CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1080 – kernel: ebtables stack infoleak
https://notcve.org/view.php?id=CVE-2011-1080
21 Jun 2012 — The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line. La función de do_replace en net/bridge/netfilter/ebtables.c en versiones del kernel de Linux anteriores a v2.6.39 no garantiza que un nombre de campo ... • http://downloads.avaya.com/css/P8/documents/100145416 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 1CVE-2011-1160 – kernel: tpm infoleaks
https://notcve.org/view.php?id=CVE-2011-1160
21 Jun 2012 — The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors. La función de tpm_open en drivers/char/tpm/tpm.c en el kernel de Linux anteriores a v2.6.39 no se inicializa un búfer concreto, lo que permite a usuarios locales obtener información sensible de la memoria del kernel a través de vectores no especificados. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 2CVE-2011-1021 – Linux Kernel < 2.6.37-rc2 - 'ACPI custom_method' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2011-1021
21 Jun 2012 — drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custom_method file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347. drivers/acpi/debugfs.c en el kernel de Linux antes de v3.0 permite a usuarios locales modificar posiciones de memoria del kernel de su elección aprovechandose de los privilegios de root para escribir en el archivo /sys/kernel/... • https://www.exploit-db.com/exploits/15774 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1079 – kernel: bnep device field missing NULL terminator
https://notcve.org/view.php?id=CVE-2011-1079
21 Jun 2012 — The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service (BUG and system crash), via a BNEPCONNADD command. La función de bnep_sock_ioctl en net/bluetooth/bnep/sock.c en versiones del kernel de Linux anteriores a v2.6.39 no garantiza que un campo de dispositivo determinado termine... • http://downloads.avaya.com/css/P8/documents/100145416 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 18EXPL: 1CVE-2011-4914
https://notcve.org/view.php?id=CVE-2011-4914
21 Jun 2012 — The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via crafted data to a ROSE socket. La implementación del protocolo ROSE en el kernel de Linux anteriores a v2.6.39 no verifica que algunos valores de la longitud de datos son consistentes con la cantidad de datos env... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2011-1477
https://notcve.org/view.php?id=CVE-2011-1477
21 Jun 2012 — Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service (heap memory corruption) or possibly gain privileges by leveraging write access to /dev/sequencer. Múltiples errores de índice de matriz en sound/oss/opl3.c en versiones del kernel de Linux anteriores a v2.6.39 permiten a usuarios locales provocar una denegación de servicio (corrupción de memoria dinámica) o posiblemente obtener privilegios mediante el aprovechamiento del acceso d... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 63EXPL: 1CVE-2012-0028 – kernel: futex: clear robust_list on execve
https://notcve.org/view.php?id=CVE-2012-0028
21 Jun 2012 — The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process. La implementación de robust futex en el kernel de Linux antes de v2.6.28 no maneja adecuadamente los procesos que realizan llamadas Exec System Recovery, lo que permite a usuarios locales provocar una denegación de servicio o posiblemente obtener p... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 1%CPEs: 18EXPL: 1CVE-2011-4913
https://notcve.org/view.php?id=CVE-2011-4913
21 Jun 2012 — The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (2) conduct stack-based buffer overflow attacks via a large length value in data sent to a ROSE socket. La función rose_parse_ccitt en la net/rose/rose_subr.c en el kernel de... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1078 – kernel: bt sco_conninfo infoleak
https://notcve.org/view.php?id=CVE-2011-1078
21 Jun 2012 — The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCO_CONNINFO option. La función sco_sock_getsockopt_old en net/bluetooth/sco.c en el kernel de Linux anteriores a v2.6.39 no inicializa una estructura concreta, lo que permite a usuarios locales obtener información sensible de la de pila memoria del núcleo a través de la opc... • http://downloads.avaya.com/css/P8/documents/100145416 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 17EXPL: 1CVE-2011-1476
https://notcve.org/view.php?id=CVE-2011-1476
21 Jun 2012 — Integer underflow in the Open Sound System (OSS) subsystem in the Linux kernel before 2.6.39 on unspecified non-x86 platforms allows local users to cause a denial of service (memory corruption) by leveraging write access to /dev/sequencer. Un desbordamiento de entero en el subsistema 'Open Sound System' (OSS) del kernel de Linux en versiones anteriores a v2.6.39 en plataformas no-x86 permite a usuarios locales provocar una denegación de servicio (corrupción de memoria) mediante el aprovechamiento del acceso... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-189: Numeric Errors •