CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2010-4081 – kernel: drivers/sound/pci/rme9652/hdspm.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-4081
30 Nov 2010 — The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call. La función snd_hdspm_hwdep_ioctl en sound/pci/rme9652/hdspm.c en el kernel de Linux anterior a v2.6.36-rc6 no inicializa una determinada estructura, lo que permite a usuarios locales obtener información sensible de la pila... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e68d3b316ab7b02a074edc4f770e6a746390cb7d • CWE-909: Missing Initialization of Resource •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2010-4083 – kernel: ipc/sem.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-4083
30 Nov 2010 — The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3) IPC_STAT, or (4) SEM_STAT command in a semctl system call. La función copy_semid_to_user en ipc/sem.c en el kernel de Linux asntes de v2.6.36 no inicializa una determinada estructura, lo que permite a usuarios locales obtener información potencialmente sensibl... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=982f7c2b2e6a28f8f266e075d92e19c0dd4c6e56 • CWE-909: Missing Initialization of Resource •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2010-4080 – kernel: drivers/sound/pci/rme9652/hdsp.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-4080
30 Nov 2010 — The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call. La función snd_hdsp_hwdep_ioctl en sound/pci/rme9652/hdsp.c en el kernel de Linux anterior a v2.6.36-rc6 no inicializa una determinada estructura, lo que permite a usuarios locales obtener información sensible de la pila de l... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e68d3b316ab7b02a074edc4f770e6a746390cb7d • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2010-4078
https://notcve.org/view.php?id=CVE-2010-4078
29 Nov 2010 — The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call. La función sisfb_ioctl de drivers/video/sis/sis_main.c del kernel de Linux en versiones anteriores a la 2.6.36-rc6 no inicializa apropiadamente un miembro de una determinada estructura, lo que permite a usuarios locales obtener info... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fd02db9de73faebc51240619c7c7f99bee9f65c7 • CWE-909: Missing Initialization of Resource •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 2CVE-2010-4073 – Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-4073
29 Nov 2010 — The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c. El subsistema ipc del kernel de Linux en versiones anteriores a la 2.6.37-rc1 no inicializa determinad... • https://www.exploit-db.com/exploits/17787 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2010-4072 – kernel: ipc/shm.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-4072
29 Nov 2010 — The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface." La función copy_shmid_to_user de ipc/shm.c del kernel de Linux en versiones anteriores a la 2.6.37-rc1 no inicializa una determinada estructura, lo que permite a usuarios locales obtener información potencialmente confi... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=3af54c9bd9e6f14f896aac1bb0e8405ae0bc7a44 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.9EPSS: 0%CPEs: 21EXPL: 0CVE-2010-3442 – kernel: prevent heap corruption in snd_ctl_new()
https://notcve.org/view.php?id=CVE-2010-3442
04 Oct 2010 — Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call. Múltiples desbordamientos de entero en la función snd_ctl_new de sound/core/control.c en el kernel de Linux en versiones anteriores a la 2.6.36-rc5-next-20100929. Permiten a us... • http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git%3Ba=commit%3Bh=5591bf07225523600450edd9e6ad258bb877b779 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.6EPSS: 0%CPEs: 23EXPL: 4CVE-2010-3437 – Linux Kernel < 2.6.36-rc6 (RedHat / Ubuntu 10.04) - 'pktcdvd' Kernel Memory Disclosure
https://notcve.org/view.php?id=CVE-2010-3437
04 Oct 2010 — Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call. Error de presencia de signo en entero en la función pkt_find_dev_from_minor de drivers/block/pktcdvd.c del kernl de Linux en versiones anteriores a la 2.6.36-rc6 permite a u... • https://www.exploit-db.com/exploits/15150 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2010-3067 – kernel: do_io_submit() infoleak
https://notcve.org/view.php?id=CVE-2010-3067
21 Sep 2010 — Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. Vulnerabilidad de desbordamiento de entero en la función do_io_submit en fs/aio.c del kernel Linux anterior a v2.6.36-rc4-next-20100915, permite a usuarios locales provocar una denegación de servicio o posiblemente tenga otro impacto sin especificar a través del uso... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=75e1c70fc31490ef8a373ea2a4bea2524099b478 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2010-2226 – kernel: xfs swapext ioctl minor security issue
https://notcve.org/view.php?id=CVE-2010-2226
03 Sep 2010 — The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file. La función xfs_swapext en fs/xfs/xfs_dfrag.c en el kernel de Linux kernel anterior v2.6.35 no chequea adecuadamente los descriptores de archivo en SWAPEXT ioctl, lo que permiete a usuarios locales aprovechar el acceso de escritura y obtener acc... • http://archives.free.net.ph/message/20100616.130710.301704aa.en.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •