CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2011-1573 – kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set
https://notcve.org/view.php?id=CVE-2011-1573
02 Feb 2012 — net/sctp/sm_make_chunk.c in the Linux kernel before 2.6.34, when addip_enable and auth_enable are used, does not consider the amount of zero padding during calculation of chunk lengths for (1) INIT and (2) INIT ACK chunks, which allows remote attackers to cause a denial of service (OOPS) via crafted packet data. net/sctp/sm_make_chunk.c del kernel de Linux en versiones anteriores a 2.6.34, si se utiliza addip_enable y auth_enable, no considera la cantidad de "padding" durante el cálculo de la longitud para ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8170c35e738d62e9919ce5b109cf4ed66e95bde • CWE-682: Incorrect Calculation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2011-2525 – kernel: kernel: net_sched: fix qdisc_notify()
https://notcve.org/view.php?id=CVE-2011-2525
02 Feb 2012 — The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call. La función qdisc_notify de net/sched/sch_api.c del kernel de Linux en versiones anteriores a la 2.6.35 no previene que la función tc_fill_qdisc haga referencia a estructuras ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=53b0f08042f04813cd1a7473dacd3edfacb28eb3 • CWE-476: NULL Pointer Dereference •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2011-4330 – kernel: hfs: add sanity check for file name length
https://notcve.org/view.php?id=CVE-2011-4330
27 Jan 2012 — Stack-based buffer overflow in the hfs_mac2asc function in fs/hfs/trans.c in the Linux kernel 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via an HFS image with a crafted len field. Un desbordamiento de búfer basado en pila en la función hfs_mac2asc en fs/hfs/trans.c en el kernel de Linux v2.6 permite a usuarios locales provocar una denegación de servicio (mediante caída del sistema) y posiblemente ejecutar código de su elección a través de una imagen HFS c... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=bc5b8a9003132ae44559edd63a1623 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 1CVE-2011-4077 – kernel: xfs: potential buffer overflow in xfs_readlink()
https://notcve.org/view.php?id=CVE-2011-4077
27 Jan 2012 — Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname. Un desbordamiento de búfer en la función xfs_readlink en fs/xfs/xfs_vnodeops.c en XFS en el kernel de Linux v2.6, cuando CONFIG_XFS_DEBUG está desactivado, permite a usuarios locales provocar una... • http://marc.info/?l=bugtraq&m=139447903326211&w=2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1478 – kernel: gro: reset dev and skb_iff on skb reuse
https://notcve.org/view.php?id=CVE-2011-1478
23 Oct 2011 — The napi_reuse_skb function in net/core/dev.c in the Generic Receive Offload (GRO) implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service (NULL pointer dereference) via a malformed VLAN frame. La función napi_reuse_skb de net/core/dev.c en la implementación Generic Receive Offload (GRO) en el kernel de Linux anteriores a v2.6.38 no restablece los valores de algunos miembros de la estructura, lo ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=66c46d741e2e60f0e8b625b80edb0ab820c46d7a • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-1076
https://notcve.org/view.php?id=CVE-2011-1076
05 Oct 2011 — net/dns_resolver/dns_key.c in the Linux kernel before 2.6.38 allows remote DNS servers to cause a denial of service (NULL pointer dereference and OOPS) by not providing a valid response to a DNS query, as demonstrated by an erroneous grand.centrall.org query, which triggers improper handling of error data within a DNS resolver key. net/dns_resolver/dns_key.c del kernel de Linux en versiones anteriores a la 2.6.38 permite a servidores DNS remotos provocar una denegación de servicio (resolución de puntero NUL... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1362fa078dae16776cd439791c6605b224ea6171 • CWE-476: NULL Pointer Dereference •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2011-1776 – kernel: validate size of EFI GUID partition entries
https://notcve.org/view.php?id=CVE-2011-1776
06 Sep 2011 — The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577. La función is_gpt_valid en fs/partitions/efi.c en el kernel de Linux v2.... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa039d5f6b126fbd65eefa05db2f67e44df8f121 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2184
https://notcve.org/view.php?id=CVE-2011-2184
06 Sep 2011 — The key_replace_session_keyring function in security/keys/process_keys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function, a different vulnerability than CVE-2010-2960. La función key_replace_session_keyring en security/keys/process_keys.c en el kernel de Linux anterior a v2.6.39.1... • http://alt.swiecki.net/linux_kernel/sys_open-kmem_cache_alloc-2.6.39-rc4.txt • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2011-1771 – kernel: cifs oops when creating file with O_DIRECT set
https://notcve.org/view.php?id=CVE-2011-1771
06 Sep 2011 — The cifs_close function in fs/cifs/file.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact by setting the O_DIRECT flag during an attempt to open a file on a CIFS filesystem. La función cifs_close en fs/cifs/file.c en el kernel de Linux antes de su versión v2.6.39 permite a usuarios locales provocar una denegación de servicio (puntero a NULL y Error) o posiblemente tener un impacto no especificado e... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7797069305d13252fd66cf722aa8f2cbeb3c95cd • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2723 – kernel: gro: only reset frag0 when skb can be pulled
https://notcve.org/view.php?id=CVE-2011-2723
06 Sep 2011 — The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted network traffic. La función skb_gro_header_slow en includelinuxnetdevice.h en kernel de Linux anteriores a v2.6.39.4, cuando está activada la opción Generic Receive Offload (GRO), reinicia ciertos campos en situaciones incorrectas, l... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=17dd759c67f21e34f2156abcf415e1f60605a188 • CWE-20: Improper Input Validation •