CVSS: 7.8EPSS: 5%CPEs: 8EXPL: 1CVE-2012-3412 – kernel: sfc: potential remote denial of service through TCP MSS option
https://notcve.org/view.php?id=CVE-2012-3412
14 Sep 2012 — The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value. El controlador sfc (también conocido como Solarflare Solarstorm) en el Kernel de Linux anteriores a v3.2.30 permite a atacantes remotos provocar una denegación de servicio (consumo de descriptor de DMA y fallo del controlador de red) a través de paquetes TCP manipula... • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00005.html • CWE-189: Numeric Errors CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.1EPSS: 0%CPEs: 104EXPL: 1CVE-2012-3511 – kernel: mm: use-after-free in madvise_remove()
https://notcve.org/view.php?id=CVE-2012-3511
14 Sep 2012 — Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call. Múltiples vulnerabilidades de condición de carrera en la función madvise_remove en el kernel Linux antes de v3.4.5, permite a usuarios locales causar una denegación de servicio (uso después de liberación y caída del sistema) a través de vectores que implican (1) mu... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 9.8EPSS: 6%CPEs: 5EXPL: 0CVE-2012-3364
https://notcve.org/view.php?id=CVE-2012-3364
13 Aug 2012 — Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via incoming frames with crafted length fields. Múltiples desbordamientos de búfer basados en pila en Near Field Communication Controller Interface (NCI) en el kernel de Linux antes de v3.4.5 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecuta... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=67de956ff5dc1d4f321e16cfbd63f5be3b691b43 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 1CVE-2012-3400 – kernel: udf: buffer overflow when parsing sparing table
https://notcve.org/view.php?id=CVE-2012-3400
13 Aug 2012 — Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem. Desbordamiento de búfer basado en memoria dinámica en la función udf_load_logicalvol en fs/udf/super.c en el Kernel de Linux anteriores a v3.4.5, permite a atacantes remotos causar una denegación de servicio (caída del sistema) o posiblemente tener otro impa... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1df2ae31c724e57be9d7ac00d78db8a5dabdd050 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2012-2137 – kernel: kvm: buffer overflow in kvm_set_irq()
https://notcve.org/view.php?id=CVE-2012-2137
18 Jun 2012 — Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to Message Signaled Interrupts (MSI), irq routing entries, and an incorrect check by the setup_routing_entry function before invoking the kvm_set_irq function. Desbordamiento de búfer en virt/KVM/irq_comm.c en el subsistema de KVM en el kernel de Linux antes de v3.2.24 que permite a usuarios locales provo... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=f2ebd422f71cda9c791f76f85d2ca102ae34a1ed • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2012-2372 – kernel: rds-ping cause kernel panic
https://notcve.org/view.php?id=CVE-2012-2372
18 Jun 2012 — The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to cause a denial of service (BUG_ON and kernel panic) by establishing an RDS connection with the source IP address equal to the IPoIB interface's own IP address, as demonstrated by rds-ping. La función rds_ib_xmit en net/rds/ib_send.c en la implementación fiable de datagramas de protocolo Sockets (RDS) en el kernel Linux v3.7.4 y anteriores pe... • http://marc.info/?l=bugtraq&m=139447903326211&w=2 •
CVSS: 4.7EPSS: 0%CPEs: 12EXPL: 0CVE-2012-2373 – kernel: mm: read_pmd_atomic: 32bit PAE pmd walk vs pmd_populate SMP race condition
https://notcve.org/view.php?id=CVE-2012-2373
18 Jun 2012 — The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that triggers a race condition. El kernel de Linux anterior a v3.4.5 en la plataforma x86, cuando Physical Address Extension (PAE) está activada, no utiliza correctamente Page Middle Directory (PMD), permitiendo a usuarios locales causar una denegación de servicio a t... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26c191788f18129af0eb32a358cdaea0c7479626 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2012-2119 – kernel: macvtap: zerocopy: vector length is not validated before pinning user pages
https://notcve.org/view.php?id=CVE-2012-2119
18 Jun 2012 — Buffer overflow in the macvtap device driver in the Linux kernel before 3.4.5, when running in certain configurations, allows privileged KVM guest users to cause a denial of service (crash) via a long descriptor with a long vector length. Desbordamiento de búfer en el controlador de dispositivo macvtap en el kernel de Linux anteriores a v3.4.5, cuando se ejecuta en ciertas configuraciones, permite a los usuarios invitados KVM privilegiados causar una denegación de servicio (caída) a través de un descriptor ... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=814278 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2012-2390 – kernel: huge pages: memory leak on mmap failure
https://notcve.org/view.php?id=CVE-2012-2390
13 Jun 2012 — Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service (memory consumption or system crash) via invalid MAP_HUGETLB mmap operations. Memoria no liberada (memory leak) en mm/hugetlb.c del kernel de Linux en versiones anteriores a la 3.4.2. Permite a usuarios locales provocar una denegación de servicio (consumo de la memoria o caída del sistema) a traves de operaciones mmap MAP_HUGETLB inválidas. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c50ac050811d6485616a193eb0f37bfbd191cc89 • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2012-2136 – kernel: net: insufficient data_len validation in sock_alloc_send_pskb()
https://notcve.org/view.php?id=CVE-2012-2136
29 May 2012 — The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device. La función sock_alloc_send_pskb en net/core/sock.c en el kernel de linux anterior a v3.4.5 no valida correctamente ciertos valores de longitud, permitiendo a usuarios locales causar una denegación de servi... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •