CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1162 – kernel: tpm: infoleak
https://notcve.org/view.php?id=CVE-2011-1162
27 Jan 2012 — The tpm_read function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command. La función tpm_read en el kernel de Linux v2.6 no limpia adecuadamante la memoria, lo que podría permitir leer los resultados de los comandos TPM anteriores a usuarios locales. • http://www.securityfocus.com/bid/50764 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-4110 – kernel: keys: NULL pointer deref in the user-defined key type
https://notcve.org/view.php?id=CVE-2011-4110
27 Jan 2012 — The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and "updating a negative key into a fully instantiated key." La función user_update security/keys/user_defined.c en el kernel de Linux v2.6 permite a usuarios locales provocar una denegación de servicio (desreferencia de puntero a NULL y fallo del kernel) a través de vectores relacionados con una ... • http://marc.info/?l=bugtraq&m=139447903326211&w=2 • CWE-264: Permissions, Privileges, and Access Controls CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 314EXPL: 0CVE-2011-4325 – kernel: nfs: diotest4 from LTP crash client null pointer deref
https://notcve.org/view.php?id=CVE-2011-4325
27 Jan 2012 — The NFS implementation in Linux kernel before 2.6.31-rc6 calls certain functions without properly initializing certain data, which allows local users to cause a denial of service (NULL pointer dereference and O_DIRECT oops), as demonstrated using diotest4 from LTP. La implementación de NFS en el kernel de Linux antes de v2.6.31-rc6 llama a ciertas funciones sin inicializar adecuadamente ciertos datos, lo que permite a usuarios locales provocar una denegación de servicio (desrefenrencia de puntero NULL y oop... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=1ae88b2e4 • CWE-476: NULL Pointer Dereference •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 1CVE-2011-4077 – kernel: xfs: potential buffer overflow in xfs_readlink()
https://notcve.org/view.php?id=CVE-2011-4077
27 Jan 2012 — Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname. Un desbordamiento de búfer en la función xfs_readlink en fs/xfs/xfs_vnodeops.c en XFS en el kernel de Linux v2.6, cuando CONFIG_XFS_DEBUG está desactivado, permite a usuarios locales provocar una... • http://marc.info/?l=bugtraq&m=139447903326211&w=2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2011-4132 – kernel: jbd/jbd2: invalid value of first log block leads to oops
https://notcve.org/view.php?id=CVE-2011-4132
27 Jan 2012 — The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an "invalid log first block value." La función cleanup_journal_tail en la funcionalidad JBD (Journaling Block Device) del kernel de Linux v2.6 permite a usuarios locales provocar una denegación de servicio (error de aserción y fallo del kernel) a través de una imagen ext3 o ext4 con un "va... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=8762202dd0d6e46854f786bdb6fb3780a1625efe • CWE-20: Improper Input Validation •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1478 – kernel: gro: reset dev and skb_iff on skb reuse
https://notcve.org/view.php?id=CVE-2011-1478
23 Oct 2011 — The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame. La función napi_reuse_skb de net/core/dev.c en la implementación Generic Receive Offload (GRO) en el kernel de Linux anteriores a v2.6.38 no restablece los valores de algunos miembros de la estructura, lo ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=66c46d741e2e60f0e8b625b80edb0ab820c46d7a • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 1%CPEs: 10EXPL: 5CVE-2011-2189 – Linux Kernel 2.6.35 - Network Namespace Remote Denial of Service
https://notcve.org/view.php?id=CVE-2011-2189
10 Oct 2011 — net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd. net / core / net_namespace.c en el kernel de Linux v2.6.32 y anteriores no maneja adecuadamente una alta tasa de creación y limpieza de los espacios de nombres de red, ... • https://www.exploit-db.com/exploits/36425 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-1076
https://notcve.org/view.php?id=CVE-2011-1076
05 Oct 2011 — net/dns_resolver/dns_key.c in the Linux kernel before 2.6.38 allows remote DNS servers to cause a denial of service (NULL pointer dereference and OOPS) by not providing a valid response to a DNS query, as demonstrated by an erroneous grand.centrall.org query, which triggers improper handling of error data within a DNS resolver key. net/dns_resolver/dns_key.c del kernel de Linux en versiones anteriores a la 2.6.38 permite a servidores DNS remotos provocar una denegación de servicio (resolución de puntero NUL... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1362fa078dae16776cd439791c6605b224ea6171 • CWE-476: NULL Pointer Dereference •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2011-1776 – kernel: validate size of EFI GUID partition entries
https://notcve.org/view.php?id=CVE-2011-1776
06 Sep 2011 — The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577. La función is_gpt_valid en fs/partitions/efi.c en el kernel de Linux v2.... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa039d5f6b126fbd65eefa05db2f67e44df8f121 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2184
https://notcve.org/view.php?id=CVE-2011-2184
06 Sep 2011 — The key_replace_session_keyring function in security/keys/process_keys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function, a different vulnerability than CVE-2010-2960. La función key_replace_session_keyring en security/keys/process_keys.c en el kernel de Linux anterior a v2.6.39.1... • http://alt.swiecki.net/linux_kernel/sys_open-kmem_cache_alloc-2.6.39-rc4.txt • CWE-476: NULL Pointer Dereference •