectores resultantes de una petición RPC interrumpida que conduce a una perdida de cierre de FL_POSIX, relacionado con un inapropiado manejo de una carrera entre "fcntl" y "close" en la gestión de la interrupción de sistema "EINTR". • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=c4d7c402b788b73dc24f1e54a57f89d3dc5eb7bc http://openwall.com/lists/oss-security/2009/01/13/1 http://rhn.redhat.com/errata/RHSA-2009-0459.html http://rhn.redhat.com/errata/RHSA-2009-0473.html http://secunia.com/advisories/34917 http://secunia.com/advisories/34962 http://secunia.com/advisories/34981 http://secunia.com/advisories/35011 http://secunia.com/advisories/35015 http://secunia.com • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2009-0065 – Linux Kernel 2.6.20/2.6.24/2.6.27_7-10 (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Overflow
https://notcve.org/view.php?id=CVE-2009-0065
Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID. Desbordamiento de búfer en net/sctp/sm_statefuns.c en la implementación del "Stream Control Transmission Protocol (sctp)" (Protocolo de Tansmisión de Control de Flujo) en el kernel de Linux antes de v2.6.28-git8 permite a atacantes remotos tener un impacto desconocido mediante un fragmento WD-TSN (también conocido como FORWARD-TSN) con un flujo ID grande. • https://www.exploit-db.com/exploits/8556 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9fcb95a105758b81ef0131cd18e2db5149f13e95 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01832118 http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html http://patchwork.ozlabs.org/patch/15024 h • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-5700 – kernel: enforce a minimum SG_IO timeout
https://notcve.org/view.php?id=CVE-2008-5700
libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program. libata en el kernel de Linux anterior a 2.6.27.9, no establece un tiempo de espera mínimo para solicitudes SG_IO; esto permite a usuarios locales provocar una denegación de servicio (Modo E/S programado en controladores) a través de múltiples invocaciones simultáneas de un programa de test no especificado. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=f2f1fa78a155524b849edf359e42a3001ea652c0 http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html http://openwall.com/lists/oss-security/2008/12/09/2 http://secunia.com/advisories/33706 http://secunia.com/advisories/33756 http://secunia.com/advisories/33758 http://secunia.com/advisories/33854 http://secunia.com/advisories/34252 http://secunia.com/advisories/34762 http://secunia. • CWE-399: Resource Management Errors •
CVE-2008-5702 – kernel: watchdog: ib700wdt.c - buffer_underflow bug
https://notcve.org/view.php?id=CVE-2008-5702
Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call. Desbordamiento inferior de búfer en la función ibwdt_ioctl de drivers/watchdog/ib700wdt.c en el kernel de Linux anterior a 2.6.28-rc1, puede que permita a usuarios locales tener un impacto desconocido a través de determinada llamada /dev/watchdog WDIOC_SETTIMEOUT IOCTL. • http://bugzilla.kernel.org/show_bug.cgi?id=11399 http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=7c2500f17d65092d93345f3996cf82ebca17e9ff http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html http://lkml.org/lkml/2008/10/5/173 http://openwall.com/lists/oss-security/2008/12/10/2 http://openwall.com/lists/oss-security/2008/12/17/20 http://o • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •