CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 1CVE-2011-1768 – kernel: netns vs proto registration ordering
https://notcve.org/view.php?id=CVE-2011-1768
13 Jun 2012 — The tunnels implementation in the Linux kernel before 2.6.34, when tunnel functionality is configured as a module, allows remote attackers to cause a denial of service (OOPS) by sending a packet during module loading. La implementación de túneles ("tunnels") del kernel de Linux en versiones anteriores a la 2.6.34, si la funcionalidad de túneles está configurada como módulo, permite a atacantes remotos provocar una denegación de servicio (OOPS) enviando un paquete durante la carga del módulo. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2011-2211
https://notcve.org/view.php?id=CVE-2011-2211
13 Jun 2012 — The osf_wait4 function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform uses an incorrect pointer, which allows local users to gain privileges by writing a certain integer value to kernel memory. La función osf_wait4 de arch/alpha/kernel/osf_sys.c del kernel de Linux en versiones anteriores a la 2.6.39.4 de la plataforma Alpha utiliza un puntero incorrecto, lo que permite a usuarios locales escalar privilegios escribiendo un valor entero determinado en la memoria del ... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.4 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2012-2390 – kernel: huge pages: memory leak on mmap failure
https://notcve.org/view.php?id=CVE-2012-2390
13 Jun 2012 — Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service (memory consumption or system crash) via invalid MAP_HUGETLB mmap operations. Memoria no liberada (memory leak) en mm/hugetlb.c del kernel de Linux en versiones anteriores a la 3.4.2. Permite a usuarios locales provocar una denegación de servicio (consumo de la memoria o caída del sistema) a traves de operaciones mmap MAP_HUGETLB inválidas. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c50ac050811d6485616a193eb0f37bfbd191cc89 • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 34EXPL: 0CVE-2011-2494 – kernel: taskstats io infoleak
https://notcve.org/view.php?id=CVE-2011-2494
13 Jun 2012 — kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user's password. kernel/taskstats.c del kernel de Linux en versiones anteriores a la 3.1 permite a usuarios locales obtener información confidencial de estadísticas de I/O enviando comandos taskstats al socket netlink, tal como se ha demostrado descubriendo la longitud de la contraseña de otro usuario. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1a51410abe7d0ee4b1d112780f46df87d3621043 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2521 – kernel: perf, x86: fix Intel fixed counters base initialization
https://notcve.org/view.php?id=CVE-2011-2521
24 May 2012 — The x86_assign_hw_event function in arch/x86/kernel/cpu/perf_event.c in the Performance Events subsystem in the Linux kernel before 2.6.39 does not properly calculate counter values, which allows local users to cause a denial of service (panic) via the perf program. La función x86_assign_hw_event de arch/x86/kernel/cpu/perf_event.c en el rendimiento del subsistema de eventos en el kernel de Linux antes de 2.6.39 no calcula correctamente los valores de contador, lo que permite a usuarios locales causar una d... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-2918 – Linux Kernel 3.0.0 - 'perf_count_sw_cpu_clock' event Denial of Service
https://notcve.org/view.php?id=CVE-2011-2918
24 May 2012 — The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application. El subsistema Performance Events en el kernel de Linux antes de v3.1 no trata correctamente los desbordamientos de eventos asociados con eventos PERF_COUNT_SW_CPU_CLOCK, lo que permite a usuarios locales causar una denegación de servicio (bloqueo del sistema) a tr... • https://www.exploit-db.com/exploits/17769 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2518 – HP Security Bulletin HPSBGN02970
https://notcve.org/view.php?id=CVE-2011-2518
24 May 2012 — The tomoyo_mount_acl function in security/tomoyo/mount.c in the Linux kernel before 2.6.39.2 calls the kern_path function with arguments taken directly from a mount system call, which allows local users to cause a denial of service (OOPS) or possibly have unspecified other impact via a NULL value for the device name. La función tomoyo_mount_acl de security/tomoyo/mount.c en el kernel de Linux antes de v2.6.39.2 llama a la función kern_path con argumentos tomados directamente de una llamada al sistema de mon... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-4080 – kernel: sysctl: restrict write access to dmesg_restrict
https://notcve.org/view.php?id=CVE-2011-4080
24 May 2012 — The sysrq_sysctl_handler function in kernel/sysctl.c in the Linux kernel before 2.6.39 does not require the CAP_SYS_ADMIN capability to modify the dmesg_restrict value, which allows local users to bypass intended access restrictions and read the kernel ring buffer by leveraging root privileges, as demonstrated by a root user in a Linux Containers (aka LXC) environment. La función sysrq_sysctl_handler en kernel/sysctl.c en el kernel de Linux antes de v2.6.39 no requiere la capacidad de CAP_SYS_ADMIN para mod... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2011-3359 – kernel: b43: allocate receive buffers big enough for max frame len + offset
https://notcve.org/view.php?id=CVE-2011-3359
24 May 2012 — The dma_rx function in drivers/net/wireless/b43/dma.c in the Linux kernel before 2.6.39 does not properly allocate receive buffers, which allows remote attackers to cause a denial of service (system crash) via a crafted frame. La función de dma_rx drivers/net/wireless/b43/dma.c en el kernel de Linux antes de 2.6.39 no asigna correctamente los búferes de recepción, lo que permite a atacantes remotos provocar una denegación de servicio (caída del sistema) a través de un marco diseñado. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 1%CPEs: 26EXPL: 0CVE-2011-3188 – kernel: net: improve sequence number generation
https://notcve.org/view.php?id=CVE-2011-3188
24 May 2012 — The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets. Las implementaciones de (1) IPv4 y (2) IPv6 en el kernel de Linux antes de v3.1 utiliza una versión modificada de algoritmo MD4 para generar números de secuencia y val... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec •