CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0CVE-2011-3585 – Samba mtab lock file race condition
https://notcve.org/view.php?id=CVE-2011-3585
04 Oct 2011 — Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists. Múltiples condiciones de carrera en los programas (1) mount.cifs y (2) umount.cifs en Samba versión 3.6, permiten a usuarios locales causar una denegación de servicio (interrupción del montaje) por medio de una señal SIGKILL durante una ventana de tiempo cuando existe el archivo /et... • https://bugzilla.redhat.com/show_bug.cgi?id=742907 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 2CVE-2009-4067 – Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2009-4067
23 Sep 2011 — Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system. Un desbordamiento del búfer en la función auerswald_probe en el controlador USB Auerswald Linux para el kernel de Linux versiones anteriores a 2.6.27, permite a atacantes físicamente próximos ejecutar código arbitrario, causar una denegación ... • https://www.exploit-db.com/exploits/35957 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2011-2699 – kernel: ipv6: make fragment identifications less predictable
https://notcve.org/view.php?id=CVE-2011-2699
14 Sep 2011 — The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets. La implementación de IPv6 en el kernel de Linux antes de v3.1 no genera valores de los fragmentos de identificación por separado para cada destino, lo que hace que sea más fácil para los atacantes remotos causar una denegaci... • https://packetstorm.news/files/id/105078 •
CVSS: 9.1EPSS: 3%CPEs: 26EXPL: 0CVE-2011-3188 – kernel: net: improve sequence number generation
https://notcve.org/view.php?id=CVE-2011-3188
09 Sep 2011 — The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets. Las implementaciones de (1) IPv4 y (2) IPv6 en el kernel de Linux antes de v3.1 utiliza una versión modificada de algoritmo MD4 para generar números de secuencia y val... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2011-3191 – kernel: cifs: signedness issue in CIFSFindNext()
https://notcve.org/view.php?id=CVE-2011-3191
09 Sep 2011 — Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory. Error de signo de entero en la función CIFSFindNext en fs/cifs/cifssmb.c en el kernel de Linux antes de v3.1 permite a los servidores CIFS remotos provocar una denegación de servicio (corrupción de memoria) o posib... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=9438fabb73eb48055b58b89fc51e0bc4db22fabd • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2011-2525 – kernel: kernel: net_sched: fix qdisc_notify()
https://notcve.org/view.php?id=CVE-2011-2525
21 Jul 2011 — The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call. La función qdisc_notify de net/sched/sch_api.c del kernel de Linux en versiones anteriores a la 2.6.35 no previene que la función tc_fill_qdisc haga referencia a estructuras ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=53b0f08042f04813cd1a7473dacd3edfacb28eb3 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 2%CPEs: 4EXPL: 0CVE-2010-4251 – kernel: unlimited socket backlog DoS
https://notcve.org/view.php?id=CVE-2010-4251
26 May 2011 — The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests. La implementación del socket en net/core/sock.c en el kernel de Linux anterior a v2.6.34 no maneja correctamente un retraso de los paquetes recibidos, que permite a atacantes remotos provocar una denegación de ser... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8eae939f1400326b06d0c9afe53d2a484a326871 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2010-4805 – kernel: unlimited socket backlog DoS
https://notcve.org/view.php?id=CVE-2010-4805
26 May 2011 — The socket implementation in net/core/sock.c in the Linux kernel before 2.6.35 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service by sending a large amount of network traffic, related to the sk_add_backlog function and the sk_rmem_alloc socket field. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4251. La implementación del socket en net/core/sock.c en el kernel de Linux anteriores a v2.6.35 no maneja correctamente un... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c377411f2494a931ff7facdbb3a6839b1266bcf6 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 270EXPL: 0CVE-2011-1011 – policycoreutils: insecure temporary directory handling in seunshare
https://notcve.org/view.php?id=CVE-2011-1011
24 Feb 2011 — The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp... • http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0585.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 1CVE-2010-2526 – lvm2-cluster: insecurity when communicating between lvm2 and clvmd
https://notcve.org/view.php?id=CVE-2010-2526
04 Aug 2010 — The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands. El cluster logical volume manager daemon (clvmd) en lvm2-cluster en LVM2 anterior v2.02.72, como el usado en Red Hat Global File Sys... • http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html • CWE-287: Improper Authentication •