CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 1CVE-2009-1527 – Linux Kernel 2.6.x (Gentoo 2.6.29rc1) - 'ptrace_attach' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-1527
05 May 2009 — Race condition in the ptrace_attach function in kernel/ptrace.c in the Linux kernel before 2.6.30-rc4 allows local users to gain privileges via a PTRACE_ATTACH ptrace call during an exec system call that is launching a setuid application, related to locking an incorrect cred_exec_mutex object. Condición de carrera en la función ptrace_attach en kernel/ptrace.c en el kernel de Linux anterior a 2.6.40-rc4 permite a usuarios locales conseguir privilegios a través de la llamada PTRACE_ATTACH ptrace durante una ... • https://www.exploit-db.com/exploits/8673 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 11%CPEs: 334EXPL: 0CVE-2009-1439 – kernel: cifs: memory overwrite when saving nativeFileSystem field during mount
https://notcve.org/view.php?id=CVE-2009-1439
27 Apr 2009 — Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) via a long nativeFileSystem field in a Tree Connect response to an SMB mount request. Un desbordamiento de búfer en fs/cifs/connect.c en el kernel de Linux v2.6.29 y anteriores permite a atacantes remotos provocar una denegación de servicio (mediante caída) a través de un campo nativeFileSystem demasiado largo en una respuesta Tree Connect a una petición de montaje... • http://blog.fefe.de/?ts=b72905a8 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 330EXPL: 0CVE-2009-1192 – kernel: agp: zero pages before sending to userspace
https://notcve.org/view.php?id=CVE-2009-1192
24 Apr 2009 — The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. drivers/char/agp/generic.c en el subsistema en el kernel de Linux antes de v2.6.30-rc3 no vacía páginas que más tarde pueden estar disponibles para un proceso del espacio de usuario, lo que perm... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=59de2bebabc5027f93df999d59cc65df591c3e6e •
CVSS: 5.5EPSS: 0%CPEs: 199EXPL: 0CVE-2009-1336 – kernel: nfsv4 client can be crashed by stating a long filename
https://notcve.org/view.php?id=CVE-2009-1336
22 Apr 2009 — fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service (OOPS) via a long filename, related to the encode_lookup function. fs/nfs/client.c in el kernel de Linux en versiones anteriores a v2.6.23 no inicializa adecuadamente cierto miembro de la estructura que alacena la longitud máxima de fichero NFS, lo que permite a usuarios locales producir una denegación de ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=54af3bb543c071769141387a42deaaab5074da55 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 2%CPEs: 329EXPL: 1CVE-2009-1360
https://notcve.org/view.php?id=CVE-2009-1360
22 Apr 2009 — The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel before 2.6.29, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets. La función __inet6_check_established en net/ipv6/inet6_hashtables.c en el núcleo de Linux versiones anteriores a v2.6.29, cuando Network Namespace Support (también conocido como NET_NS) está activo, permite a atacantes... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3f53a38131a4e7a053c0aa060aba0411242fb6b9 •
CVSS: 6.9EPSS: 0%CPEs: 342EXPL: 1CVE-2009-1337 – Linux Kernel < 2.6.29 - 'exit_notify()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-1337
22 Apr 2009 — The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application. La función exit_notify en kernel/exit.c en el kernel Linux antes de la versión 2.6.30-rc1 no restringe las señales de salida cuando se alcanza la capacidad CAP_KILL , lo que ... • https://www.exploit-db.com/exploits/8369 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 130EXPL: 0CVE-2009-1338 – kernel: 'kill sig -1' must only apply to caller's pid namespace
https://notcve.org/view.php?id=CVE-2009-1338
22 Apr 2009 — The kill_something_info function in kernel/signal.c in the Linux kernel before 2.6.28 does not consider PID namespaces when processing signals directed to PID -1, which allows local users to bypass the intended namespace isolation, and send arbitrary signals to all processes in all namespaces, via a kill command. La función kill_something_info function en kernel/signal.c en el núcleo de Linux versiones anteriores a v2.6.28 no considera namespaces PID cuando está procesando señales dirigidas a PID -1, lo cua... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d25141a818383b3c3b09f065698c544a7a0ec6e7 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 1%CPEs: 114EXPL: 1CVE-2009-1265
https://notcve.org/view.php?id=CVE-2009-1265
08 Apr 2009 — Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes "garbage" memory to be sent. Desbordamiento de entero en rose_sendmsg (sys/net/af_rose.c) en el kernel de Linux v2.6.24.4 y otras versiones anteriores a la 2.6.30-rc1, podría permitir a atacantes remotos conseguir información sensible a través de un valor largo, lo que causaría que la "basu... • http://bugzilla.kernel.org/show_bug.cgi?id=10423 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2009-1242
https://notcve.org/view.php?id=CVE-2009-1242
06 Apr 2009 — The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka "Long mode enable") bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform. La función vmx_set_msr en arch/x86/kvm/vmx.c en la implementación VMX en el subsistema KVM en el kernel de Linux anteriores a v2.6.29.1 ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=16175a796d061833aacfbd9672235f2d2725df65 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2009-1243
https://notcve.org/view.php?id=CVE-2009-1243
06 Apr 2009 — net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an unlocking step in certain incorrect circumstances, which allows local users to cause a denial of service (panic) by reading zero bytes from the /proc/net/udp file and unspecified other files, related to the "udp seq_file infrastructure." net/ipv4/udp.c en el kernel de Linux anteriores a v2.6.29.1, desarrolla un paso desbloqueante en ciertas circunstancias incorrectas, lo que permite a los usuarios locales causar una denegación de servicio (panic... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=30842f2989aacfaba3ccb39829b3417be9313dbe • CWE-667: Improper Locking •