CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-2480
https://notcve.org/view.php?id=CVE-2007-2480
03 May 2007 — The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel 2.6.21 and earlier does not prevent a bind to a port with a local address when there is already a bind to that port with a wildcard local address, which might allow local users to intercept local traffic for daemons or other applications. La función _udp_lib_get_port de _udp_lib_get_port en Linux kernel 2.6.21 y versiones anteriores no previene una asociación a un puerto con una dirección local cuando ya existe una asociación a ese puerto con ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=de34ed91c4ffa4727964a832c46e624dd1495cf5 •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2007-0771 – Tracing execution of a threaded executable causes kernel BUG report
https://notcve.org/view.php?id=CVE-2007-0771
02 May 2007 — The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to "MT exec + utrace_attach spin failure mode," as demonstrated by ptrace-thrash.c. El soporte utrace en el kernel de Linux versión 2.6.18 y otras versiones, permite a usuarios locales causar una denegación de servicio (bloqueo de sistema) relacionado con el "MT exec + utrace_attach spin failure mode," como es demostrado por el archivo ptrace-thrash.c. • http://osvdb.org/35927 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-1353 – Bluetooth setsockopt() information leaks
https://notcve.org/view.php?id=CVE-2007-1353
24 Apr 2007 — The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copy_from_user function accessing an uninitialized stack buffer. La función setsockopt en el soporte Bluetooth L2CAP y HCI en el núcleo de Linux anterior a 2.4.34.3 permite a atacantes remotos dependientes de contexto leer la memoria del núcleo y obtener información sensible mediante ... • http://rhn.redhat.com/errata/RHSA-2007-0488.html •
CVSS: 9.8EPSS: 0%CPEs: 19EXPL: 0CVE-2007-2172 – fib_semantics.c out of bounds access vulnerability
https://notcve.org/view.php?id=CVE-2007-2172
22 Apr 2007 — A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions. Un error tipográfico en el Kernel de Linux versión 2.6 anterior a 2.6.21-rc6 y versión 2.4 anterior a 2.4.35 hace que RTA_MAX se utilice como un tamaño de matriz en lugar de RTN_MAX, lo que conlleva a un "out of bound access" mediante las funcion... • http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.21-rc6 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 18%CPEs: 1EXPL: 1CVE-2007-1357 – Linux Kernel 2.6.x - AppleTalk ATalk_Sum_SKB Function Denial of Service
https://notcve.org/view.php?id=CVE-2007-1357
11 Apr 2007 — The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of service (crash) via an AppleTalk frame that is shorter than the specified length, which triggers a BUG_ON call when an attempt is made to perform a checksum. La función atalk_sum_skb en AppleTalk para Linux kernel 2.6.x anterior a 2.6.21, y posiblemente 2.4.x, permite a atacantes remotos provocar denegación de servicio (caida) a través de la ventana AppleTalk que es ... • https://www.exploit-db.com/exploits/29826 •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 2CVE-2007-1734 – Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure
https://notcve.org/view.php?id=CVE-2007-1734
28 Mar 2007 — The DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later does not verify the upper bounds of the optlen value, which allows local users running on certain architectures to read kernel memory or cause a denial of service (oops), a related issue to CVE-2007-1730. La ayuda DCCP en la función do_dccp_getsockopt en net/dccp/proto.c en Linux kernel 2.6.20 y posteriores no verifica los limites superiores en el valor optlenm, lo cual permite a usuarios locales funcion... • https://www.exploit-db.com/exploits/3595 •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 2CVE-2007-1730 – Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure
https://notcve.org/view.php?id=CVE-2007-1730
28 Mar 2007 — Integer signedness error in the DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later allows local users to read kernel memory or cause a denial of service (oops) via a negative optlen value. Un error en la presencia de signo en un entero en el soporte DCCP de la función do_dccp_getsockopt del net/dccp/proto.c en el kernel del Linux 2.6.20 y versiones posteriores permite a usuarios locales leer la memoria del kernel y provocar una denegación de servicio (oops) ... • https://www.exploit-db.com/exploits/3595 •
CVSS: 5.5EPSS: 0%CPEs: 238EXPL: 0CVE-2007-1592 – IPv6 oops triggerable by any user
https://notcve.org/view.php?id=CVE-2007-1592
22 Mar 2007 — net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket. El archivo net/ipv6/tcp_ipv6.c en el kernel de Linux versiones 2.6.x hasta 2.6.21-rc3, copia inadvertidamente el ipv6_fl_socklist desde un socket TCP de escucha hacia sockets de un proceso hijo, lo ... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-1496 – Various NULL pointer dereferences in netfilter code
https://notcve.org/view.php?id=CVE-2007-1496
16 Mar 2007 — nfnetlink_log in netfilter in the Linux kernel before 2.6.20.3 allows attackers to cause a denial of service (crash) via unspecified vectors involving the (1) nfulnl_recv_config function, (2) using "multiple packets per netlink message", and (3) bridged packets, which trigger a NULL pointer dereference. nfnetlink_log en netfilter de the Linux kernel versiones anteriores a 2.6.20.3 permite a atacantes provocar una denegación de servicio (caída) mediante vectores sin especificar involucrando (1) la función nf... • http://secunia.com/advisories/24492 •
CVSS: 9.8EPSS: 12%CPEs: 1EXPL: 0CVE-2007-1497 – IPv6 fragments bypass in nf_conntrack netfilter code
https://notcve.org/view.php?id=CVE-2007-1497
16 Mar 2007 — nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments. nf_conntrack en netfilter en el kernel de Linux anterior a 2.6.20.3 no fija nfctinfo durante el nuevo re-ensamble de paquetes fragmentados, lo cual deja el valor por defecto como IP_CT_ESTABLISHED y permitiría a atacantes remotos evitar ciertas reglas d... • http://secunia.com/advisories/24492 •