CVSS: 5.5EPSS: 1%CPEs: 1EXPL: 0CVE-2007-4133 – prio_tree unit kernel panic
https://notcve.org/view.php?id=CVE-2007-4133
04 Oct 2007 — The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE units, which allows local users to cause a denial of service (panic) via unspecified vectors. Las funciones (1) hugetlb_vmtruncate_list y (2) hugetlb_vmtruncate en fs/hugetlbfs/inode.c del núcleo de Linux anterior a 2.6.19-rc4 realiza determinados cálculos prio_tree usando unidades HPAGE_SIZE en lugar d... • http://secunia.com/advisories/26994 •
CVSS: 6.2EPSS: 0%CPEs: 191EXPL: 0CVE-2007-5093 – kernel PWC driver DoS
https://notcve.org/view.php?id=CVE-2007-5093
26 Sep 2007 — The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device. El método disconnect en el controlador Philips USB Webcam (pwc) e... • http://marc.info/?l=linux-kernel&m=118873457814808&w=2 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2007-4571 – Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure
https://notcve.org/view.php?id=CVE-2007-4571
26 Sep 2007 — The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memory contents) via a small count argument, as demonstrated by multiple reads of /proc/driver/snd-page-alloc. La función snd_mem_proc_read en sound/core/memalloc.c de Advanced Linux Sound Architecture (ALSA) en el núcleo de Linux anterior a 2.6.22.8 no devuelve el t... • https://www.exploit-db.com/exploits/30605 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5087
https://notcve.org/view.php?id=CVE-2007-5087
26 Sep 2007 — The ATM module in the Linux kernel before 2.4.35.3, when CLIP support is enabled, allows local users to cause a denial of service (kernel panic) by reading /proc/net/atm/arp before the CLIP module has been loaded. El módulo ATM en el núcleo Linux anterior a 2.4.35.3, cuando el soporte de CLIP está habilitado, permite a usuarios locales provocar una denegación de servicio (kernel panic) leyendo /proc/net/atm/arp antes de que el módulo CLIP se haya cargado. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.35.y.git%3Ba=commitdiff%3Bh=b7ae15e7707050baafe5a35e3d4f2d175197d222 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2CVE-2007-4573 – Linux Kernel 2.6.x - Ptrace Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-4573
24 Sep 2007 — The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register. La funcionalidad de emulación de llamada del sistema IA32 en Linux kernel 2.4.x y 2.6.x versiones anteriores a 2.6.22.7, cuando se ejecuta en arquitecturas ... • https://www.exploit-db.com/exploits/30604 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.9EPSS: 0%CPEs: 13EXPL: 0CVE-2007-0997
https://notcve.org/view.php?id=CVE-2007-0997
18 Sep 2007 — Race condition in the tee (sys_tee) system call in the Linux kernel 2.6.17 through 2.6.17.6 might allow local users to cause a denial of service (system crash), obtain sensitive information (kernel memory contents), or gain privileges via unspecified vectors related to a potentially dropped ipipe lock during a race between two pipe readers. Condición de carrera en el sistema de llamada tee (sys_tee) en el Linux kernel 2.6.17 hasta la 2.6.17.6 podría permitir a usuarios locales provocar denegación de servici... • http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.18 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 5%CPEs: 2EXPL: 1CVE-2007-3731 – NULL pointer dereference triggered by ptrace
https://notcve.org/view.php?id=CVE-2007-3731
17 Sep 2007 — The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in %cs (the xcs field) during ptrace single-step operations, which allows local users to cause a denial of service (NULL dereference and OOPS) via certain code that makes ptrace PTRACE_SETREGS and PTRACE_SINGLESTEP requests, related to the TRACE_IRQS_ON function, and possibly related to the arch_ptrace function. El kernel de Linux 2.6.20 y 2.6.21 no maneja de forma adecuada un segmento de selección LDT no válido en %... • http://bugzilla.kernel.org/show_bug.cgi?id=8765 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2007-3740 – CIFS should honor umask
https://notcve.org/view.php?id=CVE-2007-3740
14 Sep 2007 — The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges. El sistema de archivos CIFS en kernel de Linux versiones anteriores a 2.6.22, cuando el soporte de extensión Unix está habilitado, no respeta la umask de un proceso, lo que permite a usuarios locales alcanzar privilegios. • http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3848 – Privilege escalation via PR_SET_PDEATHSIG
https://notcve.org/view.php?id=CVE-2007-3848
14 Aug 2007 — Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal (PR_SET_PDEATHSIG). El núcleo Linux 2.4.35 y otras versiones permite a usuarios locales enviar señales de su elección a un proceso hijo que está ejecutándose con privilegios mayores provocando que un proceso padre con setuid-root muera, lo cual envía desde u... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-3848 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-4308 – kernel: Missing ioctl() permission checks in aacraid driver
https://notcve.org/view.php?id=CVE-2007-4308
13 Aug 2007 — The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges. Las funciones (1) aac_cfg_open y (2) aac_compat_ioctl en la ruta ioctl de la capa SCSI en el núcleo de Linux anterior a 2.6.23-rc2 no comprueba los permisos para ioctls, lo cual podría permitir a usuarios locales provocar una denegación de servicio u obtener pri... • http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.23-rc2 •