CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2010-0410 – kernel: OOM/crash in drivers/connector
https://notcve.org/view.php?id=CVE-2010-0410
21 Feb 2010 — drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages. drivers/connector/connector.c en el Kernel de Linux anterior a la v2.6.32.8 permite a usuarios locales provocar una denegación de servicio (consumo de memoria y caída del sistema) enviando muchos mensajes NETLINK_CONNECTOR al Kernel. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f98bfbd78c37c5946cc53089da32a5f741efdeb7 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 141EXPL: 2CVE-2010-0415 – Linux Kernel 2.6.18 - 'move_pages()' Information Leak
https://notcve.org/view.php?id=CVE-2010-0415
17 Feb 2010 — The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set. La función do_pages_move en mm/migrate.c en el kernel de Linux en versiones anteriores a v2.6.33-rc7 no valida adecuadamente valores nodo, lo que permite a usuarios locales leer localizacione... • https://packetstorm.news/files/id/139877 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 2CVE-2010-0307 – Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service
https://notcve.org/view.php?id=CVE-2010-0307
17 Feb 2010 — The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application that attempts to execute a 64-bit application and then triggers a segmentation fault, as demonstrated by amd64_killer, related to the flush_old_exec function. La función load_elf_binary en fs/binfmt_elf.c en el ke... • https://www.exploit-db.com/exploits/33585 •
CVSS: 7.8EPSS: 0%CPEs: 141EXPL: 0CVE-2010-0622 – kernel: futex: Handle user space corruption gracefully
https://notcve.org/view.php?id=CVE-2010-0622
15 Feb 2010 — The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space. La función wake_futex_pi de kernel/futex.c del kernel de Linux en versiones anteriores a la v2.6.33-rc7 no gestiona apropiadamente ciertas operaciones de "unlock" (... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=51246bfd189064079c54421507236fd2723b18f3 •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2010-0623
https://notcve.org/view.php?id=CVE-2010-0623
15 Feb 2010 — The futex_lock_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly manage a certain reference count, which allows local users to cause a denial of service (OOPS) via vectors involving an unmount of an ext3 filesystem. La función futex_lock_pi en kernel/futex.c en el kernel de Linux anterior a 2.6.33-rc7 no maneja adecuadamente determinadas cuentas de referencia, lo que permite a usuarios locales provocar una denegación de servicio (OOPS) a través de vectores que involucran ... • http://bugzilla.kernel.org/show_bug.cgi?id=14256 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-0291 – kernel: untangle the do_mremap()
https://notcve.org/view.php?id=CVE-2010-0291
15 Feb 2010 — The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess." El kernel de Linux en versiones anteriores a la v2.6.32.4 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (panic) llamando a la función (1) mmap o (2) mremap, también conocido como el "do_mremap() mess" o el "mremap/mmap mess." • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0067bd8a55862ac9dd212bd1c4f6f5bff1ca1301 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2010-0298 – kvm: emulator privilege escalation
https://notcve.org/view.php?id=CVE-2010-0298
12 Feb 2010 — The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, a related issue to CVE-2010-0306. El emulador x86 en KVM3, no usa Current Privilege Level (CPL) e I/O Privilege Level (IOPL) para para determinar el acceso a memoria disponible para e... • http://secunia.com/advisories/38492 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2009-3556 – kernel: qla2xxx NPIV vport management pseudofiles are world writable
https://notcve.org/view.php?id=CVE-2009-3556
27 Jan 2010 — A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport_delete files under /sys/class/scsi_host/, which allows local users to make arbitrary changes to SCSI host attributes by modifying these files. Un paso en la configuración para el controlador qla2xxx sobre el Kernel 2.6.18 en Red Hat Enterprise Linux (RHEL) 5, c... • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html • CWE-264: Permissions, Privileges, and Access Controls CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 2%CPEs: 7EXPL: 1CVE-2009-4272 – kernel: emergency route cache flushing leads to node deadlock
https://notcve.org/view.php?id=CVE-2009-4272
27 Jan 2010 — A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (deadlock) via crafted packets that force collisions in the IPv4 routing hash table, and trigger a routing "emergency" in which a hash chain is too long. NOTE: this is related to an issue in the Linux kernel before 2.6.31, when the kernel routing cache is disabled, involving an uninitialized pointer and a panic. Cierto parche de Red Hat para net/ip... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=73e42897e8e5619eacb787d2ce69be12f47cfc21 • CWE-476: NULL Pointer Dereference CWE-667: Improper Locking •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2010-0006
https://notcve.org/view.php?id=CVE-2010-0006
26 Jan 2010 — The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network namespaces are enabled, allows remote attackers to cause a denial of service (NULL pointer dereference) via an invalid IPv6 jumbogram, a related issue to CVE-2007-4567. La función ipv6_hop_jumbo en net/ipv6/exthdrs.c en el kernel de Linux en versiones anteriores a 2.6.32.4, cuando los espacios de nombres de red están activados, permite a atacantes remotos producir una denegación de servicio (desreferencia a u... • http://bugs.gentoo.org/show_bug.cgi?id=300951 • CWE-476: NULL Pointer Dereference •