Page 284 of 3020 results (0.047 seconds)

CVSS: 7.8EPSS: 0%CPEs: 65EXPL: 0

03 Oct 2008 — The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by splicing into an inode in order to create an executable file in a setgid directory, a different vulnerability than CVE-2008-4210. La función generic_file_splice_write de fs/splice.c en Linux kern... • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.19.y.git%3Ba=commit%3Bh=8c34e2d63231d4bf4852bac8521883944d770fe3 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.5EPSS: 0%CPEs: 124EXPL: 2

03 Oct 2008 — A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, and before 2.6.26.5-45 on Fedora 9, allows local users to cause a denial of service (NULL pointer dereference and system crash or hang) via a call to the utrace_control function. Cierto parche de Fedora en el subsistema utrace de Linux Kernel versiones anteriores a v2.6.26.5-28 de Fedora 8, y versiones anteriores a v2.6.26.5-45 de Fedora 9, permite a usuarios locales provocar una denegación de servicio (punte... • https://www.exploit-db.com/exploits/32451 • CWE-399: Resource Management Errors •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2

29 Sep 2008 — fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool. fs/splice.c en el subsistema "splice" en el kernel de Linux anterior a v2.6.22.2 no maneja de forma adecuada un fallo en la función add_to_page_cache_Lru, y como consecuencia inten... • https://www.exploit-db.com/exploits/32384 • CWE-667: Improper Locking •

CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 2

29 Sep 2008 — fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. fs/open.c en el kernel de Linux anterior a v2.6.22 no elimina de forma adecuada los bits "setuid" y... • https://www.exploit-db.com/exploits/6851 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 0%CPEs: 99EXPL: 1

16 Sep 2008 — The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function. Función The sctp_getsockopt_hmac_ident en net/sctp/socket.c la implementación de Stre... • https://www.exploit-db.com/exploits/7618 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1

04 Sep 2008 — fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. fs/direct-io.c del subsistema dio del núcleo de Linux anterior a 2.6.23, no suprime de forma correcta la estructura dio, esto permite a usuario locales provocar una denegación de servicio (OOPS), como se ha demostrado en determinados test fio. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=848c4dd5153c7a0de55470ce99a8e13a63b4703f •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1

12 Aug 2008 — The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories. Las funciones (1) real_lookup y (2) __lookup_hash en el archivo fs/namei.c en la implementación de vfs en el kernel de Linux anterior a versió... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d70b67c8bc72ee23b55381bd6a884f4796692f77 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1

08 Aug 2008 — The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv program, related to allocation of "useless pages" and improper maintenance of the i_blocks count. La función shmem_delete_inode de mm/shmem.c en la implementación the tmpfs de Linux kernel versiones anteriores a 2.6.26.1 permite a usua... • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.26.y.git%3Ba=commit%3Bh=14fcc23fdc78e9d32372553ccf21758a9bd56fa1 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1

08 Aug 2008 — Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the Linux Test Project. Error de superación del límite en la función iov_iter_advance de mm/filemap.c en Linux kernel versiones anteriores a 2.6.27-rc2 permite a usuarios locales provocar una denegación de servicio (ca... • http://mirror.celinuxforum.org/gitstat/commit-detail.php?commit=94ad374a0751f40d25e22e036c37f7263569d24c • CWE-193: Off-by-one Error •

CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0

08 Aug 2008 — The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information. La función snd_seq_oss_synth_make_info de sound/core/seq/oss/seq_oss_synth.c en el subsistema sound de Linux kernel versiones anteriores a 2.6.27-rc2 no verifica que el número de disposi... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=82e68f7ffec3800425f2391c8c86277606860442 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •