CVSS: 9.8EPSS: 0%CPEs: 293EXPL: 0CVE-2010-1643 – kernel: nfsd: fix vm overcommit crash
https://notcve.org/view.php?id=CVE-2010-1643
03 Jun 2010 — mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors. Vulnerabilidad en el fichero mm/shmem.c para el kernel de Linux anterior a v2.6.28-rc3, cuando "strict overcommint" está habilitado no maneja correctamente la exportación del objeto "shmemfs" por "knfsd",... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=731572d39fcd3498702eda4600db4c43d51e0b26 •
CVSS: 9.8EPSS: 0%CPEs: 303EXPL: 0CVE-2008-7256 – kernel: nfsd: fix vm overcommit crash
https://notcve.org/view.php?id=CVE-2008-7256
03 Jun 2010 — mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIG_SECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1643. Vulnerabilidad en el fichero mm/shmem.c para el kernel de Linux anterior a v2.6.28-rc8, cuan... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1b79cd04fab80be61dcd2732e2423aafde9a4c1c •
CVSS: 7.5EPSS: 11%CPEs: 405EXPL: 5CVE-2010-1173 – Linux Kernel 2.6.33.3 - SCTP INIT Remote Denial of Service
https://notcve.org/view.php?id=CVE-2010-1173
07 May 2010 — The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data. La función sctp_process_unk_param en net/sctp/sm_make_chunk.c en el kernel de Linux v2.6.33.3 y anteriores, cuando está activado SCTP, permite a atacantes remotos provocar una denegación de servicio (caída ... • https://www.exploit-db.com/exploits/14594 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 2%CPEs: 243EXPL: 0CVE-2010-0741 – qemu: Improper handling of erroneous data provided by Linux virtio-net driver
https://notcve.org/view.php?id=CVE-2010-0741
12 Apr 2010 — The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service (guest OS crash, and an associated qemu-kvm process exit) by sending a large amount of network traffic to a TCP port on the guest OS, related to a virtio-net whitelist that includes an improper implementation of TCP Segment Offloading (TSO). La funcion virtio_net_bad_feat... • http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=184bd0484533b725194fa517ddc271ffd74da7c9 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 339EXPL: 0CVE-2010-1083 – kernel: information leak via userspace USB interface
https://notcve.org/view.php?id=CVE-2010-1083
06 Apr 2010 — The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensitive information (kernel memory). La función processcompl_compat en drivers/usb/core/devio.c del kernel de linux v2.6.x a la v2.6.32, y posiblemente otras versiones, no limpia el búfer de transferencia antes de regre... • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html • CWE-399: Resource Management Errors •
CVSS: 7.2EPSS: 1%CPEs: 247EXPL: 0CVE-2010-1084 – kernel: bluetooth: potential bad memory access with sysfs files
https://notcve.org/view.php?id=CVE-2010-1084
06 Apr 2010 — Linux kernel 2.6.18 through 2.6.33, and possibly other versions, allows remote attackers to cause a denial of service (memory corruption) via a large number of Bluetooth sockets, related to the size of sysfs files in (1) net/bluetooth/l2cap.c, (2) net/bluetooth/rfcomm/core.c, (3) net/bluetooth/rfcomm/sock.c, and (4) net/bluetooth/sco.c. El kernel de Linux desde v2.6.18 hasta v2.6.33, y posiblemente otras versiones, permite a atacantes remotos producir una denegación de servicio (corrupcion de memoria) a tra... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=101545f6fef4a0a3ea8daf0b5b880df2c6a92a69 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 2%CPEs: 252EXPL: 0CVE-2010-1088 – kernel: fix LOOKUP_FOLLOW on automount "symlinks"
https://notcve.org/view.php?id=CVE-2010-1088
06 Apr 2010 — fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW. fs/namei.c en Linux kernel desde v2.6.18 hasta v2.6.34, no siempre sigue los enlaces simbólicos de automontado NFS, lo que permite a atacantes producir un impacto desconocido, relacionado con LOOKUP_FOLLOW. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=ac278a9c505092dd82077a2446af8f9fc0d9c095 •
CVSS: 9.8EPSS: 3%CPEs: 287EXPL: 2CVE-2010-0437 – Linux Kernel 2.6.x - 'net/ipv6/ip6_output.c' Null Pointer Dereference Denial of Service
https://notcve.org/view.php?id=CVE-2010-0437
24 Mar 2010 — The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via unknown vectors. La función ip6_dst_lookup_tail en net/ipv6/ip6_output.c en el kernel de linux anterior a v2.6.27 no maneja adecuadamente bajo determinadas circunstan... • https://www.exploit-db.com/exploits/33635 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 338EXPL: 0CVE-2009-4138 – kernel: firewire: ohci: handle receive packets with a data length of zero
https://notcve.org/view.php?id=CVE-2009-4138
16 Dec 2009 — drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field. drivers/firewire/ohci.c en el kernel de Linux anterior a v2.6.32-git9, cuando se usa el modo packet-per-buffer, permite a usuarios locales provocar una denegación de se... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8c0c0cc2d9f4c523fde04bdfe41e4380dec8ee54 • CWE-399: Resource Management Errors •
CVSS: 7.2EPSS: 0%CPEs: 340EXPL: 1CVE-2009-4131 – Linux Kernel 2.6.x - Ext4 'move extents' ioctl Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-4131
13 Dec 2009 — The EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel before 2.6.32-git6 allows local users to overwrite arbitrary files via a crafted request, related to insufficient checks for file permissions. La implementación ioctl EXT4_IOC_MOVE_EXT (tambien conocido como move extents) en el sistema de ficheros ext4 en el kernel de Linux en versiones anteriores a v2.6.32-git6 permite a usuarios locales sobrescribir ficheros arbitrariamente a través de peticiones manip... • https://www.exploit-db.com/exploits/33395 • CWE-264: Permissions, Privileges, and Access Controls •