CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-2906
https://notcve.org/view.php?id=CVE-2011-2906
24 May 2012 — Integer signedness error in the pmcraid_ioctl_passthrough function in drivers/scsi/pmcraid.c in the Linux kernel before 3.1 might allow local users to cause a denial of service (memory consumption or memory corruption) via a negative size value in an ioctl call. NOTE: this may be a vulnerability only in unusual environments that provide a privileged program for obtaining the required file descriptor. ** DISPUTADA ** Error de signo de enteros en la función pmcraid_ioctl_passthrough en drivers/scsi/pmcraid.c ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b5b515445f4f5a905c5dd27e6e682868ccd6c09d • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 3CVE-2012-1146
https://notcve.org/view.php?id=CVE-2012-1146
17 May 2012 — The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events. La función mem_cgroup_usage_unregister_event en mm/memcontrol.c en el núcleo de Linux anteriores a v3.2.10 no maneja apropiadamente múltiples eventos qu... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=371528caec553785c37f73fa3926ea0de84f986f • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-4621 – kernel: tight loop and no preemption can cause system stall
https://notcve.org/view.php?id=CVE-2011-4621
17 May 2012 — The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes code in a loop. El kernel de Linux antes de v2.6.37 no aplica la optimización de una actualización de reloj, lo que permite a usuarios locales provocar una denegación de servicio (bloqueo del sistema) a través de una aplicación que ejecuta código en un bucle. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2011-4326 – kernel: wrong headroom check in udp6_ufo_fragment()
https://notcve.org/view.php?id=CVE-2011-4326
17 May 2012 — The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial of service (system crash) by sending fragmented IPv6 UDP packets to a bridge device. La función udp6_ufo_fragment en net/ipv6/udp.c en el kernel de Linux antes de v2.6.39, cuando la opción de "UDP Fragmentation Offload" (UFO) está activada, permite a atacantes remotos causar una denegación de servicio (caída del... • http://downloads.avaya.com/css/P8/documents/100156038 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 2CVE-2012-0207 – Linux Kernel 2.6.36 IGMP - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2012-0207
17 May 2012 — The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets. La función de igmp_heard_query net/ipv4/igmp.c en el kernel de Linux en versiones anteriores a la v3.2.1 permite a atacantes remotos causar una denegación de servicio (error de división por cero y el "kernel panic") a través de paquetes IGMP. • https://www.exploit-db.com/exploits/18378 • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-4594 – kernel: send(m)msg: user pointer dereferences
https://notcve.org/view.php?id=CVE-2011-4594
17 May 2012 — The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference. La función __ sys_sendmsg en net/socket.c en el kernel de Linux antes de v3.1 permite a usuarios locales causar una denegación de servicio (caída del sistema) mediante el uso de una llamada a la 'system call' sendmmsg debidamente modificada, dando lugar a una eliminación de referencia... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bc909d9ddbf7778371e36a651d6e4194b1cc7d4c • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2012-0879 – kernel: block: CLONE_IO io_context refcounting issues
https://notcve.org/view.php?id=CVE-2012-0879
17 May 2012 — The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context. La implementación I/O para dispositivos de bloque en el núcleo de Linux anteriores a v2.6.33 no maneja adecuadamente la característica CLONE_IO, lo cual permite a usuarios locales causar una denegación de servicio (inestabilidad I/O) arrancando múltiples proce... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.33 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-2319 – kernel: Buffer overflow in the HFS plus filesystem (different issue than CVE-2009-4020)
https://notcve.org/view.php?id=CVE-2012-2319
17 May 2012 — Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020. Múltiples vulnerabilidades de desbordamiento de buffer en la implementación de filesystem hfsplus in el núcleo de Linux antes de la versión v3.3.5 que permite a usuarios locales conseguir privilegios a través de HFS plus filesystem, un problema relacionado con CVE-2009-4020. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6f24f892871acc47b40dd594c63606a17c714f77 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-2121 – kvm: device assignment page leak
https://notcve.org/view.php?id=CVE-2012-2121
17 May 2012 — The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices. La implementación de KVM en el kernel de Linux en versiones anteriores a la v3.3.4 no gestiona correctamente la relación entre las ranuras de memoria y el IOMMU, lo que permite cau... • http://rhn.redhat.com/errata/RHSA-2012-0676.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 1CVE-2011-4112
https://notcve.org/view.php?id=CVE-2011-4112
17 May 2012 — The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen package in conjunction with a bridge device for a VLAN interface. El subsistema de red en el kernel de Linux antes de v3.1 no restringe adecuadamente el uso de la bandera IFF_TX_SKB_SHARING, lo que permite a usuarios locales causar un... • http://downloads.avaya.com/css/P8/documents/100156038 •