CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2011-2213 – kernel: inet_diag: insufficient validation
https://notcve.org/view.php?id=CVE-2011-2213
29 Aug 2011 — The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880. La función net_diag_bc_audit en net/ipv4/inet_diag.c en el Kernel de Linux anterior a v2.6.39.3 no audita ade... • http://article.gmane.org/gmane.linux.network/197206 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2497 – kernel: bluetooth: buffer overflow in l2cap config request
https://notcve.org/view.php?id=CVE-2011-2497
29 Aug 2011 — Integer underflow in the l2cap_config_req function in net/bluetooth/l2cap_core.c in the Linux kernel before 3.0 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a small command-size value within the command header of a Logical Link Control and Adaptation Protocol (L2CAP) configuration request, leading to a buffer overflow. Desbordamiento de enteros en la función l2cap_config_req en net/bluetooth/l2cap_core.c en el Kernel de Linux ant... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7ac28817536797fd40e9646452183606f9e17f71 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 5CVE-2011-2928
https://notcve.org/view.php?id=CVE-2011-2928
29 Aug 2011 — The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel before 3.1-rc3 does not validate the length attribute of long symlinks, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) by accessing a long symlink on a malformed Be filesystem. La función befs_follow_link en fs/befs/linuxvfs.c en el Kernel de Linux anterior a v 3.1-rc3 no valida el atributo longitud de enlaces simbólicos, lo que permite a usuarios locales provocar una denegación de servici... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=338d0f0a6fbc82407864606f5b64b75aeb3c70f2 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2011-2695 – kernel: ext4: kernel panic when writing data to the last block of sparse file
https://notcve.org/view.php?id=CVE-2011-2695
28 Jul 2011 — Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsigned integer. Múltiples errores off-by-one en el subsistema de ext4 en el kernel de Linux antes de v3.0-rc5, permite a usuarios locales provocar una denegación de servicio (BUG_ON y caída del sistema) por acceder a... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f17722f917b2f21497deb6edc62fb1683daa08e6 • CWE-193: Off-by-one Error •
CVSS: 6.7EPSS: 0%CPEs: 10EXPL: 0CVE-2011-2492 – kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace
https://notcve.org/view.php?id=CVE-2011-2492
28 Jul 2011 — The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c. El subsistema de bluetooth en el kernel de Linux anteriores a v3.0-rc4 no inicializa correctamente algunas es... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8d03e971cf403305217b8e62db3a2e5ad2d6263f • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2011-2689 – kernel: gfs2: make sure fallocate bytes is a multiple of blksize
https://notcve.org/view.php?id=CVE-2011-2689
28 Jul 2011 — The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little free space. La función gfs2_fallocate en fs/gfs2/file.c en el kernel de Linux anterior a v3.0-rc1 no garantiza que el tamaño de un trozo de asignación sea un múltiplo del tamaño de bloque, lo que permite a usuario... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6905d9e4dda6112f007e9090bca80507da158e63 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 1%CPEs: 6EXPL: 0CVE-2011-1093 – kernel: dccp: fix oops on Reset after close
https://notcve.org/view.php?id=CVE-2011-1093
18 Jul 2011 — The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet. Función dccp_rcv_state_process en net/dccp/input.c en la implementación de Datagram Congestion Control Protocol(DCCP)en el kernel de linux an... • http://downloads.avaya.com/css/P8/documents/100145416 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 674EXPL: 0CVE-2011-0726 – kernel: proc: protect mm start_code/end_code in /proc/pid/stat
https://notcve.org/view.php?id=CVE-2011-0726
18 Jul 2011 — The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file for a process executing a PIE binary. Función do_task_stat en fs/proc/array.c en el kernel de linux antes de v2.6.39-rc1 no realiza una comprobación de uid esperado, lo que hace que sea más fácil para los usuarios locales derrotar a los... • http://downloads.avaya.com/css/P8/documents/100145416 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2010-4655 – kernel: heap contents leak for CAP_NET_ADMIN via ethtool ioctl
https://notcve.org/view.php?id=CVE-2010-4655
18 Jul 2011 — net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability for an ethtool ioctl call. net/core/ethtool.c en el kernel de Linux anterior a 2.6.36 no inicializa ciertas estructuras de datos, lo que permite a usuarios locales obtener información potencialmente sensible de la memoria dinámica del kernel elevando la capacidad CAP_NET_ADMIN ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b00916b189d13a615ff05c9242201135992fcda3 • CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2010-4656 – kernel: iowarrior usb device heap overflow
https://notcve.org/view.php?id=CVE-2010-4656
18 Jul 2011 — The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux kernel before 2.6.37 does not properly allocate memory, which might allow local users to trigger a heap-based buffer overflow, and consequently cause a denial of service or gain privileges, via a long report. La función iowarrior_write en drivers/usb/misc/iowarrior.c en el kernel Linux anterior a v2.6.37 no asigna memoria adecuadamente, lo que permite a usuarios locales desencadenar un desbordamiento de búfer basado en memoria dinámic... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3ed780117dbe5acb64280d218f0347f238dafed0 • CWE-787: Out-of-bounds Write •