CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5500 – kernel hang via userspace PTRACE+waitid
https://notcve.org/view.php?id=CVE-2007-5500
20 Nov 2007 — The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. NOTE: some of these details are obtained from third party information. La función wait_task_stopped en el kernel de Linux versiones anteriores a 2.6.23.8 comprueba un bit TASK_TRACED en vez de un valor exit_state, lo cual permite a usuarios locales provocar una denegación de servicio (caída d... • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.23.y.git%3Ba=commitdiff%3Bh=36ef66c5d137b9a31fd8c35d236fb9e26ef74f97 •
CVSS: 7.8EPSS: 35%CPEs: 64EXPL: 0CVE-2007-5501
https://notcve.org/view.php?id=CVE-2007-5501
15 Nov 2007 — The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer dereference. La función tcp_sacktag_write_queue en el archivo net/ipv4/tcp_input.c en el kernel de Linux versiones 2.6.21 hasta 2.6.23.7 ??y versiones 2.6.24-rc hasta 2.6.24-rc2, permite a atacantes remotos causar una denegación de servicio (bloqueo de aplicaci... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=96a2d41a3e495734b63bff4e5dd0112741b93b38 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2006-7229
https://notcve.org/view.php?id=CVE-2006-7229
15 Nov 2007 — The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly use the spin_lock and spin_unlock functions, which allows remote attackers to cause a denial of service (machine crash) via a flood of network traffic. El controlador de dispositivo skge 1.5 en el núcleo de Linux 2.6.15 en Ubuntu no utiliza apropiadamente las funciones spin_lock y spin_unlock, lo cual permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) mediante una inundación de tráfico de red. • http://secunia.com/advisories/28971 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-2007-5904 – Buffer overflow in CIFS VFS
https://notcve.org/view.php?id=CVE-2007-5904
09 Nov 2007 — Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function. Múltiples desbordamientos de búfer en el CIFS VFS en el kernel de Linux 2.6.23 y versiones anteriores permiten a atacantes remotos provocar una denegación de servicio (caída) y, posiblemente, ejecutar código de su elección a través de respuestas SMB largas, que d... • http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git%3Ba=commitdiff%3Bh=133672efbc1085f9af990bdc145e1822ea93bcf3 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 18%CPEs: 1EXPL: 0CVE-2007-4997 – kernel ieee80211 off-by-two integer underflow
https://notcve.org/view.php?id=CVE-2007-4997
06 Nov 2007 — Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA flag is set, aka an "off-by-two error." desbordamiento inferior de entero en la funcióni eee80211_rx en net/ieee80211/ieee80211_rx.c en el nucleo de Linux 2.6.x anterior a 2.6.23 permite a atacantes remotos provocar denegación de servicio ... • ftp://ftp.kernel.org/pub/linux/kernel/people/bunk/linux-2.6.16.y/testing/ChangeLog-2.6.16.57-rc1 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2007-3850 – kernel LTC31426-4k page mapping support for userspace in 64k kernels
https://notcve.org/view.php?id=CVE-2007-3850
23 Oct 2007 — The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space. El controlador eHCA en el kernel de Linux 2.6 anterior a 2.6.22, cuando funciona sobre PowerPC, no mapea de forma adecuada el espacio de usuario, lo cual permite a usuarios locales leer porciones de espacio de direcciones físicas. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=721151d004dcf01a71b12bb6b893f9160284cf6e • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 1%CPEs: 1EXPL: 0CVE-2007-4133 – prio_tree unit kernel panic
https://notcve.org/view.php?id=CVE-2007-4133
04 Oct 2007 — The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE units, which allows local users to cause a denial of service (panic) via unspecified vectors. Las funciones (1) hugetlb_vmtruncate_list y (2) hugetlb_vmtruncate en fs/hugetlbfs/inode.c del núcleo de Linux anterior a 2.6.19-rc4 realiza determinados cálculos prio_tree usando unidades HPAGE_SIZE en lugar d... • http://secunia.com/advisories/26994 •
CVSS: 6.2EPSS: 0%CPEs: 191EXPL: 0CVE-2007-5093 – kernel PWC driver DoS
https://notcve.org/view.php?id=CVE-2007-5093
26 Sep 2007 — The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device. El método disconnect en el controlador Philips USB Webcam (pwc) e... • http://marc.info/?l=linux-kernel&m=118873457814808&w=2 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2007-4571 – Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure
https://notcve.org/view.php?id=CVE-2007-4571
26 Sep 2007 — The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc. La función snd_mem_proc_read en sound/core/memalloc.c de Advanced Linux Sound Architecture (ALSA) en el núcleo de Linux anterior a 2.6.22.8 no devuelve el t... • https://www.exploit-db.com/exploits/30605 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5087
https://notcve.org/view.php?id=CVE-2007-5087
26 Sep 2007 — The ATM module in the Linux kernel before 2.4.35.3, when CLIP support is enabled, allows local users to cause a denial of service (kernel panic) by reading /proc/net/atm/arp before the CLIP module has been loaded. El módulo ATM en el núcleo Linux anterior a 2.4.35.3, cuando el soporte de CLIP está habilitado, permite a usuarios locales provocar una denegación de servicio (kernel panic) leyendo /proc/net/atm/arp antes de que el módulo CLIP se haya cargado. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.35.y.git%3Ba=commitdiff%3Bh=b7ae15e7707050baafe5a35e3d4f2d175197d222 • CWE-264: Permissions, Privileges, and Access Controls •