CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2009-2768
https://notcve.org/view.php?id=CVE-2009-2768
14 Aug 2009 — The load_flat_shared_library function in fs/binfmt_flat.c in the flat subsystem in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by executing a shared flat binary, which triggers an access of an "uninitialized cred pointer." La función load_flat_shared_library en el archivo fs/binfmt_flat.c en el subsistema flat en el kernel de Linux anterior a versión 2.6.31-rc6, permite a los usuarios... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3440625d78711bee41a84cf29c3d8c579b522666 • CWE-476: NULL Pointer Dereference CWE-824: Access of Uninitialized Pointer •
CVSS: 7.2EPSS: 0%CPEs: 79EXPL: 1CVE-2009-2767 – Linux Kernel 2.6.x - 'posix-timers.c' Null Pointer Dereference Denial of Service
https://notcve.org/view.php?id=CVE-2009-2767
14 Aug 2009 — The init_posix_timers function in kernel/posix-timers.c in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (OOPS) or possibly gain privileges via a CLOCK_MONOTONIC_RAW clock_nanosleep call that triggers a NULL pointer dereference. La función init_posix_timers en kernel/posix-timers.c en el kernel de linux anteriores a v2.6.31-rc6 permite a usuarios locales provocar una denegación de servicio (OOPS) o posiblemente conseguir privilegios a través de una llamada CLOCK_MONOTONI... • https://www.exploit-db.com/exploits/33148 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.7EPSS: 0%CPEs: 10EXPL: 0CVE-2009-2691 – kernel: /proc/$pid/maps visible during initial setuid ELF loading
https://notcve.org/view.php?id=CVE-2009-2691
14 Aug 2009 — The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition. La función mm_for_maps en fs/proc/base.c en el kernel Linux v2.6.30.4 y anteriores permiten a usuarios locales leer (1) mapas y (2) ficheros smaps bajo proc/ a través de vectores relativos a la carga ELF, un proceso setuid, y condición de carrera. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=00f89d218523b9bf6b522349c039d5ac80aa536d • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 309EXPL: 1CVE-2009-2407 – kernel: ecryptfs heap overflow in parse_tag_3_packet()
https://notcve.org/view.php?id=CVE-2009-2407
31 Jul 2009 — Heap-based buffer overflow in the parse_tag_3_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to a large encrypted key size in a Tag 3 packet. Desbordamiento de búfer basado en memoria dinámica en la función parse_tag_3_packet en fs/ecryptfs/keystore.c en el subsistema eCryptfs del kernel de Linux anteriores ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f151cd2c54ddc7714e2f740681350476cda03a28 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 414EXPL: 1CVE-2009-2406 – kernel: ecryptfs stack overflow in parse_tag_11_packet()
https://notcve.org/view.php?id=CVE-2009-2406
31 Jul 2009 — Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size. Desbordamiento de búfer basado en pila en la función parse_tag_11_packet en fs/ecryptfs/keystore.c ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6352a29305373ae6196491e6d4669f301e26492e • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2009-2584
https://notcve.org/view.php?id=CVE-2009-2584
23 Jul 2009 — Off-by-one error in the options_write function in drivers/misc/sgi-gru/gruprocfs.c in the SGI GRU driver in the Linux kernel 2.6.30.2 and earlier on ia64 and x86 platforms might allow local users to overwrite arbitrary memory locations and gain privileges via a crafted count argument, which triggers a stack-based buffer overflow. Error de superación de límite (Off-by-one) en la función drivers/misc/sgi-gru/gruprocfs.c en el controlador SGI GRU en el kernel de Linux v2.6.30.2 y anteriores en plataformas ia64... • http://grsecurity.net/~spender/exploit_demo.c • CWE-189: Numeric Errors •
CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2009-1895 – kernel: personality: fix PER_CLEAR_ON_SETID
https://notcve.org/view.php?id=CVE-2009-1895
16 Jul 2009 — The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to (1) conduct NULL pointer dereference attacks, (2) bypass the mmap_min_addr protection mechanism, or (3) defeat address space layout randomization (ASLR). El subsistema de personalidad en el Linux kernel anterior a v2.6.31-r... • http://blog.cr0.org/2009/06/bypassing-linux-null-pointer.html • CWE-16: Configuration •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2009-2287
https://notcve.org/view.php?id=CVE-2009-2287
01 Jul 2009 — The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of service (crash or hang) via a crafted cr3 value, which triggers a NULL pointer dereference in the gfn_to_rmap function. La funciónkvm_arch_vcpu_ioctl_set_sregs en el KVM en el Kernel Linux v2.6 anterior a v2.6.30, ejecutado sobre plataformas x86, no valida la "page table root" (raíz d... • http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git%3Ba=blob%3Bf=queue-2.6.30/kvm-x86-check-for-cr3-validity-in-ioctl_set_sregs.patch%3Bh=b48a47dad2cf76358b327368f80c0805e6370c68%3Bhb=e7c45b24f298b5d9efd7d401150f64a1b51aaac4 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 14%CPEs: 412EXPL: 1CVE-2009-1389 – kernel: r8169: fix crash when large packets are received
https://notcve.org/view.php?id=CVE-2009-1389
16 Jun 2009 — Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet. Desbordamiento de memoria en el driver RTL8169 NIC (drivers/net/r8169.c) en el kernel de Linux anteriores a v2.6.30 permite a atacantes remotos producir una denegación de servicio (consumo de memoria del kernel y caída) a través de un paquete largo. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=fdd7b4c3302c93f6833e338903ea77245eb510b4 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.7EPSS: 0%CPEs: 15EXPL: 5CVE-2009-1961 – Linux Kernel 2.6.x - 'splice' Double Lock Local Denial of Service
https://notcve.org/view.php?id=CVE-2009-1961
06 Jun 2009 — The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions. El código de doble bloqueo del inodo de fs/ocfs2/file.c del kernel de Linux v2.... • https://www.exploit-db.com/exploits/33015 • CWE-667: Improper Locking •