CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 4CVE-2010-2963 – Linux Kernel 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite
https://notcve.org/view.php?id=CVE-2010-2963
20 Oct 2010 — drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device. drivers/media/video/v4l2-compat-ioctl32.c en la implementación de Video4Linux (V4L) en kernel de... • https://packetstorm.news/files/id/95287 • CWE-20: Improper Input Validation •
CVSS: 6.9EPSS: 0%CPEs: 21EXPL: 0CVE-2010-3442 – kernel: prevent heap corruption in snd_ctl_new()
https://notcve.org/view.php?id=CVE-2010-3442
04 Oct 2010 — Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call. Múltiples desbordamientos de entero en la función snd_ctl_new de sound/core/control.c en el kernel de Linux en versiones anteriores a la 2.6.36-rc5-next-20100929. Permiten a us... • http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=5591bf07225523600450edd9e6ad258bb877b779 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 11EXPL: 4CVE-2010-2959 – Linux Kernel < 2.6.36-rc1 (Ubuntu 10.04 / 2.6.32) - 'CAN BCM' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-2959
20 Aug 2010 — Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service (system crash) via crafted CAN traffic. Desbordamiento de enterno en net/can/bcm en la implementación Controller Area Network (CAN) del kernel de Linux anterior a v2.6.27.53, v2.6.32.x anterior a v2.6.32.21, v2.6.34.x anterior a v2.6.... • https://packetstorm.news/files/id/93242 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 4%CPEs: 32EXPL: 10CVE-2009-3547 – Linux Kernel 2.4.1 < 2.4.37 / 2.6.1 < 2.6.32-rc5 - 'pipe.c' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-3547
04 Nov 2009 — Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. Múltiples condiciones de carrera en fs/pipe.c en el kernel de Linux anteriores a v2.6.32-rc6 permite a usuarios locales producir una denegación de servicio )desreferencia a puntero NULL y caída del sistema) o conseguir privilegios mediante la apertura de un ... • https://packetstorm.news/files/id/139879 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-476: NULL Pointer Dereference CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 5CVE-2009-3621 – Linux Kernel 2.6.31.4 - 'unix_stream_connect()' Local Denial of Service
https://notcve.org/view.php?id=CVE-2009-3621
22 Oct 2009 — net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. net/unix/af_unix.c en el kernel de Linux v2.6.31.4 y anteriores permite a usuarios locales causar una denegación de servicio (el servidor se bloquea) creando un socket abstract-namespace AF_UNIX y realizando una ope... • https://www.exploit-db.com/exploits/10022 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2009-3620 – kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised
https://notcve.org/view.php?id=CVE-2009-3620
22 Oct 2009 — The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls. El controlador ATI Rage 128 (también conocido como r128), en el Kernel de Linux anterior a v2.6.31-git11 no verifica de forma adecuada el estado de inicialización del "Concurrent Command Engine (CCE)", l... • http://article.gmane.org/gmane.linux.kernel/892259 • CWE-476: NULL Pointer Dereference CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2009-2910 – kernel: x86_64 32 bit process register leak
https://notcve.org/view.php?id=CVE-2009-2910
20 Oct 2009 — arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode. arch/x86/ia32/ia32entry.S en el kernel de Linux anteriores a v2.6.31.4 en plataformas x86_64 no limpia adecuadamente ciertos registros del kernel antes de regresar al modo usuario, lo que permite a usuarios locales leer valores del registr... • http://git.kernel.org/?p=linux/kernel/git/x86/linux-2.6-tip.git%3Ba=commit%3Bh=24e35800cdc4350fc34e2bed37b608a9e13ab3b6 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 20EXPL: 0CVE-2009-3612 – kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7
https://notcve.org/view.php?id=CVE-2009-3612
19 Oct 2009 — The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881. La función tcf_fill_node en net/sched/cls_api.c del subsistema netlink en el kernel de Linux v2.6.x hasta la v2.6.32-rc5, y v2.4.3... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ad61df918c44316940404891d5082c63e79c256a • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 21%CPEs: 20EXPL: 9CVE-2009-2698 – Linux Kernel < 2.6.19 (Debian 4) - 'udp_sendmsg' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-2698
24 Aug 2009 — The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket. La función udp_sendmsg en la implementación UDP en los archivos (1) net/ipv4/udp.c y (2) net/ipv6/udp.c en el kernel de Linux anterior a versión 2.6.19, permite a los usuarios locales obtener privilegios o causar ... • https://packetstorm.news/files/id/80934 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 2CVE-2009-2848 – kernel: execve: must clear current->clear_child_tid
https://notcve.org/view.php?id=CVE-2009-2848
18 Aug 2009 — The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. Una función execve en el kernel de Linux, posiblemente versión 2.6.30-rc6 y anteriores, no borra apropiadamente el puntero de curr... • http://article.gmane.org/gmane.linux.kernel/871942 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-269: Improper Privilege Management •