Page 4 of 81 results (0.020 seconds)

CVSS: 4.7EPSS: 0%CPEs: 339EXPL: 0

The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensitive information (kernel memory). La función processcompl_compat en drivers/usb/core/devio.c del kernel de linux v2.6.x a la v2.6.32, y posiblemente otras versiones, no limpia el búfer de transferencia antes de regresar al espacio de usuario cuando falla un comando USB, lo que podría facilitar a atacantes físicamente cercanos obtener información sensible (memoria del kernel). • http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html http://lkml.org/lkml/2010/3/30/759 http://lwn.net/Articles/375350 http://secunia.com/advisories/39742 http://secunia.com/advisories/39830 http://secunia.com/advisories/46397 http://support.avaya.com/css/P8/documents/100090459 http://support.avaya.com/css/P8/documents/100113326 http://www.debian.org/security/2010/dsa-2053 http://www.novell.com/linux/security/advisories/2010_23_kernel.html http • CWE-399: Resource Management Errors •

CVSS: 6.9EPSS: 0%CPEs: 252EXPL: 0

fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW. fs/namei.c en Linux kernel desde v2.6.18 hasta v2.6.34, no siempre sigue los enlaces simbólicos de automontado NFS, lo que permite a atacantes producir un impacto desconocido, relacionado con LOOKUP_FOLLOW. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=ac278a9c505092dd82077a2446af8f9fc0d9c095 http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html http://secunia.com/advisories/39742 http://secunia.com/advisories/39830 http://secunia.com/advisories/43315 http://www.debian.org/security/2010/dsa-2053 http://www.mandriva.com/security/advisories?name=MDVSA-2010:088 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 http://www.n •

CVSS: 7.8EPSS: 5%CPEs: 287EXPL: 2

The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via unknown vectors. La función ip6_dst_lookup_tail en net/ipv6/ip6_output.c en el kernel de linux anterior a v2.6.27 no maneja adecuadamente bajo determinadas circunstancias que involucran a la interfaz de red IPv6 TUN y un gran número de vecinos, lo que permite a atacantes remotos provocar una denegación de servicio (deferencia a puntero nulo y OOPS) o posiblemente tener un impacto desconocido a través de vectores desconocidos. • https://www.exploit-db.com/exploits/33635 http://bugzilla.kernel.org/show_bug.cgi?id=11469 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e550dfb0c2c31b6363aa463a035fc9f8dcaa3c9b http://secunia.com/advisories/39033 http://secunia.com/advisories/43315 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27 http://www.openwall.com/lists/oss-security/2010/02/11/1 http://www.openwall.com/lists/oss-security/2010/03/04/4 http:/&#x • CWE-476: NULL Pointer Dereference •

CVSS: 4.7EPSS: 0%CPEs: 338EXPL: 0

drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field. drivers/firewire/ohci.c en el kernel de Linux anterior a v2.6.32-git9, cuando se usa el modo packet-per-buffer, permite a usuarios locales provocar una denegación de servicio (deferencia a puntero NULL y caída del sistema) o posiblemente otro impacto desconocido a través de un ioctl sin especificar asociado a cuando se recibe un paquete ISO que contiene Zero en el campo payload-length. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8c0c0cc2d9f4c523fde04bdfe41e4380dec8ee54 http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html http://patchwork.kernel.org/patch/66747 http://secunia.com/advisories/38017 http://secunia.com/advisories/38276 http://support.avaya.com/css/P8/documents/ • CWE-399: Resource Management Errors •

CVSS: 4.9EPSS: 0%CPEs: 340EXPL: 0

Unspecified vulnerability in the EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel 2.6.32-git6 and earlier allows local users to cause a denial of service (filesystem corruption) via unknown vectors, a different vulnerability than CVE-2009-4131. Vulnerabilidad sin especificar en la implementación EXT4_IOC_MOVE_EXT (también conocido como "move extents") ioctl en el sistema de ficheros ext4 en el kernel de Linux v2.6.32-git6 y anteriores permite a usuarios locales producir una denegación de servicio (corrupción del sistema de ficheros) a través de vectores desconocidos, una vulnerabilidad diferente que CVE-2009-4131. • http://grsecurity.org/test/grsecurity-2.1.14-2.6.32-200912112157.patch http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html http://secunia.com/advisories/38017 http://twitter.com/fotisl/statuses/6568947714 http://twitter.com/spendergrsec/statuses/6551797457 http://twitter.com/spendergrsec/statuses/6567167692 http://twitter.com/spendergrsec/statuses/6569596339 http://twitter.com/spendergrsec/statuses/6572069107 http://twitter.com/spendergrsec/statuses/6583954567 http://twitter.com& •