Page 2 of 87 results (0.026 seconds)

CVSS: 2.1EPSS: 0%CPEs: 16EXPL: 0

CVE-2010-3296 – kernel: drivers/net/cxgb3/cxgb3_main.c reading uninitialized stack memory

https://notcve.org/view.php?id=CVE-2010-3296

The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIO_GET_QSET_NUM ioctl call. La función cxgb_extension_ioctl en drivers/net/cxgb3/cxgb3_main.c en el kernel Linux anterior a la versión 2.6.36-rc5, no inicia adecuadamente un miembro de cierta estructura, lo que permite a usuarios locales obtener información potencialmente sensible de la pila de memoria del kernel mediante una llamada ioctl CHELSIO_GET_QSET_NUM. • http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=49c37c0334a9b85d30ab3d6b5d1acb05ef2ef6de http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://lkml.org/lkml/2010/9/11/170 http://secunia.com/advisories/41440 http://secunia.com/advisories/42758 http://secunia.com/advisories/42884 http:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 0

CVE-2010-2942 – kernel: net sched: fix some kernel memory leaks

https://notcve.org/view.php?id=CVE-2010-2942

The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c. La implementación de acciones en la funcionalidad de encolado de red en el kernel Linx anterior a v2.6.36-rc2 no inicializa apropiadamente ciertos miembros de estructura cuando se realizan acciones de volcado, lo que permite a usuarios locales obtener información potencialmente sensible de la memoria del kernel a través de vectores relacionados con (1) la funcion tcf_gact_dump en net/sched/act_gact.c, (2) la funcion tcf_mirred_dump en net/sched/act_mirred.c, (3) la funcion tcf_nat_dump en net/sched/act_nat.c, (4) la funcion tcf_simp_dump en net/sched/act_simple.c, y (5) la funcion tcf_skbedit_dump en net/sched/act_skbedit.c. • http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=1c40be12f7d8ca1d387510d39787b12e512a7ce8 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://patchwork.oz • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0

CVE-2010-3078 – kernel: xfs: XFS_IOC_FSGETXATTR ioctl memory leak

https://notcve.org/view.php?id=CVE-2010-3078

The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call. La función xfs_ioc_fsgetxattr en fs/xfs/linux-2.6/xfs_ioctl.c del kernel Linux anterior a v2.6.36-rc4 no inicializa apropiadamente ciertos miembros de estructura, lo que permite a usuarios locales obtener información potencialmente sensible de la pila de memoria del kernel a través de una llamada ioctl. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a122eb2fdfd78b58c6dd992d6f4b1aaef667eef9 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://secunia.com/advisories/41284 http://secunia.com/advisories/41512 http://secunia • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 7.2EPSS: 0%CPEs: 15EXPL: 0

CVE-2010-3080 – kernel: /dev/sequencer open failure is not handled correctly

https://notcve.org/view.php?id=CVE-2010-3080

Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful attempt to open the /dev/sequencer device. Vulnerabilidad de doble liberación en la función snd_seq_oss_open de sound/core/seq/oss/seq_oss_init.c en el kernel Linux anterior a v6.36-rc4 podría permitir a usuarios locales causar una denegación de servicio o posiblemente tener otro impacto sin especificar a través de de un intento fallido de abrir el dispositivo /dev/sequencer • http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=c598337660c21c0afaa9df5a65bb4a7a0cf15be8 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=27f7ad53829f79e799a253285318bff79ece15bd http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://secunia.com/advisories/42890 http://ww • CWE-415: Double Free •

CVSS: 2.1EPSS: 0%CPEs: 14EXPL: 0

CVE-2010-2955 – kernel: wireless: fix 64K kernel heap content leak via ioctl

https://notcve.org/view.php?id=CVE-2010-2955

The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-rc3-next-20100831 does not properly initialize certain structure members, which allows local users to leverage an off-by-one error in the ioctl_standard_iw_point function in net/wireless/wext-core.c, and obtain potentially sensitive information from kernel heap memory, via vectors involving an SIOCGIWESSID ioctl call that specifies a large buffer size. La función cfg80211_wext_giwessid en net/wireless/wext-compat.c en el kernel de Linux anterior a v2.6.36-rc3-next-20100831 no inicializa adecuadamente determinadas estructuras de miembros, lo que permite a usuarios locales aprovechar un error off-by-one en la función net/wireless/wext-core.c y obtener información potencialmente sensible desde la memoria dinámica (heap) del kernel, a través de vectores que involucran una llamada SIOCGIWESSID ioctl que especifica un gran tamaño de búfer. • http://forums.grsecurity.net/viewtopic.php?f=3&t=2290 http://git.kernel.org/?p=linux/kernel/git/linville/wireless-2.6.git%3Ba=commit%3Bh=42da2f948d949efd0111309f5827bf0298bcc9a4 http://grsecurity.net/~spender/wireless-infoleak-fix2.patch http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://lkml.org/lkml/2010/8/27/413 http://lkml.org/lkml/2010/8/30/127 http://lkml.org/lkml • CWE-193: Off-by-one Error •