CVSS: 7.5EPSS: 0%CPEs: 70EXPL: 4CVE-2012-0045 – Linux Kernel 3.1.8 - KVM Local Denial of Service
https://notcve.org/view.php?id=CVE-2012-0045
06 Mar 2012 — The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall) opcode, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application, as demonstrated by an NASM file. La función em_syscall en arch/x86/kvm/emulate.c en la implementación KVM en el kernel de linux anterior a v.3.2.14 no maneja correctamente el opcode 0f05, permitiendo a los clientes usuarios del sistema operativo... • https://www.exploit-db.com/exploits/36545 •
CVSS: 7.0EPSS: 0%CPEs: 17EXPL: 1CVE-2011-1759
https://notcve.org/view.php?id=CVE-2011-1759
06 Mar 2012 — Integer overflow in the sys_oabi_semtimedop function in arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 2.6.39 on the ARM platform, when CONFIG_OABI_COMPAT is enabled, allows local users to gain privileges or cause a denial of service (heap memory corruption) by providing a crafted argument and leveraging a race condition. Desbordamiento de entero en la función sys_oabi_semtimedop en arch/arm/kernel/sys_oabi-compat.c en el Kernel de Linux anterior a v2.6.39 en la plataforma ARM, cuando CONFIG_O... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2011-2182
https://notcve.org/view.php?id=CVE-2011-2182
06 Mar 2012 — The ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel before 2.6.39.1 does not properly handle memory allocation for non-initial fragments, which might allow local users to conduct buffer overflow attacks, and gain privileges or obtain sensitive information, via a crafted LDM partition table. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1017. La función ldm_frag_add de fs/partitions/ldm.c del kernel de Linux en versiones anteriores a la 2.6.39.1 no maneja apropiad... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2011-2498
https://notcve.org/view.php?id=CVE-2011-2498
29 Feb 2012 — The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages. El kernel de Linux desde versión v2.3.36 anteriores a v2.6.39, permite a usuarios locales sin privilegios causar una denegación de servicio (consumo de memoria) al activar la creación de páginas PTE. • http://marc.info/?l=oss-security&m=130923704824984&w=2 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2518
https://notcve.org/view.php?id=CVE-2011-2518
29 Feb 2012 — The tomoyo_mount_acl function in security/tomoyo/mount.c in the Linux kernel before 2.6.39.2 calls the kern_path function with arguments taken directly from a mount system call, which allows local users to cause a denial of service (OOPS) or possibly have unspecified other impact via a NULL value for the device name. La función tomoyo_mount_acl de security/tomoyo/mount.c en el kernel de Linux antes de v2.6.39.2 llama a la función kern_path con argumentos tomados directamente de una llamada al sistema de mon... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 1CVE-2011-1927
https://notcve.org/view.php?id=CVE-2011-1927
29 Feb 2012 — The ip_expire function in net/ipv4/ip_fragment.c in the Linux kernel before 2.6.39 does not properly construct ICMP_TIME_EXCEEDED packets after a timeout, which allows remote attackers to cause a denial of service (invalid pointer dereference) via crafted fragmented packets. La función ip_expire de net/ipv4/ip_fragment.c del kernel de Linux en versiones anteriores a la 2.6.39 no construye apropiadamente paquetes ICMP_TIME_EXCEEDED después de un timeout. Lo que permite a atacantes remotos provocar una denega... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2011-3619
https://notcve.org/view.php?id=CVE-2011-3619
29 Feb 2012 — The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 3.0 does not properly handle invalid parameters, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by writing to a /proc/#####/attr/current file. La función apparmor_setprocattr en security/apparmor/lsm.c de los kernel Linux anteriores a v3.0 no maneja adecuadamente los parámetros inválidos, permitiendo que usuarios locales provoquen una de... • http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2011-0716 – kernel: deficiency in processing igmp host membership reports in br_multicast
https://notcve.org/view.php?id=CVE-2011-0716
29 Feb 2012 — The br_multicast_add_group function in net/bridge/br_multicast.c in the Linux kernel before 2.6.38, when a certain Ethernet bridge configuration is used, allows local users to cause a denial of service (memory corruption and system crash) by sending IGMP packets to a local interface. La función de br_multicast_add_group en net/bridge/br_multicast.c en versiones del kernel de Linux anteriores a v2.6.38, cuando se usa una determinada configuración de bridge Ethernet, permite a usuarios locales provocar una de... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 3CVE-2011-4097 – kernel: oom_badness() integer overflow
https://notcve.org/view.php?id=CVE-2011-4097
24 Feb 2012 — Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termination) by using a certain large amount of memory. Desbordamiento de entero en la función oom_badness en mm/oom_kill.c en el núcleo de Linux anteriores a v3.1.8 en plataformas de 64 bits, que permite a usuarios locales causar una denegación de servicio (consumo de memoria y terminación del proceso) mediante el u... • http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1.8 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2012-0810 – kernel-rt: stack corruption when task gets scheduled out using the debug stack
https://notcve.org/view.php?id=CVE-2012-0810
24 Feb 2012 — The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention. El manejador int3 en el kernel de Linux versiones anteriores a 3.3, se basa en una pila de depuración por CPU, que permite a usuarios locales causar una denegación de servicio (corrupción de pila y pánico) por medio de una aplicación diseñada que desencadena determinada contención d... • https://bugzilla.redhat.com/show_bug.cgi?id=794557 • CWE-400: Uncontrolled Resource Consumption •