CVSS: 7.8EPSS: 0%CPEs: 410EXPL: 0CVE-2009-3624
https://notcve.org/view.php?id=CVE-2009-3624
02 Nov 2009 — The get_instantiation_keyring function in security/keys/keyctl.c in the KEYS subsystem in the Linux kernel before 2.6.32-rc5 does not properly maintain the reference count of a keyring, which allows local users to gain privileges or cause a denial of service (OOPS) via vectors involving calls to this function without specifying a keyring by ID, as demonstrated by a series of keyctl request2 and keyctl list commands. La función get_instantiation_keyring de security/keys/keyctl.c en el subsistema KEYS del ker... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=21279cfa107af07ef985539ac0de2152b9cba5f5 • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 1%CPEs: 317EXPL: 0CVE-2009-3623
https://notcve.org/view.php?id=CVE-2009-3623
30 Oct 2009 — The lookup_cb_cred function in fs/nfsd/nfs4callback.c in the nfsd4 subsystem in the Linux kernel before 2.6.31.2 attempts to access a credentials cache even when a client specifies the AUTH_NULL authentication flavor, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an NFSv4 mount request. La función lookup_cb_cred en fs/nfsd/nfs4callback.c en el subsistema nfsd4 en el kernel de Linux en versiones anteriores v2.6.31.2 intenta acceder a la cache de cr... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=80fc015bdfe1f5b870c1e1ee02d78e709523fee7 • CWE-287: Improper Authentication •
CVSS: 7.1EPSS: 2%CPEs: 316EXPL: 0CVE-2009-3722 – KVM: Check cpl before emulating debug register access
https://notcve.org/view.php?id=CVE-2009-3722
30 Oct 2009 — The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via a crafted application. La función handle_dr en arch/x86/kvm/vmx.c en el subsistema KVM en el kernel de Linux en versiones anteriores a v2.6.31.1 no comprueba adecuadamente el Current Privilege Level (CPL, Nivel de Privilegios Actual)... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0a79b009525b160081d75cef5dbf45817956acf2 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 319EXPL: 3CVE-2009-3638
https://notcve.org/view.php?id=CVE-2009-3638
29 Oct 2009 — Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.31.4 allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function. Desbordamiento de entero en la función kvm_dev_ioctl_get_supported_cpuid en arch/x86/kvm/x86.c en el subsistema KVM en el kernel de Linux anteriores a v2.6.31.4 permite a usuarios locales conseguir un impacto desconocido a través de una petici... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6a54435560efdab1a08f429a954df4d6c740bddf • CWE-189: Numeric Errors •
CVSS: 7.1EPSS: 0%CPEs: 337EXPL: 0CVE-2009-3640
https://notcve.org/view.php?id=CVE-2009-3640
29 Oct 2009 — The update_cr8_intercept function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.32-rc1 does not properly handle the absence of an Advanced Programmable Interrupt Controller (APIC), which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via a call to the kvm_vcpu_ioctl function. La función update_cr8_intercept en arch/x86/kvm/x86.c en el subsistema KVM en el kernel de Linux anteriores v2.6.32-rc1 no gestiona ad... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=88c808fd42b53a7e01a2ac3253ef31fef74cb5af • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 337EXPL: 0CVE-2009-2909
https://notcve.org/view.php?id=CVE-2009-2909
20 Oct 2009 — Integer signedness error in the ax25_setsockopt function in net/ax25/af_ax25.c in the ax25 subsystem in the Linux kernel before 2.6.31.2 allows local users to cause a denial of service (OOPS) via a crafted optlen value in an SO_BINDTODEVICE operation. Error de presencia de signo entero en la función ax25_setsockopt en net/ax25/af_ax25.c en el subsistema ax25 en el kernel de Linux anteriores a 2.6.31.2 permite a usuarios locales producir una denegación de servicio (OOPS) a través de un valor "optlen" manipul... • http://article.gmane.org/gmane.linux.kernel/896907 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 5%CPEs: 306EXPL: 4CVE-2009-3613 – Linux Kernel 2.6.x - '/drivers/net/r8169.c' Out-of-IOMMU Error Local Denial of Service
https://notcve.org/view.php?id=CVE-2009-3613
19 Oct 2009 — The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service (IOMMU space exhaustion and system crash) by using jumbo frames for a large amount of network traffic, as demonstrated by a flood ping. La funcionalidad swiotlb en el controlador r8169 en drivers/net/r8169.c en el núcleo de Linux anterior a v2.6.27.22 permite a atacantes remotos provocar una denegación de servicio (agotamiento de espacio en la Unidad ... • https://www.exploit-db.com/exploits/33289 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 316EXPL: 4CVE-2009-3043 – Linux Kernel 2.6.x - 'drivers/char/tty_ldisc.c' Null Pointer Dereference Denial of Service
https://notcve.org/view.php?id=CVE-2009-3043
02 Sep 2009 — The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux kernel 2.6.31-rc before 2.6.31-rc8 allows local users to cause a denial of service (system crash, sometimes preceded by a NULL pointer dereference) or possibly gain privileges via certain pseudo-terminal I/O activity, as demonstrated by KernelTtyTest.c. La función tty_ldisc_hangup en el archivo drivers/char/tty_ldisc.c en el kernel de Linux versiones 2.6.31-rc anteriores a 2.6.31-rc8, permite a los usuarios locales causar una denegación ... • https://www.exploit-db.com/exploits/33193 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 315EXPL: 1CVE-2009-2695 – kernel: SELinux and mmap_min_addr
https://notcve.org/view.php?id=CVE-2009-2695
28 Aug 2009 — The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that target page zero and other low memory addresses, which allows local users to gain privileges by exploiting NULL pointer dereference vulnerabilities, related to (1) the default configuration of the allow_unconfined_mmap_low boolean in SELinux on Red Hat Enterprise Linux (RHEL) 5, (2) an error that causes allow_unconfined_mmap_low to be ignored in the unconfined_t domain, (3) lack of a requirement for the CAP_SYS_RAWIO capabilit... • http://danwalsh.livejournal.com/30084.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 80EXPL: 2CVE-2009-2847 – Linux Kernel 2.6.31-rc5 - sigaltstack 4-Byte Stack Disclosure
https://notcve.org/view.php?id=CVE-2009-2847
18 Aug 2009 — The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function. La función do_sigaltstack en kernel/signal.c en el kernel de Linux 2.6 antes de 2.6.31-RC5, cuando se ejecuta en sistemas de 64 bits, no limpia algunos octetos de relleno de una estructura, lo que permite a ... • https://www.exploit-db.com/exploits/9352 •