CVSS: 7.8EPSS: 0%CPEs: 167EXPL: 2CVE-2013-0268 – Linux Kernel 3.7.6 (RedHat x86/x64) - 'MSR' Driver Privilege Escalation
https://notcve.org/view.php?id=CVE-2013-0268
18 Feb 2013 — The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users to bypass intended capability restrictions by executing a crafted application as root, as demonstrated by msr32.c. La funcion msr_open en arch/x86/kernel/msr.c en el kernel de Linux anterior a v3.7.6 permite a usuarios locales eludir las capacidades de restricción mediante la ejecución de una aplicación manipulada como root, como se demostró con msr32.c. Unisphere Central versions prior to 4.0 suffer from a la... • https://packetstorm.news/files/id/122678 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-0190 – kernel: stack corruption in xen_failsafe_callback()
https://notcve.org/view.php?id=CVE-2013-0190
13 Feb 2013 — The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption. La función xen_failsafe_callback de Xen para el kernel de Linux v2.6.23 y otras versiones, mientras ejecuta un invitado PVOPS de 32 bits, permite que usuarios locales provocar una denegación de servicios disparando el retorno de ... • http://rhn.redhat.com/errata/RHSA-2013-0496.html • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 11EXPL: 0CVE-2013-0231 – kernel: xen: pciback DoS via not rate limited log messages
https://notcve.org/view.php?id=CVE-2013-0231
13 Feb 2013 — The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information. La función pciback_enable_msi en el controlador PCI backend (drivers/xen/pciback/conf_space_capability_msi.c) en Xen para Linux kernel v2.6.18 y v3.8, permite que los usuari... • http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2012-2119 – kernel: macvtap: zerocopy: vector length is not validated before pinning user pages
https://notcve.org/view.php?id=CVE-2012-2119
22 Jan 2013 — Buffer overflow in the macvtap device driver in the Linux kernel before 3.4.5, when running in certain configurations, allows privileged KVM guest users to cause a denial of service (crash) via a long descriptor with a long vector length. Desbordamiento de búfer en el controlador de dispositivo macvtap en el kernel de Linux anteriores a v3.4.5, cuando se ejecuta en ciertas configuraciones, permite a los usuarios invitados KVM privilegiados causar una denegación de servicio (caída) a través de un descriptor ... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=814278 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2012-4461 – kernel: kvm: invalid opcode oops on SET_SREGS with OSXSAVE bit set
https://notcve.org/view.php?id=CVE-2012-4461
22 Jan 2013 — The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl. El subsistema de KVM en el kernel de Linux antes de v3.6.9, cuando se ejecuta en máquinas que utilizan el espacio de usuario qemu sin XSAVE, permite a usuarios locales provocar una denegación de servicio (kernel oo... • http://article.gmane.org/gmane.comp.emulators.kvm.devel/100742 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2012-2137 – kernel: kvm: buffer overflow in kvm_set_irq()
https://notcve.org/view.php?id=CVE-2012-2137
22 Jan 2013 — Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to Message Signaled Interrupts (MSI), irq routing entries, and an incorrect check by the setup_routing_entry function before invoking the kvm_set_irq function. Desbordamiento de búfer en virt/KVM/irq_comm.c en el subsistema de KVM en el kernel de Linux antes de v3.2.24 que permite a usuarios locales provo... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=f2ebd422f71cda9c791f76f85d2ca102ae34a1ed • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 6%CPEs: 5EXPL: 0CVE-2012-3364
https://notcve.org/view.php?id=CVE-2012-3364
22 Jan 2013 — Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via incoming frames with crafted length fields. Múltiples desbordamientos de búfer basados en pila en Near Field Communication Controller Interface (NCI) en el kernel de Linux antes de v3.4.5 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecuta... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67de956ff5dc1d4f321e16cfbd63f5be3b691b43 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2012-2372 – kernel: rds-ping cause kernel panic
https://notcve.org/view.php?id=CVE-2012-2372
22 Jan 2013 — The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to cause a denial of service (BUG_ON and kernel panic) by establishing an RDS connection with the source IP address equal to the IPoIB interface's own IP address, as demonstrated by rds-ping. La función rds_ib_xmit en net/rds/ib_send.c en la implementación fiable de datagramas de protocolo Sockets (RDS) en el kernel Linux v3.7.4 y anteriores pe... • http://marc.info/?l=bugtraq&m=139447903326211&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 131EXPL: 0CVE-2012-5532 – hypervkvpd: Netlink source address validation allows denial of service
https://notcve.org/view.php?id=CVE-2012-5532
27 Dec 2012 — The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service (daemon exit) via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2669. La función principal de tools/hv/hv_kvp_daemon.c en hypervkvpd, distribuido en el kernel de Linux antes de v3.8-rc1, permite a usuarios locales provocar una denegación de servicio (salida ordenada del de... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=95a69adab9acfc3981c504737a2b6578e4d846ef •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2012-2669 – Mandriva Linux Security Advisory 2013-176
https://notcve.org/view.php?id=CVE-2012-2669
27 Dec 2012 — The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.4.5, does not validate the origin of Netlink messages, which allows local users to spoof Netlink communication via a crafted connector message. La función principal de tools/hv/hv_kvp_daemon.c en hypervkvpd, distribuido en el kernel de Linux antes de v3.4.5, no valida el origen de los mensajes netlink, lo que permite a usuarios locales falsificar comunicaciones netlink a través de un mensaje modificado. ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=bcc2c9c3fff859e0eb019fe6fec26f9b8eba795c • CWE-20: Improper Input Validation •