CVSS: 10.0EPSS: 15%CPEs: 149EXPL: 0CVE-2010-2521 – kernel: nfsd4: bug in read_buf
https://notcve.org/view.php?id=CVE-2010-2521
07 Sep 2010 — Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service (panic) or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, related to the read_buf and nfsd4_decode_compound functions. Múltiples desbordamientos de búfer en fs/nfsd/nfs4xdr.c en la aplicación XDR en el servidor NFS del kernel de Linux antes de v2.6.34-rc6 permiten a atacantes remotos provocar una dene... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2bc3c1179c781b359d4f2f3439cb3df72afc17fc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2010-2226 – kernel: xfs swapext ioctl minor security issue
https://notcve.org/view.php?id=CVE-2010-2226
03 Sep 2010 — The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file. La función xfs_swapext en fs/xfs/xfs_dfrag.c en el kernel de Linux kernel anterior v2.6.35 no chequea adecuadamente los descriptores de archivo en SWAPEXT ioctl, lo que permiete a usuarios locales aprovechar el acceso de escritura y obtener acc... • http://archives.free.net.ph/message/20100616.130710.301704aa.en.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 24EXPL: 1CVE-2010-2240 – kernel: mm: keep a guard page below a grow-down stack segment
https://notcve.org/view.php?id=CVE-2010-2240
03 Sep 2010 — The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server. La función do_anonymous_page en mm/memory.c en el kernel de Linux anterior v2.6.27.52, v2.6.32.x... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2010-2954
https://notcve.org/view.php?id=CVE-2010-2954
03 Sep 2010 — The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irda_open_tsap function, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via multiple unsuccessful calls to bind on an AF_IRDA (aka PF_IRDA) socket. La función irda_bind en net/irda/af_irda.c en el kernel de Linux anterior v2.6.36-rc3-next-20100901 no maneja adecuadamente los fallos de la... • http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=628e300cccaa628d8fb92aa28cb7530a3d5f2257 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 420EXPL: 0CVE-2010-3015 – kernel: integer overflow in ext4_ext_get_blocks()
https://notcve.org/view.php?id=CVE-2010-3015
20 Aug 2010 — Integer overflow in the ext4_ext_get_blocks function in fs/ext4/extents.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service (BUG and system crash) via a write operation on the last block of a large file, followed by a sync operation. Derbordamiento de entero en la función ext4_ext_get_blocks en fs/ext4/extents.c en el kernel de Linux anterior a v2.6.34 permite a usuarios locales provocar una denegación de servicio (BUG y caída de sistema) a través de una operación de sobreesc... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=731eb1a03a8445cde2cb23ecfb3580c6fa7bb690 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2010-2071
https://notcve.org/view.php?id=CVE-2010-2071
16 Jun 2010 — The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier does not check file ownership before setting an ACL, which allows local users to bypass file permissions by setting arbitrary ACLs, as demonstrated using setfacl. La función btrfs_xattr_set_acl en fs/btrfs/acl.c en btrfs en el kernel de linux v2.6.34 y anteriores no valida quien es el propietario de un archivo antes de establecer una ACL, lo que permite a usuarios locales evitar los permisos de fichero estable... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=2f26afba • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 303EXPL: 0CVE-2008-7256 – kernel: nfsd: fix vm overcommit crash
https://notcve.org/view.php?id=CVE-2008-7256
03 Jun 2010 — mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIG_SECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1643. Vulnerabilidad en el fichero mm/shmem.c para el kernel de Linux anterior a v2.6.28-rc8, cuan... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1b79cd04fab80be61dcd2732e2423aafde9a4c1c •
CVSS: 9.8EPSS: 0%CPEs: 293EXPL: 0CVE-2010-1643 – kernel: nfsd: fix vm overcommit crash
https://notcve.org/view.php?id=CVE-2010-1643
03 Jun 2010 — mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors. Vulnerabilidad en el fichero mm/shmem.c para el kernel de Linux anterior a v2.6.28-rc3, cuando "strict overcommint" está habilitado no maneja correctamente la exportación del objeto "shmemfs" por "knfsd",... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=731572d39fcd3498702eda4600db4c43d51e0b26 •
CVSS: 8.1EPSS: 0%CPEs: 160EXPL: 0CVE-2010-1641 – kernel: GFS2: The setflags ioctl() doesn't check file ownership
https://notcve.org/view.php?id=CVE-2010-1641
01 Jun 2010 — The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request. La función "do_gfs2_set_flags" en "fs/gfs2/file.c" del kernel de Linux anterior a v2.6.34-git10 no comprueba el propietario del archivo, lo que permite a usuarios locales evitar restricciones de acceso intencionadas a través de peticiones SETFLAGS ioctl. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7df0e0397b9a18358573274db9fdab991941062f • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2010-1436 – kernel: gfs2 buffer overflow
https://notcve.org/view.php?id=CVE-2010-1436
21 May 2010 — gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not properly handle when the gfs2_quota struct occupies two separate pages, which allows local users to cause a denial of service (kernel panic) via certain manipulations that cause an out-of-bounds write, as demonstrated by writing from an ext3 file system to a gfs2 file system. gfs2 del kernel de Linux v2.6.18, y posiblemente otras versiones, no funciona adecuadamente cuando la estructura gfs2_quota ocupa dos páginas separadas, lo que perm... • http://secunia.com/advisories/43315 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •