CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2010-3865 – kernel: iovec integer overflow in net/rds/rdma.c
https://notcve.org/view.php?id=CVE-2010-3865
11 Jan 2011 — Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets (RDS) request, which triggers a buffer overflow. Desbordamiento de enteros en la función rds_rdma_pages en net/rds/rdma.c en el núcleo de Linux permite a usuarios locales causar una denegación de servicio (caída) y posiblemente ejecutar código de su elección a través de una e... • http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 2CVE-2010-4160 – kernel: L2TP send buffer allocation size overflows
https://notcve.org/view.php?id=CVE-2010-4160
07 Jan 2011 — Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (heap memory corruption and panic) or possibly gain privileges via a crafted sendto call. Múltiples desbordamientos de entero en las funciones (1) pppol2tp_sendmsg de net/l2tp/l2tp_ppp.c, y (2) l2tp_ip_sendmsg de net/l2tp/l2tp_ip.c, en l... • https://packetstorm.news/files/id/105078 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2010-4163 – kernel: panic when submitting certain 0-length I/O requests
https://notcve.org/view.php?id=CVE-2010-4163
03 Jan 2011 — The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device. La función blk_rq_map_user_iov en block/blk-map.c en el kernel de Linux anterior a v2.6.36.2 permite a usuarios locales causar una denegación de servicio (panic) a través de una solicitud de E/S de longitud cero en un dispositivo ioctl a un dispositivo SCSI. Dan Rosenberg discovered that multiple term... • https://packetstorm.news/files/id/105078 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2010-4668 – kernel: panic when submitting certain 0-length I/O requests
https://notcve.org/view.php?id=CVE-2010-4668
03 Jan 2011 — The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device, related to an unaligned map. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4163. La función blk_rq_map_user_iov en block/blk-map.c en el kernel Linux anterior a 2.6.37-rc7 permite a usuarios locales causar una denegación de servicio (panic) a través de una petición I/O de... • https://packetstorm.news/files/id/105078 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2010-4162 – kernel: bio: integer overflow page count when mapping/copying user data
https://notcve.org/view.php?id=CVE-2010-4162
03 Jan 2011 — Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device. Múltiples desbordamientos de entero en fs/bio.c en el kernel de Linux anterior a v2.6.36.2 permite a usuarios locales causar una denegación de servicio (fallo del sistema) a través de un dispositivo ioctl manipulado a un dispositivo SCSI. Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structu... • https://packetstorm.news/files/id/105078 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 1%CPEs: 8EXPL: 4CVE-2010-4342 – Debian Security Advisory 2153-1
https://notcve.org/view.php?id=CVE-2010-4342
30 Dec 2010 — The aun_incoming function in net/econet/af_econet.c in the Linux kernel before 2.6.37-rc6, when Econet is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending an Acorn Universal Networking (AUN) packet over UDP. La función aun_incoming en net/econet/af_econet.c en el kernel de Linux anterior a v2.6.37-rc6, cuando Econet está activado, permite a atacantes remotos provocar una denegación de servicio (desreferencia a un puntero NULL y OOPS) mediante el en... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4e085e76cbe558b79b54cbab772f61185879bc64 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 3CVE-2010-4158 – Linux Kernel 2.6.x - 'net/core/filter.c' Local Information Disclosure
https://notcve.org/view.php?id=CVE-2010-4158
30 Dec 2010 — The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter. La función sk_run_filter en net/core/filter.c en el kernel de Linux anteriores a v2.6.36.2 no comprueba si una posición de memoria determinada se ha inicializado ant... • https://www.exploit-db.com/exploits/34987 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2010-4343 – kernel: bfa driver sysfs crash
https://notcve.org/view.php?id=CVE-2010-4343
29 Dec 2010 — drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service (system crash) via read operations on an fc_host statistics file. drivers/scsi/AMB/bfa_core.c en el kernel de Linux anterior a v2.6.35 no inicializa una estructura de datos en un determinado puerto, lo que permite a usuarios locales causar una denegación de servicio (caída del sistema) a través de las operaciones de lectura en un fichero de es... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7873ca4e4401f0ecd8868bf1543113467e6bae61 • CWE-665: Improper Initialization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2010-4565 – kernel: CAN info leak
https://notcve.org/view.php?id=CVE-2010-4565
29 Dec 2010 — The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensitive information about kernel memory use by listing this filename. La función bcm_connect en net/can/bcm.c (también conocido como el Broadcast Manager) en la implementación del Controller Area Network en el kerne... • https://packetstorm.news/files/id/105078 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2010-3881 – kvm: arch/x86/kvm/x86.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-3881
23 Dec 2010 — arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device. arch/x86/kvm/x86.c en el kernel de Linux v2.6.36.2 no inicializa ciertos miembros de estructura, lo que permite a usuarios locales obtener información potencialmente sensible del la pila de la pila de memoria del kernel a través de operaciones de lectura en el dispositivo... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=97e69aa62f8b5d338d6cff49be09e37cc1262838 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •