CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2010-3876 – kernel: net/packet/af_packet.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-3876
03 Jan 2011 — net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures. net/packet/af_packet.c en el kernel de Linux anterior a v2.6.37-rc2 no inicializa correctamente ciertos miembros de la estructura, que permite a usuarios locales obtener información sensible de la pila del núcleo de... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67286640f638f5ad41a946b9a3dc75327950248f • CWE-909: Missing Initialization of Resource •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2010-4163 – kernel: panic when submitting certain 0-length I/O requests
https://notcve.org/view.php?id=CVE-2010-4163
03 Jan 2011 — The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device. La función blk_rq_map_user_iov en block/blk-map.c en el kernel de Linux anterior a v2.6.36.2 permite a usuarios locales causar una denegación de servicio (panic) a través de una solicitud de E/S de longitud cero en un dispositivo ioctl a un dispositivo SCSI. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9284bcf4e335e5f18a8bc7b26461c33ab60d0689 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 1CVE-2010-3849 – Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-3849
30 Dec 2010 — The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a NULL value for the remote address field. La función econet_sendmsg en net/econet/af_econet.c en el kernel de Linux anteriores a v2.6.36.2, cuando se configura una dirección econet, permite a usuarios locales causar una denegación de servicio (desreferencia a punt... • https://www.exploit-db.com/exploits/15704 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 11EXPL: 1CVE-2010-4258 – Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-4258
30 Dec 2010 — The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call. La función do_exit en kernel/exit.c en el kernel de Linux anteriores a v2.6.36.2 no ges... • https://www.exploit-db.com/exploits/15704 • CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 3CVE-2010-4158 – Linux Kernel 2.6.x - 'net/core/filter.c' Local Information Disclosure
https://notcve.org/view.php?id=CVE-2010-4158
30 Dec 2010 — The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter. La función sk_run_filter en net/core/filter.c en el kernel de Linux anteriores a v2.6.36.2 no comprueba si una posición de memoria determinada se ha inicializado ant... • https://www.exploit-db.com/exploits/34987 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 2CVE-2010-3850 – Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-3850
30 Dec 2010 — The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call. La función ec_dev_ioctl en net/econet/af_econet.c en el kernel de Linux anteriores a v2.6.36.2 no requiere la capacidad CAP_NET_ADMIN, que permite a usuarios locales evitar las restricciones de acceso y configurar las direcciones econet a través de un... • https://www.exploit-db.com/exploits/15704 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 4CVE-2010-4342
https://notcve.org/view.php?id=CVE-2010-4342
30 Dec 2010 — The aun_incoming function in net/econet/af_econet.c in the Linux kernel before 2.6.37-rc6, when Econet is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending an Acorn Universal Networking (AUN) packet over UDP. La función aun_incoming en net/econet/af_econet.c en el kernel de Linux anterior a v2.6.37-rc6, cuando Econet está activado, permite a atacantes remotos provocar una denegación de servicio (desreferencia a un puntero NULL y OOPS) mediante el en... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e085e76cbe558b79b54cbab772f61185879bc64 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 1CVE-2010-3848 – Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-3848
30 Dec 2010 — Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures. Desbordamiento de búfer basado en pila en la función econet_sendmsg en net/econet/af_econet.c en el kernel de Linux anteriores a v2.6.36.2, cuando hay configurada una dirección econet, permite a usuarios locales conseguir privilegios, proporcionando un gran número ... • https://www.exploit-db.com/exploits/17787 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2010-4343 – kernel: bfa driver sysfs crash
https://notcve.org/view.php?id=CVE-2010-4343
29 Dec 2010 — drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service (system crash) via read operations on an fc_host statistics file. drivers/scsi/AMB/bfa_core.c en el kernel de Linux anterior a v2.6.35 no inicializa una estructura de datos en un determinado puerto, lo que permite a usuarios locales causar una denegación de servicio (caída del sistema) a través de las operaciones de lectura en un fichero de es... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7873ca4e4401f0ecd8868bf1543113467e6bae61 • CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2010-3859 – kernel: tipc: heap overflow in tipc_msg_build()
https://notcve.org/view.php?id=CVE-2010-3859
29 Dec 2010 — Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipc_msg_build function in net/tipc/msg.c and the verify_iovec function in net/core/iovec.c. Múltiples errores de signo de entero en la implementación de TIPC en el kernel de Linux anteriores a v2.6.36.2 permite a usuarios locales conseguir privilegios a través de una llamada manipulada sen... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=253eacc070b114c2ec1f81b067d2fed7305467b0 • CWE-787: Out-of-bounds Write •