CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2012-0044 – kernel: drm: integer overflow in drm_mode_dirtyfb_ioctl()
https://notcve.org/view.php?id=CVE-2012-0044
17 May 2012 — Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted ioctl call. Un desbordamiento de entero en la función de drm_mode_dirtyfb_ioctl en drivers/gpu/drm/ drm_crtc.c en el subsistema "Direct Rendering Manager" (DRM) en el kernel de Linux en versiones anteriores a la v3.1.5 permite a usuarios locale... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a5cd335165e31db9dbab636fd29895d41da55dd2 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 3CVE-2012-1146
https://notcve.org/view.php?id=CVE-2012-1146
17 May 2012 — The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events. La función mem_cgroup_usage_unregister_event en mm/memcontrol.c en el núcleo de Linux anteriores a v3.2.10 no maneja apropiadamente múltiples eventos qu... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=371528caec553785c37f73fa3926ea0de84f986f • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-4621 – kernel: tight loop and no preemption can cause system stall
https://notcve.org/view.php?id=CVE-2011-4621
17 May 2012 — The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes code in a loop. El kernel de Linux antes de v2.6.37 no aplica la optimización de una actualización de reloj, lo que permite a usuarios locales provocar una denegación de servicio (bloqueo del sistema) a través de una aplicación que ejecuta código en un bucle. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2011-4326 – kernel: wrong headroom check in udp6_ufo_fragment()
https://notcve.org/view.php?id=CVE-2011-4326
17 May 2012 — The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial of service (system crash) by sending fragmented IPv6 UDP packets to a bridge device. La función udp6_ufo_fragment en net/ipv6/udp.c en el kernel de Linux antes de v2.6.39, cuando la opción de "UDP Fragmentation Offload" (UFO) está activada, permite a atacantes remotos causar una denegación de servicio (caída del... • http://downloads.avaya.com/css/P8/documents/100156038 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-2121 – kvm: device assignment page leak
https://notcve.org/view.php?id=CVE-2012-2121
17 May 2012 — The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices. La implementación de KVM en el kernel de Linux en versiones anteriores a la v3.3.4 no gestiona correctamente la relación entre las ranuras de memoria y el IOMMU, lo que permite cau... • http://rhn.redhat.com/errata/RHSA-2012-0676.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 1CVE-2011-4112
https://notcve.org/view.php?id=CVE-2011-4112
17 May 2012 — The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_ADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen package in conjunction with a bridge device for a VLAN interface. El subsistema de red en el kernel de Linux antes de v3.1 no restringe adecuadamente el uso de la bandera IFF_TX_SKB_SHARING, lo que permite a usuarios locales causar un... • http://downloads.avaya.com/css/P8/documents/100156038 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-1601 – kernel: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency
https://notcve.org/view.php?id=CVE-2012-1601
17 May 2012 — The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists. La implementación KVM en el núcleo de Linux anterior a la versión V3.3.6 permite a los usuarios del sistema operativo causar una denegación de servicio (puntero NULL a referencia eliminada y caída del sistema operativo del host) al hacer una llamada ioctl KVM_CREATE_IRQCHIP sobre un... • http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2011-3637 – kernel: proc: fix oops on invalid /proc/<pid>/maps access
https://notcve.org/view.php?id=CVE-2011-3637
17 May 2012 — The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (OOPS) via vectors that trigger an m_start error. La función m_stop en fs/proc/task_mmu.c en el kernel de Linux antes de v2.6.39 permite a usuarios locales provocar una denegación de servicio a través de vectores que provocan un error m_start. • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-4611 – kernel: perf, powerpc: Handle events that raise an exception without overflowing
https://notcve.org/view.php?id=CVE-2011-4611
17 May 2012 — Integer overflow in the perf_event_interrupt function in arch/powerpc/kernel/perf_event.c in the Linux kernel before 2.6.39 on powerpc platforms allows local users to cause a denial of service (unhandled performance monitor exception) via vectors that trigger certain outcomes of performance events. Desbordamiento de entero en la función perf_event_interrupt en arch/powerpc/kernel/perf_event.c en el núcleo de Linux anteriores a v2.6.39 en plataformas powerpc que permite a usuarios locales causar una denegaci... • http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2012-1097 – kernel: regset: Prevent null pointer reference on readonly regsets
https://notcve.org/view.php?id=CVE-2012-1097
17 May 2012 — The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call. El funcionalidad regset (también conocido como conjunto de registros) en el kernel de Linux antes de v3.2.10 no controla correctamente la ausencia de métodos ."set" y ".get", lo que permite ... • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c8e252586f8d5de906385d8cf6385fee289a825e • CWE-476: NULL Pointer Dereference •