CVSS: 5.5EPSS: 0%CPEs: 172EXPL: 0CVE-2013-0309 – kernel: mm: thp: pmd_present and PROT_NONE local DoS
https://notcve.org/view.php?id=CVE-2013-0309
22 Feb 2013 — arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when transparent huge pages are used, does not properly support PROT_NONE memory regions, which allows local users to cause a denial of service (system crash) via a crafted application. arch/x86/include/asm/pgtable.h en el kernel de Linux anterior a v3.62, cuando se utilizan paginas transparentes de gran tamaño, no soportan correctamente regiones de memoria PROT_NONE, lo que permite a usuarios locales generar una denegación de servicio (caída ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=027ef6c87853b0a9df53175063028edb4950d476 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 162EXPL: 0CVE-2013-0311 – kernel: vhost: fix length for cross region descriptor
https://notcve.org/view.php?id=CVE-2013-0311
22 Feb 2013 — The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges. La función translate_desc en el kernel de Linux anterior a v3.7 no maneja correctamente descriptores cross-region, lo que permite a usuarios invitados del SO obtener privilegios del SO mediante el aprovechamiento de los privilegios KVM de invitado del SO. The kernel packages conta... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bd97120fc3d1a11f3124c7c9ba1d91f51829eb85 •
CVSS: 5.5EPSS: 0%CPEs: 171EXPL: 0CVE-2013-0290 – kernel: net: infinite loop in __skb_recv_datagram()
https://notcve.org/view.php?id=CVE-2013-0290
19 Feb 2013 — The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSG_PEEK flag with zero-length data, which allows local users to cause a denial of service (infinite loop and system hang) via a crafted application. La función __skb_recv_datagram en net/core/datagram.c en el kernel Linux anterior a v3.8 no maneja adecuadamente la bandera con tamaño "zero-lenght", lo que permite a usuarios locales provocar una denegación de servicio (bucle infinito y cuelgue ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=77c1090f94d1b0b5186fb13a1b71b47b1343f87f • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 171EXPL: 1CVE-2012-5374 – Ubuntu Security Notice USN-1947-1
https://notcve.org/view.php?id=CVE-2012-5374
18 Feb 2013 — The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (extended runtime of kernel code) by creating many different files whose names are associated with the same CRC32C hash value. La característica CRC32C en la aplicación Btrfs en el kernel Linux antes de v3.8-rc1 permite a usuarios locales provocar una denegación de servicio (tiempo de respaldo extendido de código del kernel) creando diferentes archivos cuyos nombres están asociad... • http://crypto.junod.info/2012/12/13/hash-dos-and-btrfs • CWE-310: Cryptographic Issues •
CVSS: 5.5EPSS: 0%CPEs: 172EXPL: 2CVE-2012-5375 – Linux Kernel 3.3.5 - Btrfs CRC32C feature Infinite Loop Local Denial of Service
https://notcve.org/view.php?id=CVE-2012-5375
18 Feb 2013 — The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (prevention of file creation) by leveraging the ability to write to a directory important to the victim, and creating a file with a crafted name that is associated with a specific CRC32C hash value. La característica CRC32C en la aplicación Btrfs en el kernel Linux 3.8-rc1 antes permite a usuarios locales provocar una denegación de servicio (prevención de la creación de archivos)... • https://www.exploit-db.com/exploits/38132 • CWE-310: Cryptographic Issues •
CVSS: 5.5EPSS: 0%CPEs: 126EXPL: 0CVE-2012-4398 – kernel: request_module() OOM local DoS
https://notcve.org/view.php?id=CVE-2012-4398
18 Feb 2013 — The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application. La función __request_module en kernel/kmod.c en el kernel de Linux anterior a v3.4 no establece un atributo "killable", lo que permite a usuarios locales provocar una denegación de servicio (consumo de memoria) a través de una aplicación especialmente diseñada. The kernel packages contain... • http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 169EXPL: 1CVE-2012-4530 – Linux Kernel (Ubuntu 11.10/12.04) - binfmt_script Stack Data Disclosure
https://notcve.org/view.php?id=CVE-2012-4530
18 Feb 2013 — The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. La función load_script en fs/binfmt_script.c en el kernel de Linux anterior a v3.7.2 no controla correctamente la recursividad, permitiendo a usuarios locales obtener información sensible de la memoria de pila del kernl a través de una aplicación especialmente diseñada. • https://www.exploit-db.com/exploits/41767 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 171EXPL: 1CVE-2013-0160 – Linux Kernel 2.6.32-5 (Debian 6.0.5) - '/dev/ptmx' Key Stroke Timing Local Disclosure
https://notcve.org/view.php?id=CVE-2013-0160
18 Feb 2013 — The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device. El kernel de Linux hasta v3.7.9 permite a usuarios locales obtener información sensible mediante el "keystroke timing" con la API inotify en el dispositivo /dev/ptmx Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service (system crash) or potentially gain ad... • https://www.exploit-db.com/exploits/24459 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 170EXPL: 1CVE-2013-0216 – kernel: xen: Linux netback DoS via malicious guest ring.
https://notcve.org/view.php?id=CVE-2013-0216
18 Feb 2013 — The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption. La funcionalidad Xen netback en el kernel de Linux anterior a v3.7.8 permite a usuarios invitados del OS generar una denegación de servicio (bucle) mediante una corrupción de puntero. Unisphere Central versions prior to 4.0 suffer from a large amount of security vulnerabilities and an update has been released that includes a fix for an unvalidated re... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=48856286b64e4b66ec62b94e504d0b29c1ade664 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 170EXPL: 0CVE-2013-0217 – Mandriva Linux Security Advisory 2013-176
https://notcve.org/view.php?id=CVE-2013-0217
18 Feb 2013 — Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (memory consumption) by triggering certain error conditions. Fuga de memoria (memory leaks) en drivers/net/xen-netback/netback.c en la funcionalidad Xen netback en el kernel de Linux anterior a v3.7.8 permite a usuarios invitados generar una denegación de servicio (corrupción de memoria) cuando se producen determinados errores de condición. Mul... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7d5145d8eb2b9791533ffe4dc003b129b9696c48 • CWE-399: Resource Management Errors •