CVSS: 7.8EPSS: 12%CPEs: 199EXPL: 0CVE-2010-0008 – kernel: sctp remote denial of service
https://notcve.org/view.php?id=CVE-2010-0008
19 Mar 2010 — The sctp_rcv_ootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service (infinite loop) via (1) an Out Of The Blue (OOTB) chunk or (2) a chunk of zero length. La función sctp_rcv_ootb en la implementación de SCTP en el kernel de Linux anterior a versión 2.6.23, permite a los atacantes remotos causar una denegación de servicio (bucle infinito) por medio de (1) un fragmento Out Of The Blue (OOTB) o (2) un fragmento de longitud cero. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ece25dfa0991f65c4e1d26beb1c3c45bda4239b8 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 2CVE-2010-0727 – kernel: bug in GFS/GFS2 locking code leads to dos
https://notcve.org/view.php?id=CVE-2010-0727
16 Mar 2010 — The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on a (1) GFS or (2) GFS2 filesystem, and then changing this file's permissions. La función gfs2_lock en el Linux kernel anterior v2.6.34-rc1-next-20100312,... • http://lkml.org/lkml/2010/3/11/269 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2010-0410 – kernel: OOM/crash in drivers/connector
https://notcve.org/view.php?id=CVE-2010-0410
21 Feb 2010 — drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages. drivers/connector/connector.c en el Kernel de Linux anterior a la v2.6.32.8 permite a usuarios locales provocar una denegación de servicio (consumo de memoria y caída del sistema) enviando muchos mensajes NETLINK_CONNECTOR al Kernel. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f98bfbd78c37c5946cc53089da32a5f741efdeb7 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 141EXPL: 2CVE-2010-0415 – Linux Kernel 2.6.18 - 'move_pages()' Information Leak
https://notcve.org/view.php?id=CVE-2010-0415
17 Feb 2010 — The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set. La función do_pages_move en mm/migrate.c en el kernel de Linux en versiones anteriores a v2.6.33-rc7 no valida adecuadamente valores nodo, lo que permite a usuarios locales leer localizacione... • https://packetstorm.news/files/id/139877 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 2CVE-2010-0307 – Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service
https://notcve.org/view.php?id=CVE-2010-0307
17 Feb 2010 — The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function. La función load_elf_binary en fs/binfmt_elf.c en el ke... • https://www.exploit-db.com/exploits/33585 •
CVSS: 7.8EPSS: 0%CPEs: 141EXPL: 0CVE-2010-0622 – kernel: futex: Handle user space corruption gracefully
https://notcve.org/view.php?id=CVE-2010-0622
15 Feb 2010 — The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space. La función wake_futex_pi de kernel/futex.c del kernel de Linux en versiones anteriores a la v2.6.33-rc7 no gestiona apropiadamente ciertas operaciones de "unlock" (... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=51246bfd189064079c54421507236fd2723b18f3 •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2010-0623
https://notcve.org/view.php?id=CVE-2010-0623
15 Feb 2010 — The futex_lock_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly manage a certain reference count, which allows local users to cause a denial of service (OOPS) via vectors involving an unmount of an ext3 filesystem. La función futex_lock_pi en kernel/futex.c en el kernel de Linux anterior a 2.6.33-rc7 no maneja adecuadamente determinadas cuentas de referencia, lo que permite a usuarios locales provocar una denegación de servicio (OOPS) a través de vectores que involucran ... • http://bugzilla.kernel.org/show_bug.cgi?id=14256 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-0291 – kernel: untangle the do_mremap()
https://notcve.org/view.php?id=CVE-2010-0291
15 Feb 2010 — The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess." El kernel de Linux en versiones anteriores a la v2.6.32.4 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (panic) llamando a la función (1) mmap o (2) mremap, también conocido como el "do_mremap() mess" o el "mremap/mmap mess." • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0067bd8a55862ac9dd212bd1c4f6f5bff1ca1301 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2010-0298 – kvm: emulator privilege escalation
https://notcve.org/view.php?id=CVE-2010-0298
12 Feb 2010 — The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, a related issue to CVE-2010-0306. El emulador x86 en KVM3, no usa Current Privilege Level (CPL) e I/O Privilege Level (IOPL) para para determinar el acceso a memoria disponible para e... • http://secunia.com/advisories/38492 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2010-0006
https://notcve.org/view.php?id=CVE-2010-0006
26 Jan 2010 — The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network namespaces are enabled, allows remote attackers to cause a denial of service (NULL pointer dereference) via an invalid IPv6 jumbogram, a related issue to CVE-2007-4567. La función ipv6_hop_jumbo en net/ipv6/exthdrs.c en el kernel de Linux en versiones anteriores a 2.6.32.4, cuando los espacios de nombres de red están activados, permite a atacantes remotos producir una denegación de servicio (desreferencia a u... • http://bugs.gentoo.org/show_bug.cgi?id=300951 • CWE-476: NULL Pointer Dereference •