Page 14 of 82 results (0.043 seconds)

CVSS: 4.9EPSS: 0%CPEs: 118EXPL: 0

CVE-2008-5395

https://notcve.org/view.php?id=CVE-2008-5395

The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated with an attempt to unwind a stack that contains userspace addresses. La función parisc_show_stack de arch/parisc/kernel/traps.c en el kernel de Linux anterior a v2.6.28-rc7 en PA-RISC; permite a usuarios locales provocar una denegación de servicio (caída del sistema) a través de vectores asociados con un intento de retirar de una pila que contiene direcciones de espacio de usuario. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=7a3f5134a8f5bd7fa38b5645eef05e8a4eb62951 http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.28-rc7 http://marc.info/?l=linux-parisc&m=121736357203624&w=2 http://secunia.com/advisories/32933 http://secunia.com/advisories/33756 http://secunia.com/advisories/34981 http://secunia.com/advisories/35011 http://www.debian.org/security/2009/dsa-1787 http://www.debian.org/security/2009& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.9EPSS: 0%CPEs: 110EXPL: 1

CVE-2008-5079 – Linux Kernel 2.6.27.8 - ATMSVC Local Denial of Service

https://notcve.org/view.php?id=CVE-2008-5079

net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table. net/atm/svc.c en el subsistema ATM del kernel de Linux v2.6.27.8 y anteriores; permite a usuarios locales provocar una denegación de servicio (bucle infinito del kernel) creando dos llamadas a svc_listen al mismo socket y luego leyendo el fichero /proc/net/atm/*vc que está relacionado con la corrupción de la tabla vcc. • https://www.exploit-db.com/exploits/7405 http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html http://marc.info/?l=linux-netdev&m=122841256115780&w=2 http://secunia.com/advisories/32913 http://secunia.com/advisories/33083 http://secunia.com/advisories/33348 http://secunia.com/advisories/33623 http://secunia.com/ • CWE-399: Resource Management Errors •

CVSS: 7.2EPSS: 0%CPEs: 285EXPL: 0

CVE-2008-5182 – kernel: fix inotify watch removal/umount races

https://notcve.org/view.php?id=CVE-2008-5182

The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount. La funcionalidad inotify en el kernel de Linux v2.6 anteriores a 2.6.28-rc5 que podría permitir a usuarios locales ganar privilegios a través de vectores desconocidos relacionados con las condiciones de carrera en el reloj de eliminación y desmontado. • http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.28-rc5 http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00010.html http://secunia.com/advisories/32998 http://secunia.com/advisories/33083 http://secunia.com/advisories/33348 http://secunia.com/advisories/33623 http://secunia.com/advisories/33641 http://secunia.com/advisories/33704 http://secunia.com/advisories/33706 http:/ • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-476: NULL Pointer Dereference •

CVSS: 10.0EPSS: 8%CPEs: 260EXPL: 0

CVE-2008-5134 – kernel: libertas: fix buffer overrun

https://notcve.org/view.php?id=CVE-2008-5134

Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact via an "invalid beacon/probe response." Desbordamiento de búfer en la función lbs_process_bss en drivers/net/wireless/libertas/scan.c en el subsistema libertas en versiones anteriores a 2.6.27.5 del kernel de linux, permite a los atacantes remotos tener un impacto desconocido a través de un "respuesta inválida de balizamiento/prueba." • http://article.gmane.org/gmane.linux.kernel.wireless.general/23049 http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=48735d8d8bd701b1e0cd3d49c21e5e385ddcb077 http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00006.html http://openwall.com/lists/oss-security/2008/11/11/2 http://secunia.com/advisories/32998 http://secunia.com/advisories/33641 http://secunia.com/advisories/33706 http://secunia.com/advisories/33854 http://www.debian.org/s • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 110EXPL: 0

CVE-2008-5025 – kernel: hfs: fix namelength memory corruption

https://notcve.org/view.php?id=CVE-2008-5025

Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933. Desbordamiento de búfer basado en pila en la función hfs_cat_find_brec en fs/hfs/catalog.c en versiones del kernel de Linux anteriores a la 2.6.28-RC1 permite a atacantes provocar una denegación de servicio (corrupción de memoria o caida del sistema) a través de una imagen de un sistema de ficheros HFS con un campo "longitud del catálogo" inválido. Esta vulnerabilidad esta relacionada con la CVE-2008-4933. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=d38b7aa7fc3371b52d036748028db50b585ade2e http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00010.html http://openwall.com/lists/oss-security/2008/11/10/1 http://openwall.com/lists/oss-security/2008/11/10/3 http://openwall.com/lists/oss-security/2008/11/10/6 http://openwall.com/lists/oss-security/2008/11/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •