CVSS: 1.2EPSS: 0%CPEs: 22EXPL: 1CVE-2012-2313 – kernel: unfiltered netdev rio_ioctl access by users
https://notcve.org/view.php?id=CVE-2012-2313
The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call. La función rio_ioctl de drivers/net/ethernet/dlink/dl2k.c del kernel de Linux en versiones anteriores a la 3.3.7 no restringe el acceso al comando SIOCSMIIREG, lo que permite a usuarios locales escribir datos a un adaptador Ethernet a través de una llamada ioctl. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1bb57e940e1958e40d51f2078f50c3a96a9b2d75 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://marc.info/?l=bugtraq&m=139447903326211&w=2 http://rhn.redhat.com/errata/RHSA-2012-1174.html http://rhn.redhat.com/errata/RHSA-2012-1481.html http://rhn.redhat.com/errata/RHSA-2012-1541.html http://rhn.redhat.com/errata/RHSA-2012-1589.html http://www.kernel.org/pub/linux/ke • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 83%CPEs: 11EXPL: 1CVE-2011-3026 – libpng: Heap buffer overflow in png_decompress_chunk (MFSA 2012-11)
https://notcve.org/view.php?id=CVE-2011-3026
Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. Desbordamiento de entero en libpng, tal como se utiliza en Google Chrome antes de v17.0.963.56, permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que provocan el truncado de enteros. • http://code.google.com/p/chromium/issues/detail?id=112822 http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00023.html http://secunia.com/advisories/48016 http://secunia.com/advisories/48110& • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 6.4EPSS: 1%CPEs: 18EXPL: 1CVE-2011-4914
https://notcve.org/view.php?id=CVE-2011-4914
The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via crafted data to a ROSE socket. La implementación del protocolo ROSE en el kernel de Linux anteriores a v2.6.39 no verifica que algunos valores de la longitud de datos son consistentes con la cantidad de datos enviada, lo que podría permitir a atacantes remotos a obtener información sensible de la memoria del kernel o provocar una denegación de servicio (lectura fuera de los límites) a través de una cadena de datos manipulada sobre un socket ROSE. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e0bccd315db0c2f919e7fcf9cb60db21d9986f52 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://www.openwall.com/lists/oss-security/2011/12/28/2 https://bugzilla.redhat.com/show_bug.cgi?id=770777 https://github.com/torvalds/linux/commit/e0bccd315db0c2f919e7fcf9cb60db21d9986f52 • CWE-20: Improper Input Validation •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 1CVE-2011-1585 – kernel: cifs session reuse
https://notcve.org/view.php?id=CVE-2011-1585
The cifs_find_smb_ses function in fs/cifs/connect.c in the Linux kernel before 2.6.36 does not properly determine the associations between users and sessions, which allows local users to bypass CIFS share authentication by leveraging a mount of a share by a different user. La función cifs_find_smb_ses en fs/cifs/connect.c en el Linux kernel anterior a v2.6.36 no determina correctamente las asociaciones entre usuarios y sesiones, lo que permite a usuarios locales eludir la autenticación CIFS mediante el aprovechamiento de un punto de montaje compartido por un usuario diferente. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ff67b720c02c36e54d55b88c2931879b7db1cd2 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://www.openwall.com/lists/oss-security/2011/04/15/8 https://bugzilla.redhat.com/show_bug.cgi?id=697394 https://github.com/torvalds/linux/commit/4ff67b720c02c36e54d55b88c2931879b7db1cd2 https://access.redhat.com/security/cve/CVE-2011-1 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 2.1EPSS: 0%CPEs: 6EXPL: 0CVE-2010-3881 – kvm: arch/x86/kvm/x86.c: reading uninitialized stack memory
https://notcve.org/view.php?id=CVE-2010-3881
arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device. arch/x86/kvm/x86.c en el kernel de Linux v2.6.36.2 no inicializa ciertos miembros de estructura, lo que permite a usuarios locales obtener información potencialmente sensible del la pila de la pila de memoria del kernel a través de operaciones de lectura en el dispositivo /dev/kvm device. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=97e69aa62f8b5d338d6cff49be09e37cc1262838 http://git.kernel.org/?p=virt/kvm/kvm.git%3Ba=commit%3Bh=831d9d02f9522e739825a51a11e3bc5aa531a905 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html http://openwall.com/lists/oss-security/2010/11/04/10 http://openwall.com/lists/oss-security/2010/11/05/4 http://rhn.redhat.com& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •