CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2011-2491 – kernel: rpc task leak after flock()ing NFS share
https://notcve.org/view.php?id=CVE-2011-2491
24 Aug 2011 — The Network Lock Manager (NLM) protocol implementation in the NFS client functionality in the Linux kernel before 3.0 allows local users to cause a denial of service (system hang) via a LOCK_UN flock system call. La implementación del protocolo Network Lock Manager (NLM) en la funcionalidad de cliente NFS en el kernel de Linux anteriores a v3.0 permite a usuarios locales provocar una denegación de servicio (caída del sistema) a través de una llamada de sistema flock LOCK_UN. It was discovered that CIFS inco... • http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2011-2517 – kernel: nl80211: missing check for valid SSID size in scan operations
https://notcve.org/view.php?id=CVE-2011-2517
24 Aug 2011 — Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value. Múltiples desbordamientos de búfer en net/wireless/nl80211.c en el kernel de Linux antes de v2.6.39.2 permite a usuarios locales obtener privilegios mediante el aprovechamiento de la capacidad CAP_NET_ADMIN durante las operaciones de exploración con un valor de SSID de largo. It was discovered th... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2011-2689 – kernel: gfs2: make sure fallocate bytes is a multiple of blksize
https://notcve.org/view.php?id=CVE-2011-2689
21 Jul 2011 — The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system crash) by arranging for all resource groups to have too little free space. La función gfs2_fallocate en fs/gfs2/file.c en el kernel de Linux anterior a v3.0-rc1 no garantiza que el tamaño de un trozo de asignación sea un múltiplo del tamaño de bloque, lo que permite a usuario... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6905d9e4dda6112f007e9090bca80507da158e63 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2011-2213 – kernel: inet_diag: insufficient validation
https://notcve.org/view.php?id=CVE-2011-2213
15 Jul 2011 — The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880. La función net_diag_bc_audit en net/ipv4/inet_diag.c en el Kernel de Linux anterior a v2.6.39.3 no audita ade... • http://article.gmane.org/gmane.linux.network/197206 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.7EPSS: 0%CPEs: 10EXPL: 1CVE-2011-2492 – kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace
https://notcve.org/view.php?id=CVE-2011-2492
15 Jul 2011 — The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c. El subsistema de bluetooth en el kernel de Linux anteriores a v3.0-rc4 no inicializa correctamente algunas es... • https://packetstorm.news/files/id/105078 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 1%CPEs: 6EXPL: 1CVE-2011-1093 – kernel: dccp: fix oops on Reset after close
https://notcve.org/view.php?id=CVE-2011-1093
01 Jun 2011 — The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet. Función dccp_rcv_state_process en net/dccp/input.c en la implementación de Datagram Congestion Control Protocol(DCCP)en el kernel de linux an... • https://packetstorm.news/files/id/105078 • CWE-476: NULL Pointer Dereference •
CVSS: 6.7EPSS: 0%CPEs: 7EXPL: 2CVE-2011-1182 – kernel signal spoofing issue
https://notcve.org/view.php?id=CVE-2011-1182
25 May 2011 — kernel/signal.c in the Linux kernel before 2.6.39 allows local users to spoof the uid and pid of a signal sender via a sigqueueinfo system call. kernel/signal.c en Linux kernel anterior a v2.6.39 permite a usuarios locales falsear el "uid" y el "pid" a través de un envío de señal de una llamada del sistema "sigqueueinfo". The kernel packages contain the Linux kernel, the core of any Linux operating system. This update includes backported fixes for security issues. These issues, except for CVE-2011-1182, onl... • https://packetstorm.news/files/id/105078 •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2011-1776 – kernel: validate size of EFI GUID partition entries
https://notcve.org/view.php?id=CVE-2011-1776
12 May 2011 — The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel before 2.6.39 does not check the size of an Extensible Firmware Interface (EFI) GUID Partition Table (GPT) entry, which allows physically proximate attackers to cause a denial of service (heap-based buffer overflow and OOPS) or obtain sensitive information from kernel heap memory by connecting a crafted GPT storage device, a different vulnerability than CVE-2011-1577. La función is_gpt_valid en fs/partitions/efi.c en el kernel de Linux v2.... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fa039d5f6b126fbd65eefa05db2f67e44df8f121 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2011-1745 – kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls
https://notcve.org/view.php?id=CVE-2011-1745
09 May 2011 — Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call. Desbordamiento de enteros en la función agp_generic_insert_memory en los drivers /char/agp/generic.c del kernel de Linux con anterioridad a v2.6.38.5 permite a usuarios locales conseguir privilegios o causar una denegación de servicio ( fallo del sistema ) ... • https://packetstorm.news/files/id/105078 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2011-1746 – kernel: agp: insufficient page_count parameter checking in agp_allocate_memory()
https://notcve.org/view.php?id=CVE-2011-1746
09 May 2011 — Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffer overflows, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via vectors related to calls that specify a large number of memory pages. Multiples desbordamientos de enteros en las funciones agp_allocate_memory y agp_create_user_memory en los drivers /char/agp/g... • https://packetstorm.news/files/id/105078 • CWE-189: Numeric Errors •