CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-3945
https://notcve.org/view.php?id=CVE-2007-3945
23 Jul 2007 — Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes. Rule Set Based Access Control (RSBAC) anterior a 1.3.5 no utiliza de forma adecuada el API Crypto Linux Kernel del Linux kernel 2.6.x, el permite a atacantes dependientes del contexto evitar con... • http://download.rsbac.org/code/1.3.5/changes-1.3.5.txt •
CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 0CVE-2007-3380
https://notcve.org/view.php?id=CVE-2007-3380
20 Jul 2007 — The Distributed Lock Manager (DLM) in the cluster manager for Linux kernel 2.6.15 allows remote attackers to cause a denial of service (loss of lock services) by connecting to the DLM port, which probably prevents other processes from accessing the service. El gestor de bloqueos distribuidos (DLM) en el gestor de cluster para Linux kernel 2.6.15 permite a atacantes remotos provocar una denegación de servicio (pérdida de servicios bloqueados) al conectarse al puerto DLM, que probablemente evita que otros pro... • http://osvdb.org/37109 • CWE-16: Configuration •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3719
https://notcve.org/view.php?id=CVE-2007-3719
12 Jul 2007 — The process scheduler in the Linux kernel 2.6.16 gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges." El programador de procesos del núcleo de Linux 2.6.16 da preferencia a procesos "interactivos" que llevan a cabo paradas (sleeps) voluntarias, lo cual permite a usuarios locales provocar una denegación de servicio (consumo de CPU), como ... • http://osvdb.org/37127 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3720
https://notcve.org/view.php?id=CVE-2007-3720
12 Jul 2007 — The process scheduler in the Linux kernel 2.4 performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that result in the process not being active during a clock interrupt, as described in "Secretly Monopolizing the CPU Without Superuser Privileges." El planificador de procesos en Linux kernel 2.4 realiza planificación basado en la facturación CPU, recolectada con ... • http://osvdb.org/37126 •
CVSS: 5.5EPSS: 0%CPEs: 172EXPL: 0CVE-2007-3107
https://notcve.org/view.php?id=CVE-2007-3107
10 Jul 2007 — The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving floating point corruption and concurrency, related to clearing of MSR bits. El manejo de señal en el kernel de Linux versiones anteriores a 2.6.22, incluyendo a 2.6.2, cuando se ejecuta en sistemas PowerPC que usan HTX, permite a usuarios locales causar una denegación de servicio por medio de vectores no especific... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245580 •
CVSS: 7.8EPSS: 27%CPEs: 241EXPL: 0CVE-2007-3642
https://notcve.org/view.php?id=CVE-2007-3642
10 Jul 2007 — The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c in the Linux kernel before 2.6.20.15, 2.6.21.x before 2.6.21.6, and before 2.6.22 allows remote attackers to cause a denial of service (crash) via an encoded, out-of-range index value for a choice field, which triggers a NULL pointer dereference. Una función decode_choice en el archivo net/netfilter/nf_conntrack_h323_asn1.c en el kernel de Linux versiones anteriores a 2.6.20.15, versiones 2.6.21.x anteriores a 2.6.21.6, y versiones anterio... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=25845b5155b55cd77e42655ec24161ba3feffa47 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3513 – Locally triggerable memory consumption in usblcd
https://notcve.org/view.php?id=CVE-2007-3513
03 Jul 2007 — The lcd_write function in drivers/usb/misc/usblcd.c in the Linux kernel before 2.6.22-rc7 does not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption). La función lcd_write en drivers/usb/misc/usblcd.c del núcleo de Linux anterior a 2.6.22-rc7 no limita la cantidad de memoria utilizada por una llamada, lo cual permite a usuarios locales provocar una denegación de servicio (agotamiento de memoria). • http://osvdb.org/37116 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2007-3104 – Null pointer to an inode in a dentry can cause an oops in sysfs_readdir
https://notcve.org/view.php?id=CVE-2007-3104
26 Jun 2007 — The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat Enterprise Linux (RHEL) 4.5 and other distributions, allows users to cause a denial of service (kernel OOPS) by dereferencing a null pointer to an inode in a dentry. La función sysfs_readdir en el kernel de Linux versión 2.6, tal y como es usada en Red Hat Enterprise Linux (RHEL) versión 4.5 y otras distribuciones, permite a usuarios causar una denegación de servicio (OOPS del kernel) desreferenciando un puntero null para un inodo en un ... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=242558 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 4%CPEs: 252EXPL: 0CVE-2007-2876 – nf}_conntrack_sctp: remotely triggerable NULL ptr dereference
https://notcve.org/view.php?id=CVE-2007-2876
11 Jun 2007 — The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference. La función sctp_new en (1) ip_conntrack_proto_sctp.c y (2) nf_conntrack_proto_sctp.c en Netfilter en Linux kernel 2.6 anterior a 2.6.20.13, y 2.6.21.x anterior a 2.6.21.4, permite a atacantes remotos provocar deneg... • http://marc.info/?l=linux-kernel&m=118128610219959&w=2 •
CVSS: 9.1EPSS: 0%CPEs: 252EXPL: 0CVE-2007-2453 – /dev/random broken
https://notcve.org/view.php?id=CVE-2007-2453
11 Jun 2007 — The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting entropy, which might cause the random number generator to provide the same values after reboots on systems without an entropy source. La característica de número aleatorio en Linux kernel 2.6 anterior a 2.6.20.13, y 2.6.21.x anterior a 2.6.21.4, (1) no rellena adecuadamente la quiniela cuando no hay entropia, o ... • http://marc.info/?l=linux-kernel&m=118128610219959&w=2 •