CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2011-2022 – kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls
https://notcve.org/view.php?id=CVE-2011-2022
09 May 2011 — The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745. La función agp_generic_remove_memory en los drivers /char/agp/generic.c del kernel de Linux con anterioridad a v2.6.38.5 no valida un parámetro de inicio determinado, lo que perm... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=194b3da873fd334ef183806db751473512af29ce • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2011-1745 – kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls
https://notcve.org/view.php?id=CVE-2011-1745
09 May 2011 — Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call. Desbordamiento de enteros en la función agp_generic_insert_memory en los drivers /char/agp/generic.c del kernel de Linux con anterioridad a v2.6.38.5 permite a usuarios locales conseguir privilegios o causar una denegación de servicio ( fallo del sistema ) ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=194b3da873fd334ef183806db751473512af29ce • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2011-1013 – kernel: drm_modeset_ctl signedness issue
https://notcve.org/view.php?id=CVE-2011-1013
09 May 2011 — Integer signedness error in the drm_modeset_ctl function in (1) drivers/gpu/drm/drm_irq.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.38 and (2) sys/dev/pci/drm/drm_irq.c in the kernel in OpenBSD before 4.9 allows local users to trigger out-of-bounds write operations, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via a crafted num_crtcs (aka vb_num) structure member in an ioctl argument. Error de enteros sin signo en F... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1922756124ddd53846877416d92ba4a802bc658f • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2011-1593 – kernel: proc: signedness issue in next_pidmap()
https://notcve.org/view.php?id=CVE-2011-1593
03 May 2011 — Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call. Múltiples desbordamientos de entero en la función next_pidmap en kernel/pid.c en el kernel de Linux antes de v2.6.38.4 permiten a usuarios locales causar una denegación de servicio (por caída del sistema) a través de una llamada al sistema (1) getdents o (2) readdir. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c78193e9c7bcbf25b8237ad0dec82f805c4ea69b • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 666EXPL: 0CVE-2011-1577 – kernel: corrupted GUID partition tables can cause kernel oops
https://notcve.org/view.php?id=CVE-2011-1577
03 May 2011 — Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media. Desbordamiento de búfer basado en memoria dinámica en la función is_gpt_valid en fs/partitions/efi.c en el kernel de Linux v2.6.38 y anteriores, permite a atacantes físicamente próximos causar una den... • http://downloads.avaya.com/css/P8/documents/100145416 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1169
https://notcve.org/view.php?id=CVE-2011-1169
03 May 2011 — Array index error in the asihpi_hpi_ioctl function in sound/pci/asihpi/hpioctl.c in the AudioScience HPI driver in the Linux kernel before 2.6.38.1 might allow local users to cause a denial of service (memory corruption) or possibly gain privileges via a crafted adapter index value that triggers access to an invalid kernel pointer. Error de índice de array en la función asihpi_hpi_ioctl de sound/pci/asihpi/hpioctl.c del controlador AudioScience HPI del kernel de Linux en versiones anteriores a 2.6.38.1. Pue... • http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=4a122c10fbfe9020df469f0f669da129c5757671 • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 666EXPL: 0CVE-2011-1495 – kernel: drivers/scsi/mpt2sas: prevent heap overflows
https://notcve.org/view.php?id=CVE-2011-1495
03 May 2011 — drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions. drivers/scsi/mpt2sas/mpt2sas_ctl.c en el kernel de Linux v2.6.38 y anteriores no valida (1) la long... • http://downloads.avaya.com/css/P8/documents/100145416 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 666EXPL: 0CVE-2011-1494 – kernel: drivers/scsi/mpt2sas: prevent heap overflows
https://notcve.org/view.php?id=CVE-2011-1494
03 May 2011 — Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow. Desbordamiento de entero en la función _ctl_do_mpt_command en drivers/scsi/mpt2sas/mpt2sas_ctl.c en el kernel de Linux v2.6.38 y anteriores puede permitir a usuarios locales ganar privilegios o causar ... • http://downloads.avaya.com/css/P8/documents/100145416 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 2CVE-2011-0463
https://notcve.org/view.php?id=CVE-2011-0463
10 Apr 2011 — The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 (OCFS2) subsystem in the Linux kernel before 2.6.39-rc1 does not properly handle holes that cross page boundaries, which allows local users to obtain potentially sensitive information from uninitialized disk locations by reading a file. La función ocfs2_prepare_page_for_write en fs/ocfs2/aops.c en el subsistema Oracle Cluster File System 2 (OCFS2) en el Kernel de Linux anterior a v2.6.39-rc1 no maneja correctame... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=272b62c1f0f6f742046e45b50b6fec98860208a0 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2011-1163 – kernel: fs/partitions: Corrupted OSF partition table infoleak
https://notcve.org/view.php?id=CVE-2011-1163
10 Apr 2011 — The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing. La función ofs/partitions/osf.c en el kernel de linux anterior a v2.6.38 no maneja correctamente un número inválido de particiones, lo que permite a usuarios locales obtner información sensible del heap mediante vectores rel... • http://downloads.avaya.com/css/P8/documents/100145416 • CWE-20: Improper Input Validation •