CVSS: 10.0EPSS: 8%CPEs: 260EXPL: 0CVE-2008-5134 – kernel: libertas: fix buffer overrun
https://notcve.org/view.php?id=CVE-2008-5134
18 Nov 2008 — Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact via an "invalid beacon/probe response." Desbordamiento de búfer en la función lbs_process_bss en drivers/net/wireless/libertas/scan.c en el subsistema libertas en versiones anteriores a 2.6.27.5 del kernel de linux, permite a los atacantes remotos tener un impacto desconocido a través de un "respuesta inválida ... • http://article.gmane.org/gmane.linux.kernel.wireless.general/23049 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 110EXPL: 0CVE-2008-5025 – kernel: hfs: fix namelength memory corruption
https://notcve.org/view.php?id=CVE-2008-5025
17 Nov 2008 — Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933. Desbordamiento de búfer basado en pila en la función hfs_cat_find_brec en fs/hfs/catalog.c en versiones del kernel de Linux anteriores a la 2.6.28-RC1 permite a atacantes provocar una denegación de servicio... • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=d38b7aa7fc3371b52d036748028db50b585ade2e • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 114EXPL: 1CVE-2008-5029 – kernel: Unix sockets kernel panic
https://notcve.org/view.php?id=CVE-2008-5029
10 Nov 2008 — The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors. La función __scm_destroy de net/core/scm.c en el kernel de Linux 2.6.27.4, 2.6.2 y anteriores; realiza llamadas recursivas indirectas a sí mismo a través de llamadas ... • http://archives.neohapsis.com/archives/bugtraq/2009-01/0006.html •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0CVE-2008-5033
https://notcve.org/view.php?id=CVE-2008-5033
10 Nov 2008 — The chip_command function in drivers/media/video/tvaudio.c in the Linux kernel 2.6.25.x before 2.6.25.19, 2.6.26.x before 2.6.26.7, and 2.6.27.x before 2.6.27.3 allows attackers to cause a denial of service (NULL function pointer dereference and OOPS) via unknown vectors. La function chip_command en drivers/media/video/tvaudio.c en el Kernel de Linux v2.6.25.x anteriores a v2.6.25.19, v2.6.26.x anteriores a v2.6.26.7, y v2.6.27.x anteriores a 2.6.27.3 permite a los atacantes provocar una denegación de servi... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5ba2f67afb02c5302b2898949ed6fc3b3d37dcf1 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 5%CPEs: 2EXPL: 0CVE-2008-4395
https://notcve.org/view.php?id=CVE-2008-4395
06 Nov 2008 — Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs. Múltiples desbordamientos de búfer en el modulo ndiswrapper v1.53 en el kernel de Linux v2.6 permite a atacantes remotos ejecutar código a su elección mediante el envío de paquetes a través de una red inalámbrica local que obligue a tener un ESSID largo. • http://bugs.gentoo.org/show_bug.cgi?id=239371 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 110EXPL: 0CVE-2008-4933 – kernel: hfsplus: fix Buffer overflow with a corrupted image
https://notcve.org/view.php?id=CVE-2008-4933
05 Nov 2008 — Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function. Desbordamiento del búfer en la función hfsplus_find_cat de fs/hfsplus/catalog.c en el kernel de Linux anterior a 2.6.28-rc1; permite a los atacantes provocar una denegación de servicio (corrupci... • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=efc7ffcb4237f8cb9938909041c4ed38f6e1bf40 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2008-3527 – kernel: missing boundary checks in syscall/syscall32_nopage()
https://notcve.org/view.php?id=CVE-2008-3527
05 Nov 2008 — arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 does not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the install_special_mapping, syscall, and syscall32_nopage functions. arch/i386/kernel/sysenter.c en la implementación Virtual Dynamic Shared Objects (vDSO) para el kernel de Linux anterior a v2.6.21, no comprueba de forma adecuada los límites; ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7d91d531900bfa1165d445390b3b13a8013f98f7 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2008-4934 – kernel: hfsplus: check read_mapping_page() return value
https://notcve.org/view.php?id=CVE-2008-4934
05 Nov 2008 — The hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the Linux kernel before 2.6.28-rc1 does not check a certain return value from the read_mapping_page function before calling kmap, which allows attackers to cause a denial of service (system crash) via a crafted hfsplus filesystem image. La función hfsplus_block_allocate en el archivo fs/hfsplus/bitmap.c en el kernel de Linux anterior a versión 2.6.28-rc1 no verifica cierto valor de retorno de la función read_mapping_page anterior al llamar a kmap... • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=649f1ee6c705aab644035a7998d7b574193a598a • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 109EXPL: 0CVE-2008-4618 – kernel: sctp: Fix kernel panic while process protocol violation parameter
https://notcve.org/view.php?id=CVE-2008-4618
20 Oct 2008 — The Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.27 does not properly handle a protocol violation in which a parameter has an invalid length, which allows attackers to cause a denial of service (panic) via unspecified vectors, related to sctp_sf_violation_paramlen, sctp_sf_abort_violation, sctp_make_abort_violation, and incorrect data types in function calls. La implementación de Stream Control Transmission Protocol (sctp) en los nucleos de Linux anteriores a v2.... • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.27.y.git%3Ba=commit%3Bh=ba0166708ef4da7eeb61dd92bbba4d5a749d6561 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2008-3831 – kernel: i915 kernel drm driver arbitrary ioremap
https://notcve.org/view.php?id=CVE-2008-3831
20 Oct 2008 — The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration. El driver i915 en (1) drivers/char/drm/i915_dma.c en el kernel v2.6.24 de Linux en De... • http://archives.neohapsis.com/archives/openbsd/cvs/2008-10/0365.html • CWE-399: Resource Management Errors •