CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 0CVE-2010-2942 – kernel: net sched: fix some kernel memory leaks
https://notcve.org/view.php?id=CVE-2010-2942
21 Sep 2010 — The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sc... • http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=1c40be12f7d8ca1d387510d39787b12e512a7ce8 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2010-3080 – kernel: /dev/sequencer open failure is not handled correctly
https://notcve.org/view.php?id=CVE-2010-3080
21 Sep 2010 — Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful attempt to open the /dev/sequencer device. Vulnerabilidad de doble liberación en la función snd_seq_oss_open de sound/core/seq/oss/seq_oss_init.c en el kernel Linux anterior a v6.36-rc4 podría permitir a usuarios locales causar una denegación de servicio o posibl... • http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=c598337660c21c0afaa9df5a65bb4a7a0cf15be8 • CWE-415: Double Free •
CVSS: 8.4EPSS: 0%CPEs: 11EXPL: 3CVE-2010-2959 – Linux Kernel < 2.6.36-rc1 (Ubuntu 10.04 / 2.6.32) - 'CAN BCM' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-2959
08 Sep 2010 — Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service (system crash) via crafted CAN traffic. Desbordamiento de enterno en net/can/bcm en la implementación Controller Area Network (CAN) del kernel de Linux anterior a v2.6.27.53, v2.6.32.x anterior a v2.6.32.21, v2.6.34.x anterior a v2.6.... • https://www.exploit-db.com/exploits/14814 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2010-2960
https://notcve.org/view.php?id=CVE-2010-2960
08 Sep 2010 — The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and earlier expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function. La función keyctl_session_to_parent en security/keys/keyctl.c en el kernel de Linux v2.6.35.4 y anteriores, espera que determinados keyrings de sesió... • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2010-2066 – kernel: ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files
https://notcve.org/view.php?id=CVE-2010-2066
08 Sep 2010 — The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT ioctl call that specifies this file as a donor. La función mext_check_arguments en fs/ext4/move_extent.c en el kernel de Linux anterior a v2.6.35, permite a usuarios locales sobrescribir una archivo de solo-añadir (append-only) a través de una llamada MOVE_EXT ioctl que especifica este archivo como un donante. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1f5a81e41f8b1a782c68d3843e9ec1bfaadf7d72 •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2010-2524 – kernel: dns_resolver upcall security issue
https://notcve.org/view.php?id=CVE-2010-2524
08 Sep 2010 — The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a "cache stuffing" issue and MS-DFS referrals. La funcionalidad de resolución DNS en el kernel de Linux anterior a v2.6.35, cuando CONFIG_CI... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4c0c03ca54f72fdd5912516ad0a23ec5cf01bda7 •
CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 0CVE-2009-4895 – kernel: tty->pgrp races
https://notcve.org/view.php?id=CVE-2009-4895
08 Sep 2010 — Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via unknown vectors, related to the put_tty_queue and __f_setown functions. NOTE: the vulnerability was addressed in a different way in 2.6.32.9. Condición de carrera en la función tty_fasync en drivers/char/tty_io.c en el kernel de Linux v2.6.32.6, permite a usuarios locale... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=703625118069f9f8960d356676662d3db5a9d116 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2010-2803 – kernel: drm ioctls infoleak
https://notcve.org/view.php?id=CVE-2010-2803
08 Sep 2010 — The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive information from kernel memory by requesting a large memory-allocation amount. La función drm_ioctl en drivers/gpu/drm/drm_drv.c en el subsistema Direct Rendering Manager (DRM) en el kernel de Linux anterior a v2.6.27.53, v2.6.32.x anterior ... • http://git.kernel.org/?p=linux/kernel/git/airlied/drm-2.6.git%3Ba=commit%3Bh=1b2f1489633888d4a06028315dc19d65768a1c05 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2010-2495
https://notcve.org/view.php?id=CVE-2010-2495
08 Sep 2010 — The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via vectors related to a routing change. La función pppol2tp_xmit en drivers/net/pppol2tp.c en la implementación L2TP en el kernel de Linux anterior a v2.6.34, no valida adecuadamente determinados... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3feec9095d12e311b7d4eb7fe7e5dfa75d4a72a5 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2010-2492 – kernel: ecryptfs_uid_hash() buffer overflow
https://notcve.org/view.php?id=CVE-2010-2492
08 Sep 2010 — Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors. Vulnerabilidad de desbordamiento de búfer en la macro ecryptfs_uid_hash en fs/ecryptfs/messaging.c del subsistema eCryptfs del kernel de Linux anterior a v2.6.35, podría permitir a a usuarios locales obtener privilegios o provocar una denegación de servicio (caída d... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a6f80fb7b5986fda663d94079d3bba0937a6b6ff • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •