CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2009-1883 – kernel: missing capability check in z90crypt
https://notcve.org/view.php?id=CVE-2009-1883
18 Sep 2009 — The z90crypt_unlocked_ioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage. La función z90crypt_unlocked_ioctl en el controlador z90crypt del kernel de Linux v2.6.9, no realiza una comprobaciónd e capacidad en la operación Z90QUIESCE, esto permite a usuarios locales elevar los privilegios euid 0 para forzar una parada en el controlador. • http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2009-3238 – kernel: random: add robust get_random_u32, remove weak get_random_int
https://notcve.org/view.php?id=CVE-2009-3238
18 Sep 2009 — The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time." La función get_random_int de drivers/char/random.c en el kernel de Linux anterior a v2.6.30, produce números que nos son suficientemente aleat... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8a0a9bd4db63bc45e3017bedeafbd88d0eb84d02 • CWE-330: Use of Insufficiently Random Values CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2009-3234 – Linux Kernel 2.6.31 - 'perf_counter_open()' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-3234
17 Sep 2009 — Buffer overflow in the perf_copy_attr function in kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service (crash) and execute arbitrary code via a "big size data" to the perf_counter_open system call. Un desbordamiento de búfer en la función perf_copy_attr en el archivo kernel/perf_counter.c en el kernel de Linux versión 2.6.31-rc1, permite a los usuarios locales causar una denegación de servicio (bloqueo) y ejecutar código arbitrario por medio de un "big size da... • https://www.exploit-db.com/exploits/33228 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 3%CPEs: 15EXPL: 0CVE-2009-2903
https://notcve.org/view.php?id=CVE-2009-2903
15 Sep 2009 — Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams. Fuga de memoria en el subsistema appletalk en el Kernel de Linux v2.4.x hasta v2.4.37.6 y v2.6.x hasta v2.6.31, cuando los módulos appletalk y ipddp están cargados pero el dispositivo ipddp"N" no se encuentra, permite a at... • http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git%3Ba=commit%3Bh=ffcfb8db540ff879c2a85bf7e404954281443414 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 316EXPL: 4CVE-2009-3043 – Linux Kernel 2.6.x - 'drivers/char/tty_ldisc.c' Null Pointer Dereference Denial of Service
https://notcve.org/view.php?id=CVE-2009-3043
02 Sep 2009 — The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux kernel 2.6.31-rc before 2.6.31-rc8 allows local users to cause a denial of service (system crash, sometimes preceded by a NULL pointer dereference) or possibly gain privileges via certain pseudo-terminal I/O activity, as demonstrated by KernelTtyTest.c. La función tty_ldisc_hangup en el archivo drivers/char/tty_ldisc.c en el kernel de Linux versiones 2.6.31-rc anteriores a 2.6.31-rc8, permite a los usuarios locales causar una denegación ... • https://www.exploit-db.com/exploits/33193 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 4CVE-2009-3001 – Linux Kernel 2.6.31-rc7 - 'AF_LLC getsockname' 5-Byte Stack Disclosure
https://notcve.org/view.php?id=CVE-2009-3001
28 Aug 2009 — The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel 2.6.31-rc7 and earlier does not initialize a certain data structure, which allows local users to read the contents of some kernel memory locations by calling getsockname on an AF_LLC socket. La función llc_ui_getname en net/llc/af_llc.c del kernel de Linux v2.6.31-rc7 y anteriores no inicializa cierta estructura de datos, lo que permite leer a los usuarios locales el contenido de algunas celdas de memoria del núcleo llamando a la función ge... • https://www.exploit-db.com/exploits/9513 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 5CVE-2009-3002 – Linux Kernel 2.6.30 - 'atalk_getname()' 8-bytes Stack Disclosure
https://notcve.org/view.php?id=CVE-2009-3002
28 Aug 2009 — The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to the atalk_getname function in net/appletalk/ddp.c; (2) an AF_IRDA socket, related to the irda_getname function in net/irda/af_irda.c; (3) an AF_ECONET socket, related to the econet_getname function in net/econet/af_econet.c; (4) an AF_NETROM socket, related to the... • https://www.exploit-db.com/exploits/9521 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 315EXPL: 1CVE-2009-2695 – kernel: SELinux and mmap_min_addr
https://notcve.org/view.php?id=CVE-2009-2695
28 Aug 2009 — The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that target page zero and other low memory addresses, which allows local users to gain privileges by exploiting NULL pointer dereference vulnerabilities, related to (1) the default configuration of the allow_unconfined_mmap_low boolean in SELinux on Red Hat Enterprise Linux (RHEL) 5, (2) an error that causes allow_unconfined_mmap_low to be ignored in the unconfined_t domain, (3) lack of a requirement for the CAP_SYS_RAWIO capabilit... • http://danwalsh.livejournal.com/30084.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 5CVE-2009-2698 – Linux Kernel < 2.6.19 (Debian 4) - 'udp_sendmsg' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-2698
27 Aug 2009 — The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket. La función udp_sendmsg en la implementación UDP en los archivos (1) net/ipv4/udp.c y (2) net/ipv6/udp.c en el kernel de Linux anterior a versión 2.6.19, permite a los usuarios locales obtener privilegios o causar ... • https://www.exploit-db.com/exploits/9575 • CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 309EXPL: 1CVE-2009-2849 – kernel: md: NULL pointer deref when accessing suspend_* sysfs attributes
https://notcve.org/view.php?id=CVE-2009-2849
18 Aug 2009 — The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2 might allow local users to cause a denial of service (NULL pointer dereference) via vectors related to "suspend_* sysfs attributes" and the (1) suspend_lo_store or (2) suspend_hi_store functions. NOTE: this is only a vulnerability when sysfs is writable by an attacker. El driver md (drivers/md/md.c) en el kernel de Linux anteriores a 2.6.30.2 podría permitir a usuarios locales producir una denegación de servicio (referencia a un puntero nul... • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.30.y.git%3Ba=commit%3Bh=3c92900d9a4afb176d3de335dc0da0198660a244 • CWE-476: NULL Pointer Dereference •